8.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
7.8 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
0.011 Low
EPSS
Percentile
83.9%
Severity: Medium
Date : 2019-10-02
CVE-ID : CVE-2019-15845 CVE-2019-16201 CVE-2019-16254 CVE-2019-16255
Package : ruby
Type : multiple issues
Remote : Yes
Link : https://security.archlinux.org/AVG-1039
The package ruby before version 2.6.5-1 is vulnerable to multiple
issues including arbitrary code execution, content spoofing, denial of
service and insufficient validation.
Upgrade to 2.6.5-1.
The problems have been fixed upstream in version 2.6.5.
None.
It has been discovered that Ruby before 2.4.8, 2.5.7 and 2.6.5 is
vulnerable to NUL injection in built-in methods (File.fnmatch and
File.fnmatch?). An attacker who has the control of the path pattern
parameter could exploit this vulnerability to make path matching pass
despite the intention of the program author.
The Built-in methods File.fnmatch and its alias File.fnmatch? accept
the path pattern as their first parameter. When the pattern contains
NUL character (\0), the methods recognize that the path pattern ends
immediately before the NUL byte. Therefore, a script that uses an
external input as the pattern argument, an attacker can make it wrongly
match a pathname that is the second parameter.
It has been discovered that Ruby before 2.4.8, 2.5.7 and 2.6.5 is
vulnerable to denial of service via regular expressions in WEBrick’s
Digest access authentication module. An attacker can exploit this
vulnerability to cause an effective denial of service against a WEBrick
service.
It has been discovered that Ruby before 2.4.8, 2.5.7 and 2.6.5 is
vulnerable to HTTP response splitting in WEBrick bundled with Ruby. If
a program using WEBrick inserts untrusted input into the response
header, an attacker can exploit it to insert a newline character to
split a header, and inject malicious content to deceive clients.
This is the same issue as CVE-2017-17742. The previous fix was
incomplete, which addressed the CRLF vector, but did not address an
isolated CR or an isolated LF.
It has been discovered that Ruby before 2.4.8, 2.5.7 and 2.6.5 is
vulnerable to code injection. Shell#[] and its alias Shell#test defined
in lib/shell.rb allow code injection if the first argument (aka the
“command” argument) is untrusted data. An attacker can exploit this to
call an arbitrary Ruby method.
A remote attacker is able to bypass path restrictions, perform a denial
of service attack, inject malicious content or call an arbitrary Ruby
method under certain circumstances.
https://bugs.archlinux.org/task/63977
https://www.ruby-lang.org/en/news/2019/10/01/ruby-2-6-5-released/
https://www.ruby-lang.org/en/news/2019/10/01/nul-injection-file-fnmatch-cve-2019-15845/
https://www.ruby-lang.org/en/news/2019/10/01/webrick-regexp-digestauth-dos-cve-2019-16201/
https://www.ruby-lang.org/en/news/2019/10/01/http-response-splitting-in-webrick-cve-2019-16254/
https://www.ruby-lang.org/en/news/2019/10/01/code-injection-shell-test-cve-2019-16255/
https://security.archlinux.org/CVE-2019-15845
https://security.archlinux.org/CVE-2019-16201
https://security.archlinux.org/CVE-2019-16254
https://security.archlinux.org/CVE-2019-16255
bugs.archlinux.org/task/63977
security.archlinux.org/AVG-1039
security.archlinux.org/CVE-2019-15845
security.archlinux.org/CVE-2019-16201
security.archlinux.org/CVE-2019-16254
security.archlinux.org/CVE-2019-16255
www.ruby-lang.org/en/news/2019/10/01/code-injection-shell-test-cve-2019-16255/
www.ruby-lang.org/en/news/2019/10/01/http-response-splitting-in-webrick-cve-2019-16254/
www.ruby-lang.org/en/news/2019/10/01/nul-injection-file-fnmatch-cve-2019-15845/
www.ruby-lang.org/en/news/2019/10/01/ruby-2-6-5-released/
www.ruby-lang.org/en/news/2019/10/01/webrick-regexp-digestauth-dos-cve-2019-16201/
8.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
7.8 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
0.011 Low
EPSS
Percentile
83.9%