RubyGems version 2.6.12 and earlier fails to validate specification names, potentially allowing file overwrite
Reporter | Title | Published | Views | Family All 96 |
---|---|---|---|---|
![]() | CVE-2017-0901 | 31 Aug 201720:00 | – | cvelist |
![]() | RubyGems may allow a maliciously crafted gem to overwrite files | 13 May 202201:38 | – | github |
![]() | CVE-2017-0901 | 31 Aug 201720:29 | – | nvd |
![]() | Design/Logic Flaw | 31 Aug 201720:29 | – | prion |
![]() | CVE-2017-0901 | 11 Oct 201916:47 | – | redhatcve |
![]() | RubyGems: Installing a crafted gem package may create or overwrite files | 26 Jun 201709:14 | – | hackerone |
![]() | RubyGems < 2.6.13 - Arbitrary File Overwrite Exploit | 4 Sep 201700:00 | – | zdt |
![]() | CVE-2017-0901 | 31 Aug 201720:29 | – | debiancve |
![]() | CVE-2017-0901 | 31 Aug 201720:29 | – | osv |
![]() | RubyGems may allow a maliciously crafted gem to overwrite files | 13 May 202201:38 | – | osv |
[
{
"product": "RubyGems",
"vendor": "HackerOne",
"versions": [
{
"status": "affected",
"version": "Versions before 2.6.13"
}
]
}
]
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo