Ruby vulnerabilities CVE-2019-8322 CVE-2019-8323 CVE-2019-8324 CVE-2019-8325

2022-10-20T12:02:00

Description

* [CVE-2019-8322](<https://vulners.com/cve/CVE-2019-8322>) An issue was discovered in RubyGems 2.6 and later through 3.0.2. The gem owner command outputs the contents of the API response directly to stdout. Therefore, if the response is crafted, escape sequence injection may occur. * [CVE-2019-8323](<https://vulners.com/cve/CVE-2019-8323>) An issue was discovered in RubyGems 2.6 and later through 3.0.2. Gem::GemcutterUtilities#with_response may output the API response to stdout as it is. Therefore, if the API side modifies the response, escape sequence injection may occur. * [CVE-2019-8324](<https://vulners.com/cve/CVE-2019-8324>) An issue was discovered in RubyGems 2.6 and later through 3.0.2. A crafted gem with a multi-line name is not handled correctly. Therefore, an attacker could inject arbitrary code to the stub line of gemspec, which is eval-ed by code in ensure_loadable_spec during the preinstall check. * [CVE-2019-8325](<https://vulners.com/cve/CVE-2019-8325>) An issue was discovered in RubyGems 2.6 and later through 3.0.2. Since Gem::CommandManager#run calls alert_error without escaping, escape sequence injection is possible. (There are many ways to cause an error.) Impact There is no impact; F5 products are not affected by this vulnerability.

{"id": "F5:K81674333", "vendorId": null, "type": "f5", "bulletinFamily": "software", "title": "Ruby vulnerabilities CVE-2019-8322 CVE-2019-8323 CVE-2019-8324 CVE-2019-8325", "description": " * [CVE-2019-8322](<https://vulners.com/cve/CVE-2019-8322>)\n\nAn issue was discovered in RubyGems 2.6 and later through 3.0.2. The gem owner command outputs the contents of the API response directly to stdout. Therefore, if the response is crafted, escape sequence injection may occur.\n\n * [CVE-2019-8323](<https://vulners.com/cve/CVE-2019-8323>)\n\nAn issue was discovered in RubyGems 2.6 and later through 3.0.2. Gem::GemcutterUtilities#with_response may output the API response to stdout as it is. Therefore, if the API side modifies the response, escape sequence injection may occur.\n\n * [CVE-2019-8324](<https://vulners.com/cve/CVE-2019-8324>)\n\nAn issue was discovered in RubyGems 2.6 and later through 3.0.2. A crafted gem with a multi-line name is not handled correctly. Therefore, an attacker could inject arbitrary code to the stub line of gemspec, which is eval-ed by code in ensure_loadable_spec during the preinstall check.\n\n * [CVE-2019-8325](<https://vulners.com/cve/CVE-2019-8325>)\n\nAn issue was discovered in RubyGems 2.6 and later through 3.0.2. Since Gem::CommandManager#run calls alert_error without escaping, escape sequence injection is possible. (There are many ways to cause an error.)\n\nImpact\n\nThere is no impact; F5 products are not affected by this vulnerability.\n", "published": "2022-10-20T12:02:00", "modified": "2022-10-20T12:02:00", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "accessVector": "NETWORK", "accessComplexity": "MEDIUM", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "baseScore": 6.8}, "severity": "MEDIUM", "exploitabilityScore": 8.6, "impactScore": 6.4, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}, "cvss3": {"cvssV3": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH"}, "exploitabilityScore": 2.8, "impactScore": 5.9}, "href": "https://support.f5.com/csp/article/K81674333", "reporter": "f5", "references": [], "cvelist": ["CVE-2019-8322", "CVE-2019-8323", "CVE-2019-8324", "CVE-2019-8325"], "immutableFields": [], "lastseen": "2023-02-08T15:44:39", "viewCount": 14, "enchantments": {"score": {"value": 0.8, "vector": "NONE"}, "dependencies": {"references": [{"type": "almalinux", "idList": ["ALSA-2019:1972"]}, {"type": "amazon", "idList": ["ALAS-2019-1255", "ALAS2-2019-1249"]}, {"type": "attackerkb", "idList": ["AKB:B2EBBF0E-24E2-4432-8E53-7E8A540D8917"]}, {"type": "centos", "idList": ["CESA-2019:1235"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:1269D3F2131B2758F6111555E51EA48A"]}, {"type": "cve", "idList": ["CVE-2019-8322", "CVE-2019-8323", "CVE-2019-8324", "CVE-2019-8325"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1735-1:A1848", "DEBIAN:DLA-1735-1:BFB49", "DEBIAN:DLA-1796-1:396E7", "DEBIAN:DLA-1796-1:B8D0E", "DEBIAN:DLA-2330-1:B8DE4", "DEBIAN:DSA-4433-1:2DFCF"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2019-8322", "DEBIANCVE:CVE-2019-8323", "DEBIANCVE:CVE-2019-8324", "DEBIANCVE:CVE-2019-8325"]}, {"type": "fedora", "idList": ["FEDORA:1F47A611D253", "FEDORA:63D6A607603A"]}, {"type": "freebsd", "idList": ["27B12D04-4722-11E9-8B7C-B5E01141761F"]}, {"type": "github", "idList": ["GHSA-3H4R-PJV6-CPH9", "GHSA-4WM8-FJV7-J774", "GHSA-76WM-422Q-92MQ", "GHSA-MH37-8C3G-3FGC"]}, {"type": "ibm", "idList": ["E817E7CC83FE8715306D28C653DB646FDADE31AB5B2E6D0633EF4C1838CEC408"]}, {"type": "mageia", "idList": ["MGASA-2020-0243", "MGASA-2020-0440"]}, {"type": "nessus", "idList": ["AL2_ALAS-2019-1249.NASL", "ALA_ALAS-2019-1255.NASL", "CENTOS8_RHSA-2019-1972.NASL", "CENTOS_RHSA-2019-1235.NASL", "DEBIAN_DLA-1735.NASL", "DEBIAN_DLA-1796.NASL", "DEBIAN_DLA-2330.NASL", "DEBIAN_DSA-4433.NASL", "EULEROS_SA-2019-1597.NASL", "EULEROS_SA-2019-1617.NASL", "EULEROS_SA-2019-1718.NASL", "FEDORA_2019-A155364F3C.NASL", "FEDORA_2019-FEAC6674B7.NASL", "FREEBSD_PKG_27B12D04472211E98B7CB5E01141761F.NASL", "NEWSTART_CGSL_NS-SA-2019-0080_RUBY.NASL", "NEWSTART_CGSL_NS-SA-2019-0084_RUBY.NASL", "OPENSUSE-2019-1771.NASL", "ORACLELINUX_ELSA-2019-1235.NASL", "ORACLELINUX_ELSA-2019-1972.NASL", "REDHAT-RHSA-2019-1235.NASL", "REDHAT-RHSA-2019-1972.NASL", "REDHAT-RHSA-2020-2769.NASL", "SL_20190515_RUBY_ON_SL7_X.NASL", "SUSE_SU-2019-1804-1.NASL", "SUSE_SU-2020-1570-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310704433", "OPENVAS:1361412562310843974", "OPENVAS:1361412562310852623", "OPENVAS:1361412562310876000", "OPENVAS:1361412562310876346", "OPENVAS:1361412562310883057", "OPENVAS:1361412562310891735", "OPENVAS:1361412562310891796", "OPENVAS:1361412562311220191597", "OPENVAS:1361412562311220191617", "OPENVAS:1361412562311220191718"]}, {"type": "oraclelinux", "idList": ["ELSA-2019-1235", "ELSA-2019-1972", "ELSA-2019-2028"]}, {"type": "osv", "idList": ["OSV:DLA-1735-1", "OSV:DLA-1796-1", "OSV:DLA-2330-1", "OSV:DSA-4433-1", "OSV:GHSA-3H4R-PJV6-CPH9", "OSV:GHSA-4WM8-FJV7-J774", "OSV:GHSA-76WM-422Q-92MQ", "OSV:GHSA-MH37-8C3G-3FGC"]}, {"type": "redhat", "idList": ["RHSA-2019:1148", "RHSA-2019:1150", "RHSA-2019:1151", "RHSA-2019:1235", "RHSA-2019:1429", "RHSA-2019:1972", "RHSA-2020:2769"]}, {"type": "redhatcve", "idList": ["RH:CVE-2019-8322", "RH:CVE-2019-8323", "RH:CVE-2019-8324", "RH:CVE-2019-8325"]}, {"type": "rocky", "idList": ["RLBA-2019:3384", "RLSA-2019:1972"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2019:1771-1"]}, {"type": "ubuntu", "idList": ["USN-3945-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2019-8322", "UB:CVE-2019-8323", "UB:CVE-2019-8324", "UB:CVE-2019-8325"]}]}, "affected_software": {"major_version": []}, "epss": [{"cve": "CVE-2019-8322", "epss": "0.001800000", "percentile": "0.534880000", "modified": "2023-03-19"}, {"cve": "CVE-2019-8323", "epss": "0.001800000", "percentile": "0.534880000", "modified": "2023-03-19"}, {"cve": "CVE-2019-8324", "epss": "0.002240000", "percentile": "0.589100000", "modified": "2023-03-19"}, {"cve": "CVE-2019-8325", "epss": "0.001800000", "percentile": "0.534880000", "modified": "2023-03-19"}], "vulnersScore": 0.8}, "_state": {"score": 1675871408, "dependencies": 1675871168, "affected_software_major_version": 0, "epss": 1679305952}, "_internal": {"score_hash": "13c4ac9f899edabdc8842c566585bb71"}, "affectedSoftware": []}

{"amazon": [{"lastseen": "2023-02-08T17:38:04", "description": "**Issue Overview:**\n\nAn issue was discovered in RubyGems 2.6 and later through 3.0.2. The gem owner command outputs the contents of the API response directly to stdout. Therefore, if the response is crafted, escape sequence injection may occur. (CVE-2019-8322)\n\nAn issue was discovered in RubyGems 2.6 and later through 3.0.2. Gem::GemcutterUtilities#with_response may output the API response to stdout as it is. Therefore, if the API side modifies the response, escape sequence injection may occur. (CVE-2019-8323)\n\nAn issue was discovered in RubyGems 2.6 and later through 3.0.2. Since Gem::CommandManager#run calls alert_error without escaping, escape sequence injection is possible. (There are many ways to cause an error.) (CVE-2019-8325)\n\nAn issue was discovered in RubyGems 2.6 and later through 3.0.2. A crafted gem with a multi-line name is not handled correctly. Therefore, an attacker could inject arbitrary code to the stub line of gemspec, which is eval-ed by code in ensure_loadable_spec during the preinstall check. (CVE-2019-8324)\n\n \n**Affected Packages:** \n\n\nruby\n\n \n**Issue Correction:** \nRun _yum update ruby_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n aarch64: \n \u00a0\u00a0\u00a0 ruby-2.0.0.648-35.amzn2.0.1.aarch64 \n \u00a0\u00a0\u00a0 ruby-devel-2.0.0.648-35.amzn2.0.1.aarch64 \n \u00a0\u00a0\u00a0 ruby-libs-2.0.0.648-35.amzn2.0.1.aarch64 \n \u00a0\u00a0\u00a0 rubygem-bigdecimal-1.2.0-35.amzn2.0.1.aarch64 \n \u00a0\u00a0\u00a0 rubygem-io-console-0.4.2-35.amzn2.0.1.aarch64 \n \u00a0\u00a0\u00a0 rubygem-json-1.7.7-35.amzn2.0.1.aarch64 \n \u00a0\u00a0\u00a0 rubygem-psych-2.0.0-35.amzn2.0.1.aarch64 \n \u00a0\u00a0\u00a0 ruby-tcltk-2.0.0.648-35.amzn2.0.1.aarch64 \n \u00a0\u00a0\u00a0 ruby-debuginfo-2.0.0.648-35.amzn2.0.1.aarch64 \n \n i686: \n \u00a0\u00a0\u00a0 ruby-2.0.0.648-35.amzn2.0.1.i686 \n \u00a0\u00a0\u00a0 ruby-devel-2.0.0.648-35.amzn2.0.1.i686 \n \u00a0\u00a0\u00a0 ruby-libs-2.0.0.648-35.amzn2.0.1.i686 \n \u00a0\u00a0\u00a0 rubygem-bigdecimal-1.2.0-35.amzn2.0.1.i686 \n \u00a0\u00a0\u00a0 rubygem-io-console-0.4.2-35.amzn2.0.1.i686 \n \u00a0\u00a0\u00a0 rubygem-json-1.7.7-35.amzn2.0.1.i686 \n \u00a0\u00a0\u00a0 rubygem-psych-2.0.0-35.amzn2.0.1.i686 \n \u00a0\u00a0\u00a0 ruby-tcltk-2.0.0.648-35.amzn2.0.1.i686 \n \u00a0\u00a0\u00a0 ruby-debuginfo-2.0.0.648-35.amzn2.0.1.i686 \n \n noarch: \n \u00a0\u00a0\u00a0 rubygems-2.0.14.1-35.amzn2.0.1.noarch \n \u00a0\u00a0\u00a0 rubygems-devel-2.0.14.1-35.amzn2.0.1.noarch \n \u00a0\u00a0\u00a0 rubygem-rake-0.9.6-35.amzn2.0.1.noarch \n \u00a0\u00a0\u00a0 ruby-irb-2.0.0.648-35.amzn2.0.1.noarch \n \u00a0\u00a0\u00a0 rubygem-rdoc-4.0.0-35.amzn2.0.1.noarch \n \u00a0\u00a0\u00a0 ruby-doc-2.0.0.648-35.amzn2.0.1.noarch \n \u00a0\u00a0\u00a0 rubygem-minitest-4.3.2-35.amzn2.0.1.noarch \n \n src: \n \u00a0\u00a0\u00a0 ruby-2.0.0.648-35.amzn2.0.1.src \n \n x86_64: \n \u00a0\u00a0\u00a0 ruby-2.0.0.648-35.amzn2.0.1.x86_64 \n \u00a0\u00a0\u00a0 ruby-devel-2.0.0.648-35.amzn2.0.1.x86_64 \n \u00a0\u00a0\u00a0 ruby-libs-2.0.0.648-35.amzn2.0.1.x86_64 \n \u00a0\u00a0\u00a0 rubygem-bigdecimal-1.2.0-35.amzn2.0.1.x86_64 \n \u00a0\u00a0\u00a0 rubygem-io-console-0.4.2-35.amzn2.0.1.x86_64 \n \u00a0\u00a0\u00a0 rubygem-json-1.7.7-35.amzn2.0.1.x86_64 \n \u00a0\u00a0\u00a0 rubygem-psych-2.0.0-35.amzn2.0.1.x86_64 \n \u00a0\u00a0\u00a0 ruby-tcltk-2.0.0.648-35.amzn2.0.1.x86_64 \n \u00a0\u00a0\u00a0 ruby-debuginfo-2.0.0.648-35.amzn2.0.1.x86_64 \n \n \n\n### Additional References\n\nRed Hat: [CVE-2019-8322](<https://access.redhat.com/security/cve/CVE-2019-8322>), [CVE-2019-8323](<https://access.redhat.com/security/cve/CVE-2019-8323>), [CVE-2019-8324](<https://access.redhat.com/security/cve/CVE-2019-8324>), [CVE-2019-8325](<https://access.redhat.com/security/cve/CVE-2019-8325>)\n\nMitre: [CVE-2019-8322](<https://vulners.com/cve/CVE-2019-8322>), [CVE-2019-8323](<https://vulners.com/cve/CVE-2019-8323>), [CVE-2019-8324](<https://vulners.com/cve/CVE-2019-8324>), [CVE-2019-8325](<https://vulners.com/cve/CVE-2019-8325>)\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-07-18T18:14:00", "type": "amazon", "title": "Important: ruby", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8322", "CVE-2019-8323", "CVE-2019-8324", "CVE-2019-8325"], "modified": "2019-07-22T16:49:00", "id": "ALAS2-2019-1249", "href": "https://alas.aws.amazon.com/AL2/ALAS-2019-1249.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-08T17:12:34", "description": "**Issue Overview:**\n\nAn issue was discovered in RubyGems. The gem owner command outputs the contents of the API response directly to stdout. Therefore, if the response is crafted, escape sequence injection may occur.(CVE-2019-8322)\n\nAn issue was discovered in RubyGems. Gem::GemcutterUtilities#with_response may output the API response to stdout as it is. Therefore, if the API side modifies the response, escape sequence injection may occur.(CVE-2019-8323)\n\nAn issue was discovered in RubyGems. Since Gem::UserInteraction#verbose calls say without escaping, escape sequence injection is possible.(CVE-2019-8321)\n\nA Directory Traversal issue was discovered in RubyGems. Before making new directories or touching files (which now include path-checking code for symlinks), it would delete the target destination. If that destination was hidden behind a symlink, a malicious gem could delete arbitrary files on the user's machine, presuming the attacker could guess at paths. Given how frequently gem is run as sudo, and how predictable paths are on modern systems (/tmp, /usr, etc.), this could likely lead to data loss or an unusable system.(CVE-2019-8320)\n\nAn issue was discovered in RubyGems. A crafted gem with a multi-line name is not handled correctly. Therefore, an attacker could inject arbitrary code to the stub line of gemspec, which is eval-ed by code in ensure_loadable_spec during the preinstall check.(CVE-2019-8324)\n\nAn issue was discovered in RubyGems. Since Gem::CommandManager#run calls alert_error without escaping, escape sequence injection is possible. (There are many ways to cause an error.)(CVE-2019-8325)\n\n \n**Affected Packages:** \n\n\nruby20, ruby21, ruby24\n\n \n**Issue Correction:** \nRun _yum update ruby20_ to update your system. \nRun _yum update ruby21_ to update your system. \nRun _yum update ruby24_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n i686: \n \u00a0\u00a0\u00a0 ruby20-libs-2.0.0.648-1.32.amzn1.i686 \n \u00a0\u00a0\u00a0 ruby20-debuginfo-2.0.0.648-1.32.amzn1.i686 \n \u00a0\u00a0\u00a0 rubygem20-bigdecimal-1.2.0-1.32.amzn1.i686 \n \u00a0\u00a0\u00a0 ruby20-devel-2.0.0.648-1.32.amzn1.i686 \n \u00a0\u00a0\u00a0 rubygem20-psych-2.0.0-1.32.amzn1.i686 \n \u00a0\u00a0\u00a0 rubygem20-io-console-0.4.2-1.32.amzn1.i686 \n \u00a0\u00a0\u00a0 ruby20-2.0.0.648-1.32.amzn1.i686 \n \u00a0\u00a0\u00a0 ruby21-2.1.9-1.22.amzn1.i686 \n \u00a0\u00a0\u00a0 rubygem21-bigdecimal-1.2.4-1.22.amzn1.i686 \n \u00a0\u00a0\u00a0 ruby21-debuginfo-2.1.9-1.22.amzn1.i686 \n \u00a0\u00a0\u00a0 rubygem21-io-console-0.4.3-1.22.amzn1.i686 \n \u00a0\u00a0\u00a0 ruby21-devel-2.1.9-1.22.amzn1.i686 \n \u00a0\u00a0\u00a0 rubygem21-psych-2.0.5-1.22.amzn1.i686 \n \u00a0\u00a0\u00a0 ruby21-libs-2.1.9-1.22.amzn1.i686 \n \u00a0\u00a0\u00a0 ruby24-2.4.5-1.30.11.amzn1.i686 \n \u00a0\u00a0\u00a0 rubygem24-json-2.0.4-1.30.11.amzn1.i686 \n \u00a0\u00a0\u00a0 rubygem24-bigdecimal-1.3.2-1.30.11.amzn1.i686 \n \u00a0\u00a0\u00a0 ruby24-debuginfo-2.4.5-1.30.11.amzn1.i686 \n \u00a0\u00a0\u00a0 rubygem24-io-console-0.4.6-1.30.11.amzn1.i686 \n \u00a0\u00a0\u00a0 rubygem24-psych-2.2.2-1.30.11.amzn1.i686 \n \u00a0\u00a0\u00a0 ruby24-libs-2.4.5-1.30.11.amzn1.i686 \n \u00a0\u00a0\u00a0 rubygem24-xmlrpc-0.2.1-1.30.11.amzn1.i686 \n \u00a0\u00a0\u00a0 ruby24-devel-2.4.5-1.30.11.amzn1.i686 \n \n noarch: \n \u00a0\u00a0\u00a0 ruby20-irb-2.0.0.648-1.32.amzn1.noarch \n \u00a0\u00a0\u00a0 ruby20-doc-2.0.0.648-1.32.amzn1.noarch \n \u00a0\u00a0\u00a0 rubygems20-devel-2.0.14.1-1.32.amzn1.noarch \n \u00a0\u00a0\u00a0 rubygems20-2.0.14.1-1.32.amzn1.noarch \n \u00a0\u00a0\u00a0 ruby21-irb-2.1.9-1.22.amzn1.noarch \n \u00a0\u00a0\u00a0 rubygems21-devel-2.2.5-1.22.amzn1.noarch \n \u00a0\u00a0\u00a0 ruby21-doc-2.1.9-1.22.amzn1.noarch \n \u00a0\u00a0\u00a0 rubygems21-2.2.5-1.22.amzn1.noarch \n \u00a0\u00a0\u00a0 rubygems24-2.6.14.3-1.30.11.amzn1.noarch \n \u00a0\u00a0\u00a0 rubygem24-did_you_mean-1.1.0-1.30.11.amzn1.noarch \n \u00a0\u00a0\u00a0 rubygems24-devel-2.6.14.3-1.30.11.amzn1.noarch \n \u00a0\u00a0\u00a0 ruby24-doc-2.4.5-1.30.11.amzn1.noarch \n \u00a0\u00a0\u00a0 ruby24-irb-2.4.5-1.30.11.amzn1.noarch \n \n src: \n \u00a0\u00a0\u00a0 ruby20-2.0.0.648-1.32.amzn1.src \n \u00a0\u00a0\u00a0 ruby21-2.1.9-1.22.amzn1.src \n \u00a0\u00a0\u00a0 ruby24-2.4.5-1.30.11.amzn1.src \n \n x86_64: \n \u00a0\u00a0\u00a0 ruby20-devel-2.0.0.648-1.32.amzn1.x86_64 \n \u00a0\u00a0\u00a0 rubygem20-bigdecimal-1.2.0-1.32.amzn1.x86_64 \n \u00a0\u00a0\u00a0 ruby20-debuginfo-2.0.0.648-1.32.amzn1.x86_64 \n \u00a0\u00a0\u00a0 rubygem20-io-console-0.4.2-1.32.amzn1.x86_64 \n \u00a0\u00a0\u00a0 ruby20-2.0.0.648-1.32.amzn1.x86_64 \n \u00a0\u00a0\u00a0 rubygem20-psych-2.0.0-1.32.amzn1.x86_64 \n \u00a0\u00a0\u00a0 ruby20-libs-2.0.0.648-1.32.amzn1.x86_64 \n \u00a0\u00a0\u00a0 rubygem21-psych-2.0.5-1.22.amzn1.x86_64 \n \u00a0\u00a0\u00a0 ruby21-devel-2.1.9-1.22.amzn1.x86_64 \n \u00a0\u00a0\u00a0 ruby21-libs-2.1.9-1.22.amzn1.x86_64 \n \u00a0\u00a0\u00a0 ruby21-debuginfo-2.1.9-1.22.amzn1.x86_64 \n \u00a0\u00a0\u00a0 rubygem21-bigdecimal-1.2.4-1.22.amzn1.x86_64 \n \u00a0\u00a0\u00a0 ruby21-2.1.9-1.22.amzn1.x86_64 \n \u00a0\u00a0\u00a0 rubygem21-io-console-0.4.3-1.22.amzn1.x86_64 \n \u00a0\u00a0\u00a0 rubygem24-json-2.0.4-1.30.11.amzn1.x86_64 \n \u00a0\u00a0\u00a0 ruby24-devel-2.4.5-1.30.11.amzn1.x86_64 \n \u00a0\u00a0\u00a0 ruby24-debuginfo-2.4.5-1.30.11.amzn1.x86_64 \n \u00a0\u00a0\u00a0 rubygem24-bigdecimal-1.3.2-1.30.11.amzn1.x86_64 \n \u00a0\u00a0\u00a0 rubygem24-io-console-0.4.6-1.30.11.amzn1.x86_64 \n \u00a0\u00a0\u00a0 ruby24-2.4.5-1.30.11.amzn1.x86_64 \n \u00a0\u00a0\u00a0 ruby24-libs-2.4.5-1.30.11.amzn1.x86_64 \n \u00a0\u00a0\u00a0 rubygem24-xmlrpc-0.2.1-1.30.11.amzn1.x86_64 \n \u00a0\u00a0\u00a0 rubygem24-psych-2.2.2-1.30.11.amzn1.x86_64 \n \n \n\n### Additional References\n\nRed Hat: [CVE-2019-8320](<https://access.redhat.com/security/cve/CVE-2019-8320>), [CVE-2019-8321](<https://access.redhat.com/security/cve/CVE-2019-8321>), [CVE-2019-8322](<https://access.redhat.com/security/cve/CVE-2019-8322>), [CVE-2019-8323](<https://access.redhat.com/security/cve/CVE-2019-8323>), [CVE-2019-8324](<https://access.redhat.com/security/cve/CVE-2019-8324>), [CVE-2019-8325](<https://access.redhat.com/security/cve/CVE-2019-8325>)\n\nMitre: [CVE-2019-8320](<https://vulners.com/cve/CVE-2019-8320>), [CVE-2019-8321](<https://vulners.com/cve/CVE-2019-8321>), [CVE-2019-8322](<https://vulners.com/cve/CVE-2019-8322>), [CVE-2019-8323](<https://vulners.com/cve/CVE-2019-8323>), [CVE-2019-8324](<https://vulners.com/cve/CVE-2019-8324>), [CVE-2019-8325](<https://vulners.com/cve/CVE-2019-8325>)\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-08-07T22:58:00", "type": "amazon", "title": "Important: ruby20, ruby21, ruby24", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 9.2, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8320", "CVE-2019-8321", "CVE-2019-8322", "CVE-2019-8323", "CVE-2019-8324", "CVE-2019-8325"], "modified": "2019-08-12T18:13:00", "id": "ALAS-2019-1255", "href": "https://alas.aws.amazon.com/ALAS-2019-1255.html", "cvss": {"score": 8.8, "vector": "AV:N/AC:M/Au:N/C:N/I:C/A:C"}}], "nessus": [{"lastseen": "2023-01-11T15:21:48", "description": "The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has ruby packages installed that are affected by multiple vulnerabilities:\n\n - An issue was discovered in RubyGems 2.6 and later through 3.0.2. The gem owner command outputs the contents of the API response directly to stdout.\n Therefore, if the response is crafted, escape sequence injection may occur. (CVE-2019-8322)\n\n - An issue was discovered in RubyGems 2.6 and later through 3.0.2. Gem::GemcutterUtilities#with_response may output the API response to stdout as it is. Therefore, if the API side modifies the response, escape sequence injection may occur. (CVE-2019-8323)\n\n - An issue was discovered in RubyGems 2.6 and later through 3.0.2. A crafted gem with a multi-line name is not handled correctly. Therefore, an attacker could inject arbitrary code to the stub line of gemspec, which is eval-ed by code in ensure_loadable_spec during the preinstall check. (CVE-2019-8324)\n\n - An issue was discovered in RubyGems 2.6 and later through 3.0.2. Since Gem::CommandManager#run calls alert_error without escaping, escape sequence injection is possible. (There are many ways to cause an error.) (CVE-2019-8325)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-08-12T00:00:00", "type": "nessus", "title": "NewStart CGSL CORE 5.04 / MAIN 5.04 : ruby Multiple Vulnerabilities (NS-SA-2019-0080)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8322", "CVE-2019-8323", "CVE-2019-8324", "CVE-2019-8325"], "modified": "2021-01-14T00:00:00", "cpe": [], "id": "NEWSTART_CGSL_NS-SA-2019-0080_RUBY.NASL", "href": "https://www.tenable.com/plugins/nessus/127292", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2019-0080. The text\n# itself is copyright (C) ZTE, Inc.\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(127292);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\n \"CVE-2019-8322\",\n \"CVE-2019-8323\",\n \"CVE-2019-8324\",\n \"CVE-2019-8325\"\n );\n\n script_name(english:\"NewStart CGSL CORE 5.04 / MAIN 5.04 : ruby Multiple Vulnerabilities (NS-SA-2019-0080)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote machine is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has ruby packages installed that are affected by\nmultiple vulnerabilities:\n\n - An issue was discovered in RubyGems 2.6 and later\n through 3.0.2. The gem owner command outputs the\n contents of the API response directly to stdout.\n Therefore, if the response is crafted, escape sequence\n injection may occur. (CVE-2019-8322)\n\n - An issue was discovered in RubyGems 2.6 and later\n through 3.0.2. Gem::GemcutterUtilities#with_response may\n output the API response to stdout as it is. Therefore,\n if the API side modifies the response, escape sequence\n injection may occur. (CVE-2019-8323)\n\n - An issue was discovered in RubyGems 2.6 and later\n through 3.0.2. A crafted gem with a multi-line name is\n not handled correctly. Therefore, an attacker could\n inject arbitrary code to the stub line of gemspec, which\n is eval-ed by code in ensure_loadable_spec during the\n preinstall check. (CVE-2019-8324)\n\n - An issue was discovered in RubyGems 2.6 and later\n through 3.0.2. Since Gem::CommandManager#run calls\n alert_error without escaping, escape sequence injection\n is possible. (There are many ways to cause an error.)\n (CVE-2019-8325)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2019-0080\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL ruby packages. Note that updated packages may not be available yet. Please contact ZTE for\nmore information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-8324\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/06/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/ZTE-CGSL/release\");\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, \"NewStart Carrier Grade Server Linux\");\n\nif (release !~ \"CGSL CORE 5.04\" &&\n release !~ \"CGSL MAIN 5.04\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL CORE 5.04 / NewStart CGSL MAIN 5.04');\n\nif (!get_kb_item(\"Host/ZTE-CGSL/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"NewStart Carrier Grade Server Linux\", cpu);\n\nflag = 0;\n\npkgs = {\n \"CGSL CORE 5.04\": [\n \"ruby-2.0.0.648-35.el7_6\",\n \"ruby-debuginfo-2.0.0.648-35.el7_6\",\n \"ruby-devel-2.0.0.648-35.el7_6\",\n \"ruby-doc-2.0.0.648-35.el7_6\",\n \"ruby-irb-2.0.0.648-35.el7_6\",\n \"ruby-libs-2.0.0.648-35.el7_6\",\n \"ruby-tcltk-2.0.0.648-35.el7_6\",\n \"rubygem-bigdecimal-1.2.0-35.el7_6\",\n \"rubygem-io-console-0.4.2-35.el7_6\",\n \"rubygem-json-1.7.7-35.el7_6\",\n \"rubygem-minitest-4.3.2-35.el7_6\",\n \"rubygem-psych-2.0.0-35.el7_6\",\n \"rubygem-rake-0.9.6-35.el7_6\",\n \"rubygem-rdoc-4.0.0-35.el7_6\",\n \"rubygems-2.0.14.1-35.el7_6\",\n \"rubygems-devel-2.0.14.1-35.el7_6\"\n ],\n \"CGSL MAIN 5.04\": [\n \"ruby-2.0.0.648-35.el7_6\",\n \"ruby-debuginfo-2.0.0.648-35.el7_6\",\n \"ruby-devel-2.0.0.648-35.el7_6\",\n \"ruby-doc-2.0.0.648-35.el7_6\",\n \"ruby-irb-2.0.0.648-35.el7_6\",\n \"ruby-libs-2.0.0.648-35.el7_6\",\n \"ruby-tcltk-2.0.0.648-35.el7_6\",\n \"rubygem-bigdecimal-1.2.0-35.el7_6\",\n \"rubygem-io-console-0.4.2-35.el7_6\",\n \"rubygem-json-1.7.7-35.el7_6\",\n \"rubygem-minitest-4.3.2-35.el7_6\",\n \"rubygem-psych-2.0.0-35.el7_6\",\n \"rubygem-rake-0.9.6-35.el7_6\",\n \"rubygem-rdoc-4.0.0-35.el7_6\",\n \"rubygems-2.0.14.1-35.el7_6\",\n \"rubygems-devel-2.0.14.1-35.el7_6\"\n ]\n};\npkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:\"ZTE \" + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ruby\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:22:58", "description": "An update for ruby is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nRuby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks.\n\nSecurity Fix(es) :\n\n* rubygems: Installing a malicious gem may lead to arbitrary code execution (CVE-2019-8324)\n\n* rubygems: Escape sequence injection vulnerability in gem owner (CVE-2019-8322)\n\n* rubygems: Escape sequence injection vulnerability in API response handling (CVE-2019-8323)\n\n* rubygems: Escape sequence injection vulnerability in errors (CVE-2019-8325)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {}, "published": "2019-05-22T00:00:00", "type": "nessus", "title": "CentOS 7 : ruby (CESA-2019:1235)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-8322", "CVE-2019-8323", "CVE-2019-8324", "CVE-2019-8325"], "modified": "2020-01-15T00:00:00", "cpe": ["p-cpe:/a:centos:centos:ruby", "p-cpe:/a:centos:centos:ruby-devel", "p-cpe:/a:centos:centos:ruby-doc", "p-cpe:/a:centos:centos:ruby-irb", "p-cpe:/a:centos:centos:ruby-libs", "p-cpe:/a:centos:centos:ruby-tcltk", "p-cpe:/a:centos:centos:rubygem-bigdecimal", "p-cpe:/a:centos:centos:rubygem-io-console", "p-cpe:/a:centos:centos:rubygem-json", "p-cpe:/a:centos:centos:rubygem-minitest", "p-cpe:/a:centos:centos:rubygem-psych", "p-cpe:/a:centos:centos:rubygem-rake", "p-cpe:/a:centos:centos:rubygem-rdoc", "p-cpe:/a:centos:centos:rubygems", "p-cpe:/a:centos:centos:rubygems-devel", "cpe:/o:centos:centos:7"], "id": "CENTOS_RHSA-2019-1235.NASL", "href": "https://www.tenable.com/plugins/nessus/125316", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:1235 and \n# CentOS Errata and Security Advisory 2019:1235 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(125316);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2020/01/15\");\n\n script_cve_id(\"CVE-2019-8322\", \"CVE-2019-8323\", \"CVE-2019-8324\", \"CVE-2019-8325\");\n script_xref(name:\"RHSA\", value:\"2019:1235\");\n\n script_name(english:\"CentOS 7 : ruby (CESA-2019:1235)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for ruby is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nRuby is an extensible, interpreted, object-oriented, scripting\nlanguage. It has features to process text files and to perform system\nmanagement tasks.\n\nSecurity Fix(es) :\n\n* rubygems: Installing a malicious gem may lead to arbitrary code\nexecution (CVE-2019-8324)\n\n* rubygems: Escape sequence injection vulnerability in gem owner\n(CVE-2019-8322)\n\n* rubygems: Escape sequence injection vulnerability in API response\nhandling (CVE-2019-8323)\n\n* rubygems: Escape sequence injection vulnerability in errors\n(CVE-2019-8325)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2019-May/023315.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?fd82bebc\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected ruby packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-8324\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ruby-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ruby-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ruby-irb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ruby-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ruby-tcltk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:rubygem-bigdecimal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:rubygem-io-console\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:rubygem-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:rubygem-minitest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:rubygem-psych\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:rubygem-rake\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:rubygem-rdoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:rubygems\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:rubygems-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/06/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/22\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 7.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"ruby-2.0.0.648-35.el7_6\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"ruby-devel-2.0.0.648-35.el7_6\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"ruby-doc-2.0.0.648-35.el7_6\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"ruby-irb-2.0.0.648-35.el7_6\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"ruby-libs-2.0.0.648-35.el7_6\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"ruby-tcltk-2.0.0.648-35.el7_6\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"rubygem-bigdecimal-1.2.0-35.el7_6\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"rubygem-io-console-0.4.2-35.el7_6\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"rubygem-json-1.7.7-35.el7_6\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"rubygem-minitest-4.3.2-35.el7_6\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"rubygem-psych-2.0.0-35.el7_6\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"rubygem-rake-0.9.6-35.el7_6\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"rubygem-rdoc-4.0.0-35.el7_6\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"rubygems-2.0.14.1-35.el7_6\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"rubygems-devel-2.0.14.1-35.el7_6\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ruby / ruby-devel / ruby-doc / ruby-irb / ruby-libs / ruby-tcltk / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:20:04", "description": "An issue was discovered in RubyGems 2.6 and later through 3.0.2. The gem owner command outputs the contents of the API response directly to stdout. Therefore, if the response is crafted, escape sequence injection may occur. (CVE-2019-8322)\n\nAn issue was discovered in RubyGems 2.6 and later through 3.0.2.\nGem::GemcutterUtilities#with_response may output the API response to stdout as it is. Therefore, if the API side modifies the response, escape sequence injection may occur. (CVE-2019-8323)\n\nAn issue was discovered in RubyGems 2.6 and later through 3.0.2. Since Gem::CommandManager#run calls alert_error without escaping, escape sequence injection is possible. (There are many ways to cause an error.) (CVE-2019-8325)\n\nAn issue was discovered in RubyGems 2.6 and later through 3.0.2. A crafted gem with a multi-line name is not handled correctly.\nTherefore, an attacker could inject arbitrary code to the stub line of gemspec, which is eval-ed by code in ensure_loadable_spec during the preinstall check. (CVE-2019-8324)", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-07-24T00:00:00", "type": "nessus", "title": "Amazon Linux 2 : ruby (ALAS-2019-1249)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8322", "CVE-2019-8323", "CVE-2019-8324", "CVE-2019-8325"], "modified": "2020-01-06T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:ruby", "p-cpe:/a:amazon:linux:ruby-debuginfo", "p-cpe:/a:amazon:linux:ruby-devel", "p-cpe:/a:amazon:linux:ruby-doc", "p-cpe:/a:amazon:linux:ruby-irb", "p-cpe:/a:amazon:linux:ruby-libs", "p-cpe:/a:amazon:linux:ruby-tcltk", "p-cpe:/a:amazon:linux:rubygem-bigdecimal", "p-cpe:/a:amazon:linux:rubygem-io-console", "p-cpe:/a:amazon:linux:rubygem-json", "p-cpe:/a:amazon:linux:rubygem-minitest", "p-cpe:/a:amazon:linux:rubygem-psych", "p-cpe:/a:amazon:linux:rubygem-rake", "p-cpe:/a:amazon:linux:rubygem-rdoc", "p-cpe:/a:amazon:linux:rubygems", "p-cpe:/a:amazon:linux:rubygems-devel", "cpe:/o:amazon:linux:2"], "id": "AL2_ALAS-2019-1249.NASL", "href": "https://www.tenable.com/plugins/nessus/126961", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2 Security Advisory ALAS-2019-1249.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(126961);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2020/01/06\");\n\n script_cve_id(\"CVE-2019-8322\", \"CVE-2019-8323\", \"CVE-2019-8324\", \"CVE-2019-8325\");\n script_xref(name:\"ALAS\", value:\"2019-1249\");\n\n script_name(english:\"Amazon Linux 2 : ruby (ALAS-2019-1249)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux 2 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An issue was discovered in RubyGems 2.6 and later through 3.0.2. The\ngem owner command outputs the contents of the API response directly to\nstdout. Therefore, if the response is crafted, escape sequence\ninjection may occur. (CVE-2019-8322)\n\nAn issue was discovered in RubyGems 2.6 and later through 3.0.2.\nGem::GemcutterUtilities#with_response may output the API response to\nstdout as it is. Therefore, if the API side modifies the response,\nescape sequence injection may occur. (CVE-2019-8323)\n\nAn issue was discovered in RubyGems 2.6 and later through 3.0.2. Since\nGem::CommandManager#run calls alert_error without escaping, escape\nsequence injection is possible. (There are many ways to cause an\nerror.) (CVE-2019-8325)\n\nAn issue was discovered in RubyGems 2.6 and later through 3.0.2. A\ncrafted gem with a multi-line name is not handled correctly.\nTherefore, an attacker could inject arbitrary code to the stub line of\ngemspec, which is eval-ed by code in ensure_loadable_spec during the\npreinstall check. (CVE-2019-8324)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/AL2/ALAS-2019-1249.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update ruby' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby-irb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby-tcltk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygem-bigdecimal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygem-io-console\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygem-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygem-minitest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygem-psych\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygem-rake\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygem-rdoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygems\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygems-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/06/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/07/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"2\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"AL2\", reference:\"ruby-2.0.0.648-35.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"ruby-debuginfo-2.0.0.648-35.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"ruby-devel-2.0.0.648-35.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"ruby-doc-2.0.0.648-35.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"ruby-irb-2.0.0.648-35.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"ruby-libs-2.0.0.648-35.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"ruby-tcltk-2.0.0.648-35.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"rubygem-bigdecimal-1.2.0-35.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"rubygem-io-console-0.4.2-35.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"rubygem-json-1.7.7-35.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"rubygem-minitest-4.3.2-35.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"rubygem-psych-2.0.0-35.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"rubygem-rake-0.9.6-35.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"rubygem-rdoc-4.0.0-35.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"rubygems-2.0.14.1-35.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"rubygems-devel-2.0.14.1-35.amzn2.0.1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ruby / ruby-debuginfo / ruby-devel / ruby-doc / ruby-irb / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:22:27", "description": "From Red Hat Security Advisory 2019:1235 :\n\nAn update for ruby is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nRuby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks.\n\nSecurity Fix(es) :\n\n* rubygems: Installing a malicious gem may lead to arbitrary code execution (CVE-2019-8324)\n\n* rubygems: Escape sequence injection vulnerability in gem owner (CVE-2019-8322)\n\n* rubygems: Escape sequence injection vulnerability in API response handling (CVE-2019-8323)\n\n* rubygems: Escape sequence injection vulnerability in errors (CVE-2019-8325)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {}, "published": "2019-05-16T00:00:00", "type": "nessus", "title": "Oracle Linux 7 : ruby (ELSA-2019-1235)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-8322", "CVE-2019-8323", "CVE-2019-8324", "CVE-2019-8325"], "modified": "2020-01-17T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:ruby", "p-cpe:/a:oracle:linux:ruby-devel", "p-cpe:/a:oracle:linux:ruby-doc", "p-cpe:/a:oracle:linux:ruby-irb", "p-cpe:/a:oracle:linux:ruby-libs", "p-cpe:/a:oracle:linux:ruby-tcltk", "p-cpe:/a:oracle:linux:rubygem-bigdecimal", "p-cpe:/a:oracle:linux:rubygem-io-console", "p-cpe:/a:oracle:linux:rubygem-json", "p-cpe:/a:oracle:linux:rubygem-minitest", "p-cpe:/a:oracle:linux:rubygem-psych", "p-cpe:/a:oracle:linux:rubygem-rake", "p-cpe:/a:oracle:linux:rubygem-rdoc", "p-cpe:/a:oracle:linux:rubygems", "p-cpe:/a:oracle:linux:rubygems-devel", "cpe:/o:oracle:linux:7"], "id": "ORACLELINUX_ELSA-2019-1235.NASL", "href": "https://www.tenable.com/plugins/nessus/125191", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2019:1235 and \n# Oracle Linux Security Advisory ELSA-2019-1235 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(125191);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2020/01/17\");\n\n script_cve_id(\"CVE-2019-8322\", \"CVE-2019-8323\", \"CVE-2019-8324\", \"CVE-2019-8325\");\n script_xref(name:\"RHSA\", value:\"2019:1235\");\n\n script_name(english:\"Oracle Linux 7 : ruby (ELSA-2019-1235)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2019:1235 :\n\nAn update for ruby is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nRuby is an extensible, interpreted, object-oriented, scripting\nlanguage. It has features to process text files and to perform system\nmanagement tasks.\n\nSecurity Fix(es) :\n\n* rubygems: Installing a malicious gem may lead to arbitrary code\nexecution (CVE-2019-8324)\n\n* rubygems: Escape sequence injection vulnerability in gem owner\n(CVE-2019-8322)\n\n* rubygems: Escape sequence injection vulnerability in API response\nhandling (CVE-2019-8323)\n\n* rubygems: Escape sequence injection vulnerability in errors\n(CVE-2019-8325)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2019-May/008738.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected ruby packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ruby-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ruby-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ruby-irb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ruby-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ruby-tcltk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:rubygem-bigdecimal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:rubygem-io-console\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:rubygem-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:rubygem-minitest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:rubygem-psych\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:rubygem-rake\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:rubygem-rdoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:rubygems\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:rubygems-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/06/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/16\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 7\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"ruby-2.0.0.648-35.el7_6\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"ruby-devel-2.0.0.648-35.el7_6\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"ruby-doc-2.0.0.648-35.el7_6\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"ruby-irb-2.0.0.648-35.el7_6\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"ruby-libs-2.0.0.648-35.el7_6\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"ruby-tcltk-2.0.0.648-35.el7_6\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"rubygem-bigdecimal-1.2.0-35.el7_6\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"rubygem-io-console-0.4.2-35.el7_6\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"rubygem-json-1.7.7-35.el7_6\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"rubygem-minitest-4.3.2-35.el7_6\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"rubygem-psych-2.0.0-35.el7_6\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"rubygem-rake-0.9.6-35.el7_6\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"rubygem-rdoc-4.0.0-35.el7_6\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"rubygems-2.0.14.1-35.el7_6\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"rubygems-devel-2.0.14.1-35.el7_6\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ruby / ruby-devel / ruby-doc / ruby-irb / ruby-libs / ruby-tcltk / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:22:28", "description": "The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has ruby packages installed that are affected by multiple vulnerabilities:\n\n - An issue was discovered in RubyGems 2.6 and later through 3.0.2. The gem owner command outputs the contents of the API response directly to stdout.\n Therefore, if the response is crafted, escape sequence injection may occur. (CVE-2019-8322)\n\n - An issue was discovered in RubyGems 2.6 and later through 3.0.2. Gem::GemcutterUtilities#with_response may output the API response to stdout as it is. Therefore, if the API side modifies the response, escape sequence injection may occur. (CVE-2019-8323)\n\n - An issue was discovered in RubyGems 2.6 and later through 3.0.2. A crafted gem with a multi-line name is not handled correctly. Therefore, an attacker could inject arbitrary code to the stub line of gemspec, which is eval-ed by code in ensure_loadable_spec during the preinstall check. (CVE-2019-8324)\n\n - An issue was discovered in RubyGems 2.6 and later through 3.0.2. Since Gem::CommandManager#run calls alert_error without escaping, escape sequence injection is possible. (There are many ways to cause an error.) (CVE-2019-8325)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-08-12T00:00:00", "type": "nessus", "title": "NewStart CGSL CORE 5.05 / MAIN 5.05 : ruby Multiple Vulnerabilities (NS-SA-2019-0084)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8322", "CVE-2019-8323", "CVE-2019-8324", "CVE-2019-8325"], "modified": "2021-01-14T00:00:00", "cpe": [], "id": "NEWSTART_CGSL_NS-SA-2019-0084_RUBY.NASL", "href": "https://www.tenable.com/plugins/nessus/127299", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2019-0084. The text\n# itself is copyright (C) ZTE, Inc.\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(127299);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\n \"CVE-2019-8322\",\n \"CVE-2019-8323\",\n \"CVE-2019-8324\",\n \"CVE-2019-8325\"\n );\n\n script_name(english:\"NewStart CGSL CORE 5.05 / MAIN 5.05 : ruby Multiple Vulnerabilities (NS-SA-2019-0084)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote machine is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has ruby packages installed that are affected by\nmultiple vulnerabilities:\n\n - An issue was discovered in RubyGems 2.6 and later\n through 3.0.2. The gem owner command outputs the\n contents of the API response directly to stdout.\n Therefore, if the response is crafted, escape sequence\n injection may occur. (CVE-2019-8322)\n\n - An issue was discovered in RubyGems 2.6 and later\n through 3.0.2. Gem::GemcutterUtilities#with_response may\n output the API response to stdout as it is. Therefore,\n if the API side modifies the response, escape sequence\n injection may occur. (CVE-2019-8323)\n\n - An issue was discovered in RubyGems 2.6 and later\n through 3.0.2. A crafted gem with a multi-line name is\n not handled correctly. Therefore, an attacker could\n inject arbitrary code to the stub line of gemspec, which\n is eval-ed by code in ensure_loadable_spec during the\n preinstall check. (CVE-2019-8324)\n\n - An issue was discovered in RubyGems 2.6 and later\n through 3.0.2. Since Gem::CommandManager#run calls\n alert_error without escaping, escape sequence injection\n is possible. (There are many ways to cause an error.)\n (CVE-2019-8325)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2019-0084\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL ruby packages. Note that updated packages may not be available yet. Please contact ZTE for\nmore information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-8324\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/06/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/ZTE-CGSL/release\");\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, \"NewStart Carrier Grade Server Linux\");\n\nif (release !~ \"CGSL CORE 5.05\" &&\n release !~ \"CGSL MAIN 5.05\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL CORE 5.05 / NewStart CGSL MAIN 5.05');\n\nif (!get_kb_item(\"Host/ZTE-CGSL/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"NewStart Carrier Grade Server Linux\", cpu);\n\nflag = 0;\n\npkgs = {\n \"CGSL CORE 5.05\": [\n \"ruby-2.0.0.648-35.el7_6\",\n \"ruby-debuginfo-2.0.0.648-35.el7_6\",\n \"ruby-devel-2.0.0.648-35.el7_6\",\n \"ruby-doc-2.0.0.648-35.el7_6\",\n \"ruby-irb-2.0.0.648-35.el7_6\",\n \"ruby-libs-2.0.0.648-35.el7_6\",\n \"ruby-tcltk-2.0.0.648-35.el7_6\",\n \"rubygem-bigdecimal-1.2.0-35.el7_6\",\n \"rubygem-io-console-0.4.2-35.el7_6\",\n \"rubygem-json-1.7.7-35.el7_6\",\n \"rubygem-minitest-4.3.2-35.el7_6\",\n \"rubygem-psych-2.0.0-35.el7_6\",\n \"rubygem-rake-0.9.6-35.el7_6\",\n \"rubygem-rdoc-4.0.0-35.el7_6\",\n \"rubygems-2.0.14.1-35.el7_6\",\n \"rubygems-devel-2.0.14.1-35.el7_6\"\n ],\n \"CGSL MAIN 5.05\": [\n \"ruby-2.0.0.648-35.el7_6\",\n \"ruby-debuginfo-2.0.0.648-35.el7_6\",\n \"ruby-devel-2.0.0.648-35.el7_6\",\n \"ruby-doc-2.0.0.648-35.el7_6\",\n \"ruby-irb-2.0.0.648-35.el7_6\",\n \"ruby-libs-2.0.0.648-35.el7_6\",\n \"ruby-tcltk-2.0.0.648-35.el7_6\",\n \"rubygem-bigdecimal-1.2.0-35.el7_6\",\n \"rubygem-io-console-0.4.2-35.el7_6\",\n \"rubygem-json-1.7.7-35.el7_6\",\n \"rubygem-minitest-4.3.2-35.el7_6\",\n \"rubygem-psych-2.0.0-35.el7_6\",\n \"rubygem-rake-0.9.6-35.el7_6\",\n \"rubygem-rdoc-4.0.0-35.el7_6\",\n \"rubygems-2.0.14.1-35.el7_6\",\n \"rubygems-devel-2.0.14.1-35.el7_6\"\n ]\n};\npkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:\"ZTE \" + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ruby\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:22:57", "description": "Security Fix(es) :\n\n - rubygems: Installing a malicious gem may lead to arbitrary code execution (CVE-2019-8324)\n\n - rubygems: Escape sequence injection vulnerability in gem owner (CVE-2019-8322)\n\n - rubygems: Escape sequence injection vulnerability in API response handling (CVE-2019-8323)\n\n - rubygems: Escape sequence injection vulnerability in errors (CVE-2019-8325)", "cvss3": {}, "published": "2019-05-16T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : ruby on SL7.x x86_64 (20190515)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-8322", "CVE-2019-8323", "CVE-2019-8324", "CVE-2019-8325"], "modified": "2020-02-24T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:ruby", "p-cpe:/a:fermilab:scientific_linux:ruby-debuginfo", "p-cpe:/a:fermilab:scientific_linux:ruby-devel", "p-cpe:/a:fermilab:scientific_linux:ruby-doc", "p-cpe:/a:fermilab:scientific_linux:ruby-irb", "p-cpe:/a:fermilab:scientific_linux:ruby-libs", "p-cpe:/a:fermilab:scientific_linux:ruby-tcltk", "p-cpe:/a:fermilab:scientific_linux:rubygem-bigdecimal", "p-cpe:/a:fermilab:scientific_linux:rubygem-io-console", "p-cpe:/a:fermilab:scientific_linux:rubygem-json", "p-cpe:/a:fermilab:scientific_linux:rubygem-minitest", "p-cpe:/a:fermilab:scientific_linux:rubygem-psych", "p-cpe:/a:fermilab:scientific_linux:rubygem-rake", "p-cpe:/a:fermilab:scientific_linux:rubygem-rdoc", "p-cpe:/a:fermilab:scientific_linux:rubygems", "p-cpe:/a:fermilab:scientific_linux:rubygems-devel", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20190515_RUBY_ON_SL7_X.NASL", "href": "https://www.tenable.com/plugins/nessus/125208", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(125208);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/02/24\");\n\n script_cve_id(\"CVE-2019-8322\", \"CVE-2019-8323\", \"CVE-2019-8324\", \"CVE-2019-8325\");\n\n script_name(english:\"Scientific Linux Security Update : ruby on SL7.x x86_64 (20190515)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security Fix(es) :\n\n - rubygems: Installing a malicious gem may lead to\n arbitrary code execution (CVE-2019-8324)\n\n - rubygems: Escape sequence injection vulnerability in gem\n owner (CVE-2019-8322)\n\n - rubygems: Escape sequence injection vulnerability in API\n response handling (CVE-2019-8323)\n\n - rubygems: Escape sequence injection vulnerability in\n errors (CVE-2019-8325)\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1905&L=SCIENTIFIC-LINUX-ERRATA&P=4867\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?73809b35\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:ruby-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:ruby-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:ruby-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:ruby-irb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:ruby-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:ruby-tcltk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:rubygem-bigdecimal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:rubygem-io-console\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:rubygem-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:rubygem-minitest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:rubygem-psych\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:rubygem-rake\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:rubygem-rdoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:rubygems\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:rubygems-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/06/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/16\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 7.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"ruby-2.0.0.648-35.el7_6\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"ruby-debuginfo-2.0.0.648-35.el7_6\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"ruby-devel-2.0.0.648-35.el7_6\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"ruby-doc-2.0.0.648-35.el7_6\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"ruby-irb-2.0.0.648-35.el7_6\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"ruby-libs-2.0.0.648-35.el7_6\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"ruby-tcltk-2.0.0.648-35.el7_6\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"rubygem-bigdecimal-1.2.0-35.el7_6\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"rubygem-io-console-0.4.2-35.el7_6\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"rubygem-json-1.7.7-35.el7_6\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"rubygem-minitest-4.3.2-35.el7_6\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"rubygem-psych-2.0.0-35.el7_6\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"rubygem-rake-0.9.6-35.el7_6\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"rubygem-rdoc-4.0.0-35.el7_6\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"rubygems-2.0.14.1-35.el7_6\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"rubygems-devel-2.0.14.1-35.el7_6\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ruby / ruby-debuginfo / ruby-devel / ruby-doc / ruby-irb / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:22:52", "description": "An update for ruby is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nRuby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks.\n\nSecurity Fix(es) :\n\n* rubygems: Installing a malicious gem may lead to arbitrary code execution (CVE-2019-8324)\n\n* rubygems: Escape sequence injection vulnerability in gem owner (CVE-2019-8322)\n\n* rubygems: Escape sequence injection vulnerability in API response handling (CVE-2019-8323)\n\n* rubygems: Escape sequence injection vulnerability in errors (CVE-2019-8325)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {}, "published": "2019-05-16T00:00:00", "type": "nessus", "title": "RHEL 7 : ruby (RHSA-2019:1235)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-8322", "CVE-2019-8323", "CVE-2019-8324", "CVE-2019-8325"], "modified": "2020-01-15T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:ruby", "p-cpe:/a:redhat:enterprise_linux:ruby-debuginfo", "p-cpe:/a:redhat:enterprise_linux:ruby-devel", "p-cpe:/a:redhat:enterprise_linux:ruby-doc", "p-cpe:/a:redhat:enterprise_linux:ruby-irb", "p-cpe:/a:redhat:enterprise_linux:ruby-libs", "p-cpe:/a:redhat:enterprise_linux:ruby-tcltk", "p-cpe:/a:redhat:enterprise_linux:rubygem-bigdecimal", "p-cpe:/a:redhat:enterprise_linux:rubygem-io-console", "p-cpe:/a:redhat:enterprise_linux:rubygem-json", "p-cpe:/a:redhat:enterprise_linux:rubygem-minitest", "p-cpe:/a:redhat:enterprise_linux:rubygem-psych", "p-cpe:/a:redhat:enterprise_linux:rubygem-rake", "p-cpe:/a:redhat:enterprise_linux:rubygem-rdoc", "p-cpe:/a:redhat:enterprise_linux:rubygems", "p-cpe:/a:redhat:enterprise_linux:rubygems-devel", "cpe:/o:redhat:enterprise_linux:7", "cpe:/o:redhat:enterprise_linux:7.6"], "id": "REDHAT-RHSA-2019-1235.NASL", "href": "https://www.tenable.com/plugins/nessus/125201", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:1235. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(125201);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2020/01/15\");\n\n script_cve_id(\"CVE-2019-8322\", \"CVE-2019-8323\", \"CVE-2019-8324\", \"CVE-2019-8325\");\n script_xref(name:\"RHSA\", value:\"2019:1235\");\n\n script_name(english:\"RHEL 7 : ruby (RHSA-2019:1235)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for ruby is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nRuby is an extensible, interpreted, object-oriented, scripting\nlanguage. It has features to process text files and to perform system\nmanagement tasks.\n\nSecurity Fix(es) :\n\n* rubygems: Installing a malicious gem may lead to arbitrary code\nexecution (CVE-2019-8324)\n\n* rubygems: Escape sequence injection vulnerability in gem owner\n(CVE-2019-8322)\n\n* rubygems: Escape sequence injection vulnerability in API response\nhandling (CVE-2019-8323)\n\n* rubygems: Escape sequence injection vulnerability in errors\n(CVE-2019-8325)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2019:1235\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-8322\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-8323\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-8324\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-8325\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-irb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-tcltk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-bigdecimal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-io-console\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-minitest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-psych\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-rake\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-rdoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygems\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygems-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/06/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/16\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2019:1235\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"ruby-2.0.0.648-35.el7_6\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"ruby-2.0.0.648-35.el7_6\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"ruby-debuginfo-2.0.0.648-35.el7_6\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"ruby-devel-2.0.0.648-35.el7_6\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"ruby-devel-2.0.0.648-35.el7_6\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"ruby-doc-2.0.0.648-35.el7_6\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"ruby-irb-2.0.0.648-35.el7_6\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"ruby-libs-2.0.0.648-35.el7_6\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"ruby-tcltk-2.0.0.648-35.el7_6\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"ruby-tcltk-2.0.0.648-35.el7_6\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"rubygem-bigdecimal-1.2.0-35.el7_6\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"rubygem-bigdecimal-1.2.0-35.el7_6\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"rubygem-io-console-0.4.2-35.el7_6\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"rubygem-io-console-0.4.2-35.el7_6\")) flag++;\n\n if (rpm_exists(rpm:\"rubygem-json-1.7\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"rubygem-json-1.7.7-35.el7_6\")) flag++;\n\n if (rpm_exists(rpm:\"rubygem-json-1.7\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"rubygem-json-1.7.7-35.el7_6\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"rubygem-minitest-4.3.2-35.el7_6\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"rubygem-psych-2.0.0-35.el7_6\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"rubygem-psych-2.0.0-35.el7_6\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"rubygem-rake-0.9.6-35.el7_6\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"rubygem-rdoc-4.0.0-35.el7_6\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"rubygems-2.0.14.1-35.el7_6\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"rubygems-devel-2.0.14.1-35.el7_6\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ruby / ruby-debuginfo / ruby-devel / ruby-doc / ruby-irb / etc\");\n }\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:22:42", "description": "According to the versions of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - rubygems: Installing a malicious gem may lead to arbitrary code execution (CVE-2019-8324)\n\n - rubygems: Escape sequence injection vulnerability in gem owner (CVE-2019-8322)\n\n - rubygems: Escape sequence injection vulnerability in API response handling (CVE-2019-8323)\n\n - rubygems: Escape sequence injection vulnerability in errors (CVE-2019-8325)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-05-29T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP5 : ruby (EulerOS-SA-2019-1597)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-8322", "CVE-2019-8323", "CVE-2019-8324", "CVE-2019-8325"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:ruby", "p-cpe:/a:huawei:euleros:ruby-irb", "p-cpe:/a:huawei:euleros:ruby-libs", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2019-1597.NASL", "href": "https://www.tenable.com/plugins/nessus/125524", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(125524);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2019-8322\",\n \"CVE-2019-8323\",\n \"CVE-2019-8324\",\n \"CVE-2019-8325\"\n );\n\n script_name(english:\"EulerOS 2.0 SP5 : ruby (EulerOS-SA-2019-1597)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the ruby packages installed, the EulerOS\ninstallation on the remote host is affected by the following\nvulnerabilities :\n\n - rubygems: Installing a malicious gem may lead to\n arbitrary code execution (CVE-2019-8324)\n\n - rubygems: Escape sequence injection vulnerability in\n gem owner (CVE-2019-8322)\n\n - rubygems: Escape sequence injection vulnerability in\n API response handling (CVE-2019-8323)\n\n - rubygems: Escape sequence injection vulnerability in\n errors (CVE-2019-8325)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1597\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e9b827e3\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected ruby packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ruby-irb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ruby-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(5)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"ruby-2.0.0.648-33.h13.eulerosv2r7\",\n \"ruby-irb-2.0.0.648-33.h13.eulerosv2r7\",\n \"ruby-libs-2.0.0.648-33.h13.eulerosv2r7\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"5\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ruby\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-01T15:13:24", "description": "Several vulnerabilities have been discovered in rubygems embedded in ruby2.1, the interpreted scripting language.\n\nCVE-2019-8320\n\nA Directory Traversal issue was discovered in RubyGems. Before making new directories or touching files (which now include path-checking code for symlinks), it would delete the target destination.\n\nCVE-2019-8322\n\nThe gem owner command outputs the contents of the API response directly to stdout. Therefore, if the response is crafted, escape sequence injection may occur.\n\nCVE-2019-8323\n\nGem::GemcutterUtilities#with_response may output the API response to stdout as it is. Therefore, if the API side modifies the response, escape sequence injection may occur.\n\nCVE-2019-8324\n\nA crafted gem with a multi-line name is not handled correctly.\nTherefore, an attacker could inject arbitrary code to the stub line of gemspec, which is eval-ed by code in ensure_loadable_spec during the preinstall check.\n\nCVE-2019-8325\n\nAn issue was discovered in RubyGems 2.6 and later through 3.0.2. Since Gem::CommandManager#run calls alert_error without escaping, escape sequence injection is possible. (There are many ways to cause an error.)\n\nFor Debian 8 'Jessie', these problems have been fixed in version 2.1.5-2+deb8u7.\n\nWe recommend that you upgrade your ruby2.1 packages.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-04-01T00:00:00", "type": "nessus", "title": "Debian DLA-1735-1 : ruby2.1 security update", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 9.2, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8320", "CVE-2019-8322", "CVE-2019-8323", "CVE-2019-8324", "CVE-2019-8325"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libruby2.1", "p-cpe:/a:debian:debian_linux:ruby2.1", "p-cpe:/a:debian:debian_linux:ruby2.1-dev", "p-cpe:/a:debian:debian_linux:ruby2.1-doc", "p-cpe:/a:debian:debian_linux:ruby2.1-tcltk", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DLA-1735.NASL", "href": "https://www.tenable.com/plugins/nessus/123522", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-1735-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(123522);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2019-8320\", \"CVE-2019-8322\", \"CVE-2019-8323\", \"CVE-2019-8324\", \"CVE-2019-8325\");\n\n script_name(english:\"Debian DLA-1735-1 : ruby2.1 security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in rubygems embedded in\nruby2.1, the interpreted scripting language.\n\nCVE-2019-8320\n\nA Directory Traversal issue was discovered in RubyGems. Before making\nnew directories or touching files (which now include path-checking\ncode for symlinks), it would delete the target destination.\n\nCVE-2019-8322\n\nThe gem owner command outputs the contents of the API response\ndirectly to stdout. Therefore, if the response is crafted, escape\nsequence injection may occur.\n\nCVE-2019-8323\n\nGem::GemcutterUtilities#with_response may output the API response to\nstdout as it is. Therefore, if the API side modifies the response,\nescape sequence injection may occur.\n\nCVE-2019-8324\n\nA crafted gem with a multi-line name is not handled correctly.\nTherefore, an attacker could inject arbitrary code to the stub line of\ngemspec, which is eval-ed by code in ensure_loadable_spec during the\npreinstall check.\n\nCVE-2019-8325\n\nAn issue was discovered in RubyGems 2.6 and later through 3.0.2. Since\nGem::CommandManager#run calls alert_error without escaping, escape\nsequence injection is possible. (There are many ways to cause an\nerror.)\n\nFor Debian 8 'Jessie', these problems have been fixed in version\n2.1.5-2+deb8u7.\n\nWe recommend that you upgrade your ruby2.1 packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2019/03/msg00037.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/ruby2.1\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-8320\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libruby2.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ruby2.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ruby2.1-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ruby2.1-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ruby2.1-tcltk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/06/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/04/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"libruby2.1\", reference:\"2.1.5-2+deb8u7\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ruby2.1\", reference:\"2.1.5-2+deb8u7\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ruby2.1-dev\", reference:\"2.1.5-2+deb8u7\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ruby2.1-doc\", reference:\"2.1.5-2+deb8u7\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ruby2.1-tcltk\", reference:\"2.1.5-2+deb8u7\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 8.8, "vector": "AV:N/AC:M/Au:N/C:N/I:C/A:C"}}, {"lastseen": "2023-01-11T15:19:59", "description": "According to the versions of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - rubygems: Installing a malicious gem may lead to arbitrary code execution (CVE-2019-8324)\n\n - rubygems: Escape sequence injection vulnerability in gem owner (CVE-2019-8322)\n\n - rubygems: Escape sequence injection vulnerability in API response handling (CVE-2019-8323)\n\n - rubygems: Escape sequence injection vulnerability in errors (CVE-2019-8325)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-07-22T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP2 : ruby (EulerOS-SA-2019-1718)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16395", "CVE-2018-16396", "CVE-2019-8322", "CVE-2019-8323", "CVE-2019-8324", "CVE-2019-8325"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:ruby", "p-cpe:/a:huawei:euleros:ruby-irb", "p-cpe:/a:huawei:euleros:ruby-libs", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2019-1718.NASL", "href": "https://www.tenable.com/plugins/nessus/126846", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(126846);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2018-16395\",\n \"CVE-2018-16396\",\n \"CVE-2019-8322\",\n \"CVE-2019-8323\",\n \"CVE-2019-8324\",\n \"CVE-2019-8325\"\n );\n\n script_name(english:\"EulerOS 2.0 SP2 : ruby (EulerOS-SA-2019-1718)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the ruby packages installed, the EulerOS\ninstallation on the remote host is affected by the following\nvulnerabilities :\n\n - rubygems: Installing a malicious gem may lead to\n arbitrary code execution (CVE-2019-8324)\n\n - rubygems: Escape sequence injection vulnerability in\n gem owner (CVE-2019-8322)\n\n - rubygems: Escape sequence injection vulnerability in\n API response handling (CVE-2019-8323)\n\n - rubygems: Escape sequence injection vulnerability in\n errors (CVE-2019-8325)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1718\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?076b6a05\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected ruby packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/07/22\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ruby-irb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ruby-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(2)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"ruby-2.0.0.648-33.h14\",\n \"ruby-irb-2.0.0.648-33.h14\",\n \"ruby-libs-2.0.0.648-33.h14\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"2\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ruby\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-01T15:40:11", "description": "An issue was discovered in RubyGems. The gem owner command outputs the contents of the API response directly to stdout. Therefore, if the response is crafted, escape sequence injection may occur.(CVE-2019-8322)\n\nAn issue was discovered in RubyGems.\nGem::GemcutterUtilities#with_response may output the API response to stdout as it is. Therefore, if the API side modifies the response, escape sequence injection may occur.(CVE-2019-8323)\n\nAn issue was discovered in RubyGems. Since Gem::UserInteraction#verbose calls say without escaping, escape sequence injection is possible.(CVE-2019-8321)\n\nA Directory Traversal issue was discovered in RubyGems. Before making new directories or touching files (which now include path-checking code for symlinks), it would delete the target destination. If that destination was hidden behind a symlink, a malicious gem could delete arbitrary files on the user's machine, presuming the attacker could guess at paths. Given how frequently gem is run as sudo, and how predictable paths are on modern systems (/tmp, /usr, etc.), this could likely lead to data loss or an unusable system.(CVE-2019-8320)\n\nAn issue was discovered in RubyGems. A crafted gem with a multi-line name is not handled correctly. Therefore, an attacker could inject arbitrary code to the stub line of gemspec, which is eval-ed by code in ensure_loadable_spec during the preinstall check.(CVE-2019-8324)\n\nAn issue was discovered in RubyGems. Since Gem::CommandManager#run calls alert_error without escaping, escape sequence injection is possible. (There are many ways to cause an error.)(CVE-2019-8325)", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-08-13T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : ruby20 / ruby21, ruby24 (ALAS-2019-1255)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 9.2, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8320", "CVE-2019-8321", "CVE-2019-8322", "CVE-2019-8323", "CVE-2019-8324", "CVE-2019-8325"], "modified": "2022-05-23T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:ruby20", "p-cpe:/a:amazon:linux:ruby20-debuginfo", "p-cpe:/a:amazon:linux:ruby20-devel", "p-cpe:/a:amazon:linux:ruby20-doc", "p-cpe:/a:amazon:linux:ruby20-irb", "p-cpe:/a:amazon:linux:ruby20-libs", "p-cpe:/a:amazon:linux:ruby21", "p-cpe:/a:amazon:linux:ruby21-debuginfo", "p-cpe:/a:amazon:linux:ruby21-devel", "p-cpe:/a:amazon:linux:ruby21-doc", "p-cpe:/a:amazon:linux:ruby21-irb", "p-cpe:/a:amazon:linux:ruby21-libs", "p-cpe:/a:amazon:linux:ruby24", "p-cpe:/a:amazon:linux:ruby24-debuginfo", "p-cpe:/a:amazon:linux:ruby24-devel", "p-cpe:/a:amazon:linux:ruby24-doc", "p-cpe:/a:amazon:linux:ruby24-irb", "p-cpe:/a:amazon:linux:ruby24-libs", "p-cpe:/a:amazon:linux:rubygem20-bigdecimal", "p-cpe:/a:amazon:linux:rubygem20-io-console", "p-cpe:/a:amazon:linux:rubygem20-psych", "p-cpe:/a:amazon:linux:rubygem21-bigdecimal", "p-cpe:/a:amazon:linux:rubygem21-io-console", "p-cpe:/a:amazon:linux:rubygem21-psych", "p-cpe:/a:amazon:linux:rubygem24-bigdecimal", "p-cpe:/a:amazon:linux:rubygem24-did_you_mean", "p-cpe:/a:amazon:linux:rubygem24-io-console", "p-cpe:/a:amazon:linux:rubygem24-json", "p-cpe:/a:amazon:linux:rubygem24-psych", "p-cpe:/a:amazon:linux:rubygem24-xmlrpc", "p-cpe:/a:amazon:linux:rubygems20", "p-cpe:/a:amazon:linux:rubygems20-devel", "p-cpe:/a:amazon:linux:rubygems21", "p-cpe:/a:amazon:linux:rubygems21-devel", "p-cpe:/a:amazon:linux:rubygems24", "p-cpe:/a:amazon:linux:rubygems24-devel", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2019-1255.NASL", "href": "https://www.tenable.com/plugins/nessus/127811", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2019-1255.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(127811);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/23\");\n\n script_cve_id(\"CVE-2019-8320\", \"CVE-2019-8321\", \"CVE-2019-8322\", \"CVE-2019-8323\", \"CVE-2019-8324\", \"CVE-2019-8325\");\n script_xref(name:\"ALAS\", value:\"2019-1255\");\n\n script_name(english:\"Amazon Linux AMI : ruby20 / ruby21, ruby24 (ALAS-2019-1255)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"An issue was discovered in RubyGems. The gem owner command outputs the\ncontents of the API response directly to stdout. Therefore, if the\nresponse is crafted, escape sequence injection may\noccur.(CVE-2019-8322)\n\nAn issue was discovered in RubyGems.\nGem::GemcutterUtilities#with_response may output the API response to\nstdout as it is. Therefore, if the API side modifies the response,\nescape sequence injection may occur.(CVE-2019-8323)\n\nAn issue was discovered in RubyGems. Since\nGem::UserInteraction#verbose calls say without escaping, escape\nsequence injection is possible.(CVE-2019-8321)\n\nA Directory Traversal issue was discovered in RubyGems. Before making\nnew directories or touching files (which now include path-checking\ncode for symlinks), it would delete the target destination. If that\ndestination was hidden behind a symlink, a malicious gem could delete\narbitrary files on the user's machine, presuming the attacker could\nguess at paths. Given how frequently gem is run as sudo, and how\npredictable paths are on modern systems (/tmp, /usr, etc.), this could\nlikely lead to data loss or an unusable system.(CVE-2019-8320)\n\nAn issue was discovered in RubyGems. A crafted gem with a multi-line\nname is not handled correctly. Therefore, an attacker could inject\narbitrary code to the stub line of gemspec, which is eval-ed by code\nin ensure_loadable_spec during the preinstall check.(CVE-2019-8324)\n\nAn issue was discovered in RubyGems. Since Gem::CommandManager#run\ncalls alert_error without escaping, escape sequence injection is\npossible. (There are many ways to cause an error.)(CVE-2019-8325)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2019-1255.html\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Run 'yum update ruby20' to update your system.\n\nRun 'yum update ruby21' to update your system.\n\nRun 'yum update ruby24' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-8320\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby20\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby20-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby20-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby20-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby20-irb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby20-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby21\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby21-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby21-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby21-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby21-irb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby21-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby24\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby24-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby24-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby24-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby24-irb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby24-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygem20-bigdecimal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygem20-io-console\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygem20-psych\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygem21-bigdecimal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygem21-io-console\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygem21-psych\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygem24-bigdecimal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygem24-did_you_mean\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygem24-io-console\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygem24-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygem24-psych\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygem24-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygems20\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygems20-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygems21\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygems21-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygems24\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygems24-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/06/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/13\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"ruby20-2.0.0.648-1.32.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"ruby20-debuginfo-2.0.0.648-1.32.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"ruby20-devel-2.0.0.648-1.32.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"ruby20-doc-2.0.0.648-1.32.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"ruby20-irb-2.0.0.648-1.32.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"ruby20-libs-2.0.0.648-1.32.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"ruby21-2.1.9-1.22.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"ruby21-debuginfo-2.1.9-1.22.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"ruby21-devel-2.1.9-1.22.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"ruby21-doc-2.1.9-1.22.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"ruby21-irb-2.1.9-1.22.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"ruby21-libs-2.1.9-1.22.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"ruby24-2.4.5-1.30.11.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"ruby24-debuginfo-2.4.5-1.30.11.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"ruby24-devel-2.4.5-1.30.11.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"ruby24-doc-2.4.5-1.30.11.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"ruby24-irb-2.4.5-1.30.11.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"ruby24-libs-2.4.5-1.30.11.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"rubygem20-bigdecimal-1.2.0-1.32.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"rubygem20-io-console-0.4.2-1.32.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"rubygem20-psych-2.0.0-1.32.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"rubygem21-bigdecimal-1.2.4-1.22.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"rubygem21-io-console-0.4.3-1.22.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"rubygem21-psych-2.0.5-1.22.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"rubygem24-bigdecimal-1.3.2-1.30.11.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"rubygem24-did_you_mean-1.1.0-1.30.11.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"rubygem24-io-console-0.4.6-1.30.11.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"rubygem24-json-2.0.4-1.30.11.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"rubygem24-psych-2.2.2-1.30.11.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"rubygem24-xmlrpc-0.2.1-1.30.11.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"rubygems20-2.0.14.1-1.32.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"rubygems20-devel-2.0.14.1-1.32.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"rubygems21-2.2.5-1.22.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"rubygems21-devel-2.2.5-1.22.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"rubygems24-2.6.14.3-1.30.11.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"rubygems24-devel-2.6.14.3-1.30.11.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ruby20 / ruby20-debuginfo / ruby20-devel / ruby20-doc / ruby20-irb / etc\");\n}\n", "cvss": {"score": 8.8, "vector": "AV:N/AC:M/Au:N/C:N/I:C/A:C"}}, {"lastseen": "2023-02-01T15:13:26", "description": "RubyGems Security Advisories :\n\nCVE-2019-8320: Delete directory using symlink when decompressing tar\n\nCVE-2019-8321: Escape sequence injection vulnerability in 'verbose'\n\nCVE-2019-8322: Escape sequence injection vulnerability in 'gem owner'\n\nCVE-2019-8323: Escape sequence injection vulnerability in API response handling\n\nCVE-2019-8324: Installing a malicious gem may lead to arbitrary code execution\n\nCVE-2019-8325: Escape sequence injection vulnerability in errors", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-03-18T00:00:00", "type": "nessus", "title": "FreeBSD : RubyGems -- multiple vulnerabilities (27b12d04-4722-11e9-8b7c-b5e01141761f)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 9.2, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8320", "CVE-2019-8321", "CVE-2019-8322", "CVE-2019-8323", "CVE-2019-8324", "CVE-2019-8325"], "modified": "2022-05-24T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:ruby23-gems", "p-cpe:/a:freebsd:freebsd:ruby24-gems", "p-cpe:/a:freebsd:freebsd:ruby25-gems", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_27B12D04472211E98B7CB5E01141761F.NASL", "href": "https://www.tenable.com/plugins/nessus/122883", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2022 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(122883);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/24\");\n\n script_cve_id(\"CVE-2019-8320\", \"CVE-2019-8321\", \"CVE-2019-8322\", \"CVE-2019-8323\", \"CVE-2019-8324\", \"CVE-2019-8325\");\n\n script_name(english:\"FreeBSD : RubyGems -- multiple vulnerabilities (27b12d04-4722-11e9-8b7c-b5e01141761f)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"RubyGems Security Advisories :\n\nCVE-2019-8320: Delete directory using symlink when decompressing tar\n\nCVE-2019-8321: Escape sequence injection vulnerability in 'verbose'\n\nCVE-2019-8322: Escape sequence injection vulnerability in 'gem owner'\n\nCVE-2019-8323: Escape sequence injection vulnerability in API response\nhandling\n\nCVE-2019-8324: Installing a malicious gem may lead to arbitrary code\nexecution\n\nCVE-2019-8325: Escape sequence injection vulnerability in errors\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://blog.rubygems.org/2019/03/05/security-advisories-2019-03.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://github.com/rubygems/rubygems/blob/master/History.txt\"\n );\n # https://vuxml.freebsd.org/freebsd/27b12d04-4722-11e9-8b7c-b5e01141761f.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?430f1e1b\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-8320\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:ruby23-gems\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:ruby24-gems\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:ruby25-gems\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/03/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/18\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"ruby23-gems<3.0.2\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"ruby24-gems<3.0.2\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"ruby25-gems<3.0.2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 8.8, "vector": "AV:N/AC:M/Au:N/C:N/I:C/A:C"}}, {"lastseen": "2021-08-19T12:27:22", "description": "Rebase to latest minor version fixes CVE-2019-8320 CVE-2019-8321 CVE-2019-8322 CVE-2019-8323 CVE-2019-8324 CVE-2019-8325\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-05-03T00:00:00", "type": "nessus", "title": "Fedora 29 : ruby (2019-a155364f3c)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-8320", "CVE-2019-8321", "CVE-2019-8322", "CVE-2019-8323", "CVE-2019-8324", "CVE-2019-8325"], "modified": "2020-01-21T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:ruby", "cpe:/o:fedoraproject:fedora:29"], "id": "FEDORA_2019-A155364F3C.NASL", "href": "https://www.tenable.com/plugins/nessus/124574", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-a155364f3c.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(124574);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2020/01/21\");\n\n script_cve_id(\"CVE-2019-8320\", \"CVE-2019-8321\", \"CVE-2019-8322\", \"CVE-2019-8323\", \"CVE-2019-8324\", \"CVE-2019-8325\");\n script_xref(name:\"FEDORA\", value:\"2019-a155364f3c\");\n\n script_name(english:\"Fedora 29 : ruby (2019-a155364f3c)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Rebase to latest minor version fixes CVE-2019-8320 CVE-2019-8321\nCVE-2019-8322 CVE-2019-8323 CVE-2019-8324 CVE-2019-8325\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-a155364f3c\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected ruby package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-8320\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:29\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/06/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^29([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 29\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC29\", reference:\"ruby-2.5.5-101.fc29\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ruby\");\n}\n", "cvss": {"score": 8.8, "vector": "AV:N/AC:M/Au:N/C:N/I:C/A:C"}}, {"lastseen": "2023-02-01T15:16:22", "description": "Several vulnerabilities have been discovered in the Rubygems included in the interpreter for the Ruby language, which may result in denial of service or the execution of arbitrary code.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-04-17T00:00:00", "type": "nessus", "title": "Debian DSA-4433-1 : ruby2.3 - security update", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 9.2, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8320", "CVE-2019-8321", "CVE-2019-8322", "CVE-2019-8323", "CVE-2019-8324", "CVE-2019-8325"], "modified": "2022-05-23T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:ruby2.3", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DSA-4433.NASL", "href": "https://www.tenable.com/plugins/nessus/124096", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4433. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(124096);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/23\");\n\n script_cve_id(\"CVE-2019-8320\", \"CVE-2019-8321\", \"CVE-2019-8322\", \"CVE-2019-8323\", \"CVE-2019-8324\", \"CVE-2019-8325\");\n script_xref(name:\"DSA\", value:\"4433\");\n\n script_name(english:\"Debian DSA-4433-1 : ruby2.3 - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Several vulnerabilities have been discovered in the Rubygems included\nin the interpreter for the Ruby language, which may result in denial\nof service or the execution of arbitrary code.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/ruby2.3\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/ruby2.3\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2019/dsa-4433\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Upgrade the ruby2.3 packages.\n\nFor the stable distribution (stretch), these problems have been fixed\nin version 2.3.3-1+deb9u6.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-8320\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ruby2.3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/06/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/04/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/04/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"9.0\", prefix:\"libruby2.3\", reference:\"2.3.3-1+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"ruby2.3\", reference:\"2.3.3-1+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"ruby2.3-dev\", reference:\"2.3.3-1+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"ruby2.3-doc\", reference:\"2.3.3-1+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"ruby2.3-tcltk\", reference:\"2.3.3-1+deb9u6\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 8.8, "vector": "AV:N/AC:M/Au:N/C:N/I:C/A:C"}}, {"lastseen": "2021-08-19T12:22:40", "description": "Rebase to latest minor version fixes CVE-2019-8320 CVE-2019-8321 CVE-2019-8322 CVE-2019-8323 CVE-2019-8324 CVE-2019-8325\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-05-10T00:00:00", "type": "nessus", "title": "Fedora 28 : ruby (2019-feac6674b7)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-8320", "CVE-2019-8321", "CVE-2019-8322", "CVE-2019-8323", "CVE-2019-8324", "CVE-2019-8325"], "modified": "2020-01-21T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:ruby", "cpe:/o:fedoraproject:fedora:28"], "id": "FEDORA_2019-FEAC6674B7.NASL", "href": "https://www.tenable.com/plugins/nessus/124728", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-feac6674b7.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(124728);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2020/01/21\");\n\n script_cve_id(\"CVE-2019-8320\", \"CVE-2019-8321\", \"CVE-2019-8322\", \"CVE-2019-8323\", \"CVE-2019-8324\", \"CVE-2019-8325\");\n script_xref(name:\"FEDORA\", value:\"2019-feac6674b7\");\n\n script_name(english:\"Fedora 28 : ruby (2019-feac6674b7)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Rebase to latest minor version fixes CVE-2019-8320 CVE-2019-8321\nCVE-2019-8322 CVE-2019-8323 CVE-2019-8324 CVE-2019-8325\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-feac6674b7\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected ruby package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-8320\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:28\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/06/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^28([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 28\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC28\", reference:\"ruby-2.5.5-108.fc28\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ruby\");\n}\n", "cvss": {"score": 8.8, "vector": "AV:N/AC:M/Au:N/C:N/I:C/A:C"}}, {"lastseen": "2023-01-26T14:39:31", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2769 advisory.\n\n - ruby: Tainted flags are not propagated in Array#pack and String#unpack with some directives (CVE-2018-16396)\n\n - rubygems: Escape sequence injection vulnerability in verbose (CVE-2019-8321)\n\n - rubygems: Escape sequence injection vulnerability in gem owner (CVE-2019-8322)\n\n - rubygems: Escape sequence injection vulnerability in API response handling (CVE-2019-8323)\n\n - rubygems: Installing a malicious gem may lead to arbitrary code execution (CVE-2019-8324)\n\n - rubygems: Escape sequence injection vulnerability in errors (CVE-2019-8325)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2020-06-30T00:00:00", "type": "nessus", "title": "RHEL 7 : ruby (RHSA-2020:2769)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16396", "CVE-2019-8321", "CVE-2019-8322", "CVE-2019-8323", "CVE-2019-8324", "CVE-2019-8325"], "modified": "2023-01-23T00:00:00", "cpe": ["cpe:2.3:o:redhat:rhel_aus:7.4:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:rhel_e4s:7.4:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:rhel_tus:7.4:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:ruby:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:ruby-devel:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:ruby-libs:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:ruby-tcltk:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:rubygem-json:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:rubygem-rake:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:rubygems:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:ruby-irb:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:rubygem-rdoc:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:ruby-doc:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:rubygem-bigdecimal:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:rubygem-io-console:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:rubygem-minitest:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:rubygem-psych:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:rubygems-devel:*:*:*:*:*:*:*"], "id": "REDHAT-RHSA-2020-2769.NASL", "href": "https://www.tenable.com/plugins/nessus/137897", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:2769. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(137897);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/23\");\n\n script_cve_id(\n \"CVE-2018-16396\",\n \"CVE-2019-8321\",\n \"CVE-2019-8322\",\n \"CVE-2019-8323\",\n \"CVE-2019-8324\",\n \"CVE-2019-8325\"\n );\n script_bugtraq_id(105955);\n script_xref(name:\"RHSA\", value:\"2020:2769\");\n\n script_name(english:\"RHEL 7 : ruby (RHSA-2020:2769)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:2769 advisory.\n\n - ruby: Tainted flags are not propagated in Array#pack and String#unpack with some directives\n (CVE-2018-16396)\n\n - rubygems: Escape sequence injection vulnerability in verbose (CVE-2019-8321)\n\n - rubygems: Escape sequence injection vulnerability in gem owner (CVE-2019-8322)\n\n - rubygems: Escape sequence injection vulnerability in API response handling (CVE-2019-8323)\n\n - rubygems: Installing a malicious gem may lead to arbitrary code execution (CVE-2019-8324)\n\n - rubygems: Escape sequence injection vulnerability in errors (CVE-2019-8325)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2018-16396\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8321\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8322\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8323\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8324\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8325\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:2769\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1643089\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1692514\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1692516\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1692519\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1692520\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1692522\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-8324\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 88);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/06/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/06/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:7.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:7.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:7.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-irb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-tcltk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-bigdecimal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-io-console\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-minitest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-psych\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-rake\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-rdoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygems\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygems-devel\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'eq', os_version: os_ver, rhel_version: '7.4')) audit(AUDIT_OS_NOT, 'Red Hat 7.4', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel/server/7/7.4/x86_64/debug',\n 'content/aus/rhel/server/7/7.4/x86_64/optional/debug',\n 'content/aus/rhel/server/7/7.4/x86_64/optional/os',\n 'content/aus/rhel/server/7/7.4/x86_64/optional/source/SRPMS',\n 'content/aus/rhel/server/7/7.4/x86_64/os',\n 'content/aus/rhel/server/7/7.4/x86_64/source/SRPMS',\n 'content/e4s/rhel/server/7/7.4/x86_64/debug',\n 'content/e4s/rhel/server/7/7.4/x86_64/highavailability/debug',\n 'content/e4s/rhel/server/7/7.4/x86_64/highavailability/os',\n 'content/e4s/rhel/server/7/7.4/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel/server/7/7.4/x86_64/optional/debug',\n 'content/e4s/rhel/server/7/7.4/x86_64/optional/os',\n 'content/e4s/rhel/server/7/7.4/x86_64/optional/source/SRPMS',\n 'content/e4s/rhel/server/7/7.4/x86_64/os',\n 'content/e4s/rhel/server/7/7.4/x86_64/sap-hana/debug',\n 'content/e4s/rhel/server/7/7.4/x86_64/sap-hana/os',\n 'content/e4s/rhel/server/7/7.4/x86_64/sap-hana/source/SRPMS',\n 'content/e4s/rhel/server/7/7.4/x86_64/sap/debug',\n 'content/e4s/rhel/server/7/7.4/x86_64/sap/os',\n 'content/e4s/rhel/server/7/7.4/x86_64/sap/source/SRPMS',\n 'content/e4s/rhel/server/7/7.4/x86_64/source/SRPMS',\n 'content/tus/rhel/server/7/7.4/x86_64/debug',\n 'content/tus/rhel/server/7/7.4/x86_64/optional/debug',\n 'content/tus/rhel/server/7/7.4/x86_64/optional/os',\n 'content/tus/rhel/server/7/7.4/x86_64/optional/source/SRPMS',\n 'content/tus/rhel/server/7/7.4/x86_64/os',\n 'content/tus/rhel/server/7/7.4/x86_64/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'ruby-2.0.0.648-37.el7_4', 'sp':'4', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ruby-devel-2.0.0.648-37.el7_4', 'sp':'4', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ruby-doc-2.0.0.648-37.el7_4', 'sp':'4', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ruby-irb-2.0.0.648-37.el7_4', 'sp':'4', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ruby-libs-2.0.0.648-37.el7_4', 'sp':'4', 'cpu':'i686', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ruby-libs-2.0.0.648-37.el7_4', 'sp':'4', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ruby-tcltk-2.0.0.648-37.el7_4', 'sp':'4', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygem-bigdecimal-1.2.0-37.el7_4', 'sp':'4', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygem-io-console-0.4.2-37.el7_4', 'sp':'4', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygem-json-1.7.7-37.el7_4', 'sp':'4', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygem-minitest-4.3.2-37.el7_4', 'sp':'4', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygem-psych-2.0.0-37.el7_4', 'sp':'4', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygem-rake-0.9.6-37.el7_4', 'sp':'4', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygem-rdoc-4.0.0-37.el7_4', 'sp':'4', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygems-2.0.14.1-37.el7_4', 'sp':'4', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygems-devel-2.0.14.1-37.el7_4', 'sp':'4', 'release':'7', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var subscription_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in the Red Hat Enterprise Linux\\n' +\n 'Advanced Update Support, Telco Extended Update Support or Update Services for SAP Solutions repositories.\\n' +\n 'Access to these repositories requires a paid RHEL subscription.\\n';\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = subscription_caveat + rpm_report_get() + redhat_report_repo_caveat();\n else extra = subscription_caveat + rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'ruby / ruby-devel / ruby-doc / ruby-irb / ruby-libs / ruby-tcltk / etc');\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:22:52", "description": "According to the versions of the ruby packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities :\n\n - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks.Security Fix(es):An issue was discovered in the OpenSSL library in Ruby before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.2, and 2.6.x before 2.6.0-preview3. When two OpenSSL::X509::Name objects are compared using ==, depending on the ordering, non-equal objects may return true. When the first argument is one character longer than the second, or the second argument contains a character that is one less than a character in the same position of the first argument, the result of == will be true. This could be leveraged to create an illegitimate certificate that may be accepted as legitimate and then used in signing or encryption operations.(CVE-2018-16395)An issue was discovered in Ruby before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.2, and 2.6.x before 2.6.0-preview3. It does not taint strings that result from unpacking tainted strings with some formats.(CVE-2018-16396)** RESERVED\n ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.(CVE-2019-8322)** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem.\n When the candidate has been publicized, the details for this candidate will be provided.(CVE-2019-8323)** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.(CVE-2019-8324)** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.(CVE-2019-8325)An exploitable heap overflow vulnerability exists in the Fiddle::Function.new ''initialize'' function functionality of Ruby. In Fiddle::Function.new ''initialize'' heap buffer ''arg_types'' allocation is made based on args array length. Specially constructed object passed as element of args array can increase this array size after mentioned allocation and cause heap overflow.(CVE-2016-2339)Type confusion exists in\n _cancel_eval Ruby's TclTkIp class method. Attacker passing different type of object than String as ''retval'' argument can cause arbitrary code execution.(CVE-2016-2337)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-05-30T00:00:00", "type": "nessus", "title": "EulerOS Virtualization for ARM 64 3.0.2.0 : ruby (EulerOS-SA-2019-1617)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2337", "CVE-2016-2339", "CVE-2018-16395", "CVE-2018-16396", "CVE-2019-8322", "CVE-2019-8323", "CVE-2019-8324", "CVE-2019-8325"], "modified": "2021-07-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:ruby", "p-cpe:/a:huawei:euleros:ruby-irb", "p-cpe:/a:huawei:euleros:ruby-libs", "p-cpe:/a:huawei:euleros:rubygem-bigdecimal", "p-cpe:/a:huawei:euleros:rubygem-io-console", "p-cpe:/a:huawei:euleros:rubygem-json", "p-cpe:/a:huawei:euleros:rubygem-psych", "p-cpe:/a:huawei:euleros:rubygem-rdoc", "p-cpe:/a:huawei:euleros:rubygems", "cpe:/o:huawei:euleros:uvp:3.0.2.0"], "id": "EULEROS_SA-2019-1617.NASL", "href": "https://www.tenable.com/plugins/nessus/125569", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(125569);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/07/06\");\n\n script_cve_id(\n \"CVE-2016-2337\",\n \"CVE-2016-2339\",\n \"CVE-2018-16395\",\n \"CVE-2018-16396\",\n \"CVE-2019-8322\",\n \"CVE-2019-8323\",\n \"CVE-2019-8324\",\n \"CVE-2019-8325\"\n );\n\n script_name(english:\"EulerOS Virtualization for ARM 64 3.0.2.0 : ruby (EulerOS-SA-2019-1617)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization for ARM 64 host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the ruby packages installed, the EulerOS\nVirtualization for ARM 64 installation on the remote host is affected\nby the following vulnerabilities :\n\n - Ruby is an extensible, interpreted, object-oriented,\n scripting language. It has features to process text\n files and to perform system management tasks.Security\n Fix(es):An issue was discovered in the OpenSSL library\n in Ruby before 2.3.8, 2.4.x before 2.4.5, 2.5.x before\n 2.5.2, and 2.6.x before 2.6.0-preview3. When two\n OpenSSL::X509::Name objects are compared using ==,\n depending on the ordering, non-equal objects may return\n true. When the first argument is one character longer\n than the second, or the second argument contains a\n character that is one less than a character in the same\n position of the first argument, the result of == will\n be true. This could be leveraged to create an\n illegitimate certificate that may be accepted as\n legitimate and then used in signing or encryption\n operations.(CVE-2018-16395)An issue was discovered in\n Ruby before 2.3.8, 2.4.x before 2.4.5, 2.5.x before\n 2.5.2, and 2.6.x before 2.6.0-preview3. It does not\n taint strings that result from unpacking tainted\n strings with some formats.(CVE-2018-16396)** RESERVED\n ** This candidate has been reserved by an organization\n or individual that will use it when announcing a new\n security problem. When the candidate has been\n publicized, the details for this candidate will be\n provided.(CVE-2019-8322)** RESERVED ** This candidate\n has been reserved by an organization or individual that\n will use it when announcing a new security problem.\n When the candidate has been publicized, the details for\n this candidate will be provided.(CVE-2019-8323)**\n RESERVED ** This candidate has been reserved by an\n organization or individual that will use it when\n announcing a new security problem. When the candidate\n has been publicized, the details for this candidate\n will be provided.(CVE-2019-8324)** RESERVED ** This\n candidate has been reserved by an organization or\n individual that will use it when announcing a new\n security problem. When the candidate has been\n publicized, the details for this candidate will be\n provided.(CVE-2019-8325)An exploitable heap overflow\n vulnerability exists in the Fiddle::Function.new\n ''initialize'' function functionality of Ruby. In\n Fiddle::Function.new ''initialize'' heap buffer\n ''arg_types'' allocation is made based on args array\n length. Specially constructed object passed as element\n of args array can increase this array size after\n mentioned allocation and cause heap\n overflow.(CVE-2016-2339)Type confusion exists in\n _cancel_eval Ruby's TclTkIp class method. Attacker\n passing different type of object than String as\n ''retval'' argument can cause arbitrary code\n execution.(CVE-2016-2337)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1617\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?5681a400\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected ruby packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ruby-irb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ruby-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:rubygem-bigdecimal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:rubygem-io-console\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:rubygem-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:rubygem-psych\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:rubygem-rdoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:rubygems\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.2.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.2.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"ruby-2.0.0.648-33.h13\",\n \"ruby-irb-2.0.0.648-33.h13\",\n \"ruby-libs-2.0.0.648-33.h13\",\n \"rubygem-bigdecimal-1.2.0-33.h13\",\n \"rubygem-io-console-0.4.2-33.h13\",\n \"rubygem-json-1.7.7-33.h13\",\n \"rubygem-psych-2.0.0-33.h13\",\n \"rubygem-rdoc-4.0.0-33.h13\",\n \"rubygems-2.0.14.1-33.h13\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ruby\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:22:56", "description": "Multiple vulnerabilities have been discovered in jruby, Java implementation of the Ruby programming language.\n\nCVE-2018-1000074\n\nDeserialization of Untrusted Data vulnerability in owner command that can result in code execution. This attack appear to be exploitable via victim must run the `gem owner` command on a gem with a specially crafted YAML file\n\nCVE-2018-1000075\n\nan infinite loop caused by negative size vulnerability in ruby gem package tar header that can result in a negative size could cause an infinite loop\n\nCVE-2018-1000076\n\nImproper Verification of Cryptographic Signature vulnerability in package.rb that can result in a mis-signed gem could be installed, as the tarball would contain multiple gem signatures.\n\nCVE-2018-1000077\n\nImproper Input Validation vulnerability in ruby gems specification homepage attribute that can result in a malicious gem could set an invalid homepage URL\n\nCVE-2018-1000078\n\nCross Site Scripting (XSS) vulnerability in gem server display of homepage attribute that can result in XSS. This attack appear to be exploitable via the victim must browse to a malicious gem on a vulnerable gem server\n\nCVE-2019-8321\n\nGem::UserInteraction#verbose calls say without escaping, escape sequence injection is possible\n\nCVE-2019-8322\n\nThe gem owner command outputs the contents of the API response directly to stdout. Therefore, if the response is crafted, escape sequence injection may occur\n\nCVE-2019-8323\n\nGem::GemcutterUtilities#with_response may output the API response to stdout as it is. Therefore, if the API side modifies the response, escape sequence injection may occur.\n\nCVE-2019-8324\n\nA crafted gem with a multi-line name is not handled correctly.\nTherefore, an attacker could inject arbitrary code to the stub line of gemspec\n\nCVE-2019-8325\n\nGem::CommandManager#run calls alert_error without escaping, escape sequence injection is possible. (There are many ways to cause an error.)\n\nFor Debian 8 'Jessie', these problems have been fixed in version 1.5.6-9+deb8u1.\n\nWe recommend that you upgrade your jruby packages.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-05-21T00:00:00", "type": "nessus", "title": "Debian DLA-1796-1 : jruby security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1000074", "CVE-2018-1000075", "CVE-2018-1000076", "CVE-2018-1000077", "CVE-2018-1000078", "CVE-2019-8321", "CVE-2019-8322", "CVE-2019-8323", "CVE-2019-8324", "CVE-2019-8325"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:jruby", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DLA-1796.NASL", "href": "https://www.tenable.com/plugins/nessus/125297", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-1796-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(125297);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2018-1000074\", \"CVE-2018-1000075\", \"CVE-2018-1000076\", \"CVE-2018-1000077\", \"CVE-2018-1000078\", \"CVE-2019-8321\", \"CVE-2019-8322\", \"CVE-2019-8323\", \"CVE-2019-8324\", \"CVE-2019-8325\");\n\n script_name(english:\"Debian DLA-1796-1 : jruby security update\");\n script_summary(english:\"Checks dpkg output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple vulnerabilities have been discovered in jruby, Java\nimplementation of the Ruby programming language.\n\nCVE-2018-1000074\n\nDeserialization of Untrusted Data vulnerability in owner command that\ncan result in code execution. This attack appear to be exploitable via\nvictim must run the `gem owner` command on a gem with a specially\ncrafted YAML file\n\nCVE-2018-1000075\n\nan infinite loop caused by negative size vulnerability in ruby gem\npackage tar header that can result in a negative size could cause an\ninfinite loop\n\nCVE-2018-1000076\n\nImproper Verification of Cryptographic Signature vulnerability in\npackage.rb that can result in a mis-signed gem could be installed, as\nthe tarball would contain multiple gem signatures.\n\nCVE-2018-1000077\n\nImproper Input Validation vulnerability in ruby gems specification\nhomepage attribute that can result in a malicious gem could set an\ninvalid homepage URL\n\nCVE-2018-1000078\n\nCross Site Scripting (XSS) vulnerability in gem server display of\nhomepage attribute that can result in XSS. This attack appear to be\nexploitable via the victim must browse to a malicious gem on a\nvulnerable gem server\n\nCVE-2019-8321\n\nGem::UserInteraction#verbose calls say without escaping, escape\nsequence injection is possible\n\nCVE-2019-8322\n\nThe gem owner command outputs the contents of the API response\ndirectly to stdout. Therefore, if the response is crafted, escape\nsequence injection may occur\n\nCVE-2019-8323\n\nGem::GemcutterUtilities#with_response may output the API response to\nstdout as it is. Therefore, if the API side modifies the response,\nescape sequence injection may occur.\n\nCVE-2019-8324\n\nA crafted gem with a multi-line name is not handled correctly.\nTherefore, an attacker could inject arbitrary code to the stub line of\ngemspec\n\nCVE-2019-8325\n\nGem::CommandManager#run calls alert_error without escaping, escape\nsequence injection is possible. (There are many ways to cause an\nerror.)\n\nFor Debian 8 'Jessie', these problems have been fixed in version\n1.5.6-9+deb8u1.\n\nWe recommend that you upgrade your jruby packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2019/05/msg00028.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/jruby\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Upgrade the affected jruby package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:jruby\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/03/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"jruby\", reference:\"1.5.6-9+deb8u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-03-06T14:44:07", "description": "Several vulnerabilities were fixed in JRuby, a 100% pure-Java implementation of Ruby.\n\nCVE-2017-17742 CVE-2019-16254\n\nHTTP Response Splitting attacks in the HTTP server of WEBrick.\n\nCVE-2019-16201\n\nRegular Expression Denial of Service vulnerability of WEBrick's Digest access authentication.\n\nCVE-2019-8320\n\nDelete directory using symlink when decompressing tar.\n\nCVE-2019-8321\n\nEscape sequence injection vulnerability in verbose.\n\nCVE-2019-8322\n\nEscape sequence injection vulnerability in gem owner.\n\nCVE-2019-8323\n\nEscape sequence injection vulnerability in API response handling.\n\nCVE-2019-8324\n\nInstalling a malicious gem may lead to arbitrary code execution.\n\nCVE-2019-8325\n\nEscape sequence injection vulnerability in errors.\n\nCVE-2019-16255\n\nCode injection vulnerability of Shell#[] and Shell#test.\n\nFor Debian 9 stretch, these problems have been fixed in version 1.7.26-1+deb9u2.\n\nWe recommend that you upgrade your jruby packages.\n\nFor the detailed security status of jruby please refer to its security tracker page at: https://security-tracker.debian.org/tracker/jruby\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2020-08-18T00:00:00", "type": "nessus", "title": "Debian DLA-2330-1 : jruby security update", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 9.2, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-17742", "CVE-2019-16201", "CVE-2019-16254", "CVE-2019-16255", "CVE-2019-8320", "CVE-2019-8321", "CVE-2019-8322", "CVE-2019-8323", "CVE-2019-8324", "CVE-2019-8325"], "modified": "2022-05-13T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:jruby", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DLA-2330.NASL", "href": "https://www.tenable.com/plugins/nessus/139628", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-2330-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(139628);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/13\");\n\n script_cve_id(\"CVE-2017-17742\", \"CVE-2019-16201\", \"CVE-2019-16254\", \"CVE-2019-16255\", \"CVE-2019-8320\", \"CVE-2019-8321\", \"CVE-2019-8322\", \"CVE-2019-8323\", \"CVE-2019-8324\", \"CVE-2019-8325\");\n\n script_name(english:\"Debian DLA-2330-1 : jruby security update\");\n script_summary(english:\"Checks dpkg output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Several vulnerabilities were fixed in JRuby, a 100% pure-Java\nimplementation of Ruby.\n\nCVE-2017-17742 CVE-2019-16254\n\nHTTP Response Splitting attacks in the HTTP server of WEBrick.\n\nCVE-2019-16201\n\nRegular Expression Denial of Service vulnerability of WEBrick's Digest\naccess authentication.\n\nCVE-2019-8320\n\nDelete directory using symlink when decompressing tar.\n\nCVE-2019-8321\n\nEscape sequence injection vulnerability in verbose.\n\nCVE-2019-8322\n\nEscape sequence injection vulnerability in gem owner.\n\nCVE-2019-8323\n\nEscape sequence injection vulnerability in API response handling.\n\nCVE-2019-8324\n\nInstalling a malicious gem may lead to arbitrary code execution.\n\nCVE-2019-8325\n\nEscape sequence injection vulnerability in errors.\n\nCVE-2019-16255\n\nCode injection vulnerability of Shell#[] and Shell#test.\n\nFor Debian 9 stretch, these problems have been fixed in version\n1.7.26-1+deb9u2.\n\nWe recommend that you upgrade your jruby packages.\n\nFor the detailed security status of jruby please refer to its security\ntracker page at: https://security-tracker.debian.org/tracker/jruby\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2020/08/msg00027.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/jruby\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/jruby\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Upgrade the affected jruby package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-8320\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:jruby\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/04/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/08/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/08/18\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"9.0\", prefix:\"jruby\", reference:\"1.7.26-1+deb9u2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 8.8, "vector": "AV:N/AC:M/Au:N/C:N/I:C/A:C"}}, {"lastseen": "2023-02-10T15:40:12", "description": "The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2019:1972 advisory.\n\n - rubygems: Installing a malicious gem may lead to arbitrary code execution (CVE-2019-8324)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-01-29T00:00:00", "type": "nessus", "title": "CentOS 8 : ruby:2.5 (CESA-2019:1972)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8324"], "modified": "2023-02-08T00:00:00", "cpe": ["cpe:/o:centos:centos:8", "p-cpe:/a:centos:centos:ruby", "p-cpe:/a:centos:centos:ruby-devel", "p-cpe:/a:centos:centos:ruby-doc", "p-cpe:/a:centos:centos:ruby-irb", "p-cpe:/a:centos:centos:ruby-libs", "p-cpe:/a:centos:centos:rubygem-abrt", "p-cpe:/a:centos:centos:rubygem-abrt-doc", "p-cpe:/a:centos:centos:rubygem-bigdecimal", "p-cpe:/a:centos:centos:rubygem-bson", "p-cpe:/a:centos:centos:rubygem-bson-doc", "p-cpe:/a:centos:centos:rubygem-bundler", "p-cpe:/a:centos:centos:rubygem-bundler-doc", "p-cpe:/a:centos:centos:rubygem-did_you_mean", "p-cpe:/a:centos:centos:rubygem-io-console", "p-cpe:/a:centos:centos:rubygem-json", "p-cpe:/a:centos:centos:rubygem-minitest", "p-cpe:/a:centos:centos:rubygem-mongo", "p-cpe:/a:centos:centos:rubygem-mongo-doc", "p-cpe:/a:centos:centos:rubygem-mysql2", "p-cpe:/a:centos:centos:rubygem-mysql2-doc", "p-cpe:/a:centos:centos:rubygem-net-telnet", "p-cpe:/a:centos:centos:rubygem-openssl", "p-cpe:/a:centos:centos:rubygem-pg", "p-cpe:/a:centos:centos:rubygem-pg-doc", "p-cpe:/a:centos:centos:rubygem-power_assert", "p-cpe:/a:centos:centos:rubygem-psych", "p-cpe:/a:centos:centos:rubygem-rake", "p-cpe:/a:centos:centos:rubygem-rdoc", "p-cpe:/a:centos:centos:rubygem-test-unit", "p-cpe:/a:centos:centos:rubygem-xmlrpc", "p-cpe:/a:centos:centos:rubygems", "p-cpe:/a:centos:centos:rubygems-devel"], "id": "CENTOS8_RHSA-2019-1972.NASL", "href": "https://www.tenable.com/plugins/nessus/145670", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# Red Hat Security Advisory RHSA-2019:1972. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(145670);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/08\");\n\n script_cve_id(\"CVE-2019-8324\");\n script_xref(name:\"RHSA\", value:\"2019:1972\");\n\n script_name(english:\"CentOS 8 : ruby:2.5 (CESA-2019:1972)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CentOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the\nCESA-2019:1972 advisory.\n\n - rubygems: Installing a malicious gem may lead to arbitrary code execution (CVE-2019-8324)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2019:1972\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-8324\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/04/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/01/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ruby-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ruby-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ruby-irb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ruby-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:rubygem-abrt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:rubygem-abrt-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:rubygem-bigdecimal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:rubygem-bson\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:rubygem-bson-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:rubygem-bundler\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:rubygem-bundler-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:rubygem-did_you_mean\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:rubygem-io-console\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:rubygem-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:rubygem-minitest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:rubygem-mongo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:rubygem-mongo-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:rubygem-mysql2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:rubygem-mysql2-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:rubygem-net-telnet\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:rubygem-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:rubygem-pg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:rubygem-pg-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:rubygem-power_assert\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:rubygem-psych\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:rubygem-rake\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:rubygem-rdoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:rubygem-test-unit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:rubygem-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:rubygems\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:rubygems-devel\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CentOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/CentOS/release');\nif (isnull(os_release) || 'CentOS' >!< os_release) audit(AUDIT_OS_NOT, 'CentOS');\nvar os_ver = pregmatch(pattern: \"CentOS(?: Stream)?(?: Linux)? release ([0-9]+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'CentOS');\nos_ver = os_ver[1];\nif ('CentOS Stream' >< os_release) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS Stream ' + os_ver);\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS ' + os_ver);\n\nif (!get_kb_item('Host/CentOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'CentOS', cpu);\n\nvar module_ver = get_kb_item('Host/RedHat/appstream/ruby');\nif (isnull(module_ver)) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module ruby:2.5');\nif ('2.5' >!< module_ver) audit(AUDIT_PACKAGE_NOT_AFFECTED, 'Module ruby:' + module_ver);\n\nvar appstreams = {\n 'ruby:2.5': [\n {'reference':'ruby-2.5.3-104.module_el8.0.0+179+565e49e2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ruby-2.5.3-104.module_el8.0.0+179+565e49e2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ruby-devel-2.5.3-104.module_el8.0.0+179+565e49e2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ruby-devel-2.5.3-104.module_el8.0.0+179+565e49e2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ruby-doc-2.5.3-104.module_el8.0.0+179+565e49e2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ruby-doc-2.5.3-104.module_el8.0.0+179+565e49e2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ruby-irb-2.5.3-104.module_el8.0.0+179+565e49e2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ruby-irb-2.5.3-104.module_el8.0.0+179+565e49e2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ruby-libs-2.5.3-104.module_el8.0.0+179+565e49e2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ruby-libs-2.5.3-104.module_el8.0.0+179+565e49e2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygem-abrt-0.3.0-4.module_el8.0.0+17+bd0735cc', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygem-abrt-0.3.0-4.module_el8.0.0+17+bd0735cc', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygem-abrt-doc-0.3.0-4.module_el8.0.0+17+bd0735cc', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygem-abrt-doc-0.3.0-4.module_el8.0.0+17+bd0735cc', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygem-bigdecimal-1.3.4-104.module_el8.0.0+179+565e49e2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygem-bigdecimal-1.3.4-104.module_el8.0.0+179+565e49e2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygem-bson-4.3.0-2.module_el8.0.0+17+bd0735cc', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygem-bson-4.3.0-2.module_el8.0.0+17+bd0735cc', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygem-bson-doc-4.3.0-2.module_el8.0.0+17+bd0735cc', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygem-bson-doc-4.3.0-2.module_el8.0.0+17+bd0735cc', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygem-bundler-1.16.1-3.module_el8.0.0+17+bd0735cc', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygem-bundler-1.16.1-3.module_el8.0.0+17+bd0735cc', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygem-bundler-doc-1.16.1-3.module_el8.0.0+17+bd0735cc', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygem-bundler-doc-1.16.1-3.module_el8.0.0+17+bd0735cc', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygem-did_you_mean-1.2.0-104.module_el8.0.0+179+565e49e2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygem-did_you_mean-1.2.0-104.module_el8.0.0+179+565e49e2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygem-io-console-0.4.6-104.module_el8.0.0+179+565e49e2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygem-io-console-0.4.6-104.module_el8.0.0+179+565e49e2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygem-json-2.1.0-104.module_el8.0.0+179+565e49e2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygem-json-2.1.0-104.module_el8.0.0+179+565e49e2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygem-minitest-5.10.3-104.module_el8.0.0+179+565e49e2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygem-minitest-5.10.3-104.module_el8.0.0+179+565e49e2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygem-mongo-2.5.1-2.module_el8.0.0+179+565e49e2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygem-mongo-2.5.1-2.module_el8.0.0+179+565e49e2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygem-mongo-doc-2.5.1-2.module_el8.0.0+179+565e49e2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygem-mongo-doc-2.5.1-2.module_el8.0.0+179+565e49e2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygem-mysql2-0.4.10-4.module_el8.0.0+179+565e49e2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygem-mysql2-0.4.10-4.module_el8.0.0+179+565e49e2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygem-mysql2-doc-0.4.10-4.module_el8.0.0+179+565e49e2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygem-mysql2-doc-0.4.10-4.module_el8.0.0+179+565e49e2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygem-net-telnet-0.1.1-104.module_el8.0.0+179+565e49e2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygem-net-telnet-0.1.1-104.module_el8.0.0+179+565e49e2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygem-openssl-2.1.2-104.module_el8.0.0+179+565e49e2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygem-openssl-2.1.2-104.module_el8.0.0+179+565e49e2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygem-pg-1.0.0-2.module_el8.0.0+179+565e49e2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygem-pg-1.0.0-2.module_el8.0.0+179+565e49e2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygem-pg-doc-1.0.0-2.module_el8.0.0+179+565e49e2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygem-pg-doc-1.0.0-2.module_el8.0.0+179+565e49e2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygem-power_assert-1.1.1-104.module_el8.0.0+179+565e49e2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygem-power_assert-1.1.1-104.module_el8.0.0+179+565e49e2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygem-psych-3.0.2-104.module_el8.0.0+179+565e49e2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygem-psych-3.0.2-104.module_el8.0.0+179+565e49e2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygem-rake-12.3.0-104.module_el8.0.0+179+565e49e2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygem-rake-12.3.0-104.module_el8.0.0+179+565e49e2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygem-rdoc-6.0.1-104.module_el8.0.0+179+565e49e2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygem-rdoc-6.0.1-104.module_el8.0.0+179+565e49e2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygem-test-unit-3.2.7-104.module_el8.0.0+179+565e49e2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygem-test-unit-3.2.7-104.module_el8.0.0+179+565e49e2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygem-xmlrpc-0.3.0-104.module_el8.0.0+179+565e49e2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygem-xmlrpc-0.3.0-104.module_el8.0.0+179+565e49e2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygems-2.7.6-104.module_el8.0.0+179+565e49e2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygems-2.7.6-104.module_el8.0.0+179+565e49e2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygems-devel-2.7.6-104.module_el8.0.0+179+565e49e2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygems-devel-2.7.6-104.module_el8.0.0+179+565e49e2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n};\n\nvar flag = 0;\nappstreams_found = 0;\nforeach module (keys(appstreams)) {\n var appstream = NULL;\n var appstream_name = NULL;\n var appstream_version = NULL;\n var appstream_split = split(module, sep:':', keep:FALSE);\n if (!empty_or_null(appstream_split)) {\n appstream_name = appstream_split[0];\n appstream_version = appstream_split[1];\n if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/RedHat/appstream/' + appstream_name);\n }\n if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {\n appstreams_found++;\n foreach package_array ( appstreams[module] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'CentOS-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && _release) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n }\n}\n\nif (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module ruby:2.5');\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'ruby / ruby-devel / ruby-doc / ruby-irb / ruby-libs / rubygem-abrt / etc');\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:24:04", "description": "An update for the ruby:2.5 module is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nRuby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks.\n\nSecurity Fix(es) :\n\n* rubygems: Installing a malicious gem may lead to arbitrary code execution (CVE-2019-8324)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-08-12T00:00:00", "type": "nessus", "title": "RHEL 8 : ruby:2.5 (RHSA-2019:1972)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8324"], "modified": "2021-03-24T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:ruby", "p-cpe:/a:redhat:enterprise_linux:ruby-debugsource", "p-cpe:/a:redhat:enterprise_linux:ruby-devel", "p-cpe:/a:redhat:enterprise_linux:ruby-doc", "p-cpe:/a:redhat:enterprise_linux:ruby-irb", "p-cpe:/a:redhat:enterprise_linux:ruby-libs", "p-cpe:/a:redhat:enterprise_linux:rubygem-abrt", "p-cpe:/a:redhat:enterprise_linux:rubygem-abrt-doc", "p-cpe:/a:redhat:enterprise_linux:rubygem-bigdecimal", "p-cpe:/a:redhat:enterprise_linux:rubygem-bson", "p-cpe:/a:redhat:enterprise_linux:rubygem-bson-debugsource", "p-cpe:/a:redhat:enterprise_linux:rubygem-bson-doc", "p-cpe:/a:redhat:enterprise_linux:rubygem-bundler", "p-cpe:/a:redhat:enterprise_linux:rubygem-bundler-doc", "p-cpe:/a:redhat:enterprise_linux:rubygem-did_you_mean", "p-cpe:/a:redhat:enterprise_linux:rubygem-io-console", "p-cpe:/a:redhat:enterprise_linux:rubygem-json", "p-cpe:/a:redhat:enterprise_linux:rubygem-minitest", "p-cpe:/a:redhat:enterprise_linux:rubygem-mongo", "p-cpe:/a:redhat:enterprise_linux:rubygem-mongo-doc", "p-cpe:/a:redhat:enterprise_linux:rubygem-mysql2", "p-cpe:/a:redhat:enterprise_linux:rubygem-mysql2-debugsource", "p-cpe:/a:redhat:enterprise_linux:rubygem-mysql2-doc", "p-cpe:/a:redhat:enterprise_linux:rubygem-net-telnet", "p-cpe:/a:redhat:enterprise_linux:rubygem-openssl", "p-cpe:/a:redhat:enterprise_linux:rubygem-pg", "p-cpe:/a:redhat:enterprise_linux:rubygem-pg-debugsource", "p-cpe:/a:redhat:enterprise_linux:rubygem-pg-doc", "p-cpe:/a:redhat:enterprise_linux:rubygem-power_assert", "p-cpe:/a:redhat:enterprise_linux:rubygem-psych", "p-cpe:/a:redhat:enterprise_linux:rubygem-rake", "p-cpe:/a:redhat:enterprise_linux:rubygem-rdoc", "p-cpe:/a:redhat:enterprise_linux:rubygem-test-unit", "p-cpe:/a:redhat:enterprise_linux:rubygem-xmlrpc", "p-cpe:/a:redhat:enterprise_linux:rubygems", "p-cpe:/a:redhat:enterprise_linux:rubygems-devel", "cpe:/o:redhat:enterprise_linux:8", "cpe:/o:redhat:enterprise_linux:8.0"], "id": "REDHAT-RHSA-2019-1972.NASL", "href": "https://www.tenable.com/plugins/nessus/127642", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2019:1972. The text\n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(127642);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/03/24\");\n\n script_cve_id(\"CVE-2019-8324\");\n script_xref(name:\"RHSA\", value:\"2019:1972\");\n\n script_name(english:\"RHEL 8 : ruby:2.5 (RHSA-2019:1972)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"An update for the ruby:2.5 module is now available for Red Hat\nEnterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nRuby is an extensible, interpreted, object-oriented, scripting\nlanguage. It has features to process text files and to perform system\nmanagement tasks.\n\nSecurity Fix(es) :\n\n* rubygems: Installing a malicious gem may lead to arbitrary code\nexecution (CVE-2019-8324)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2019:1972\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-8324\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-8324\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-irb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-abrt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-abrt-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-bigdecimal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-bson\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-bson-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-bson-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-bundler\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-bundler-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-did_you_mean\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-io-console\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-minitest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-mongo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-mongo-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-mysql2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-mysql2-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-mysql2-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-net-telnet\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-pg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-pg-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-pg-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-power_assert\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-psych\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-rake\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-rdoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-test-unit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygems\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygems-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/06/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 8.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nmodule_ver = get_kb_item('Host/RedHat/appstream/ruby');\nif (isnull(module_ver)) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module ruby:2.5');\nif ('2.5' >!< module_ver) audit(AUDIT_PACKAGE_NOT_AFFECTED, 'Module ruby:' + module_ver);\n\nappstreams = {\n 'ruby:2.5': [\n {'reference':'ruby-2.5.3-104.module+el8.0.0+3250+4b7d6d43', 'cpu':'aarch64', 'release':'8'},\n {'reference':'ruby-2.5.3-104.module+el8.0.0+3250+4b7d6d43', 'cpu':'i686', 'release':'8'},\n {'reference':'ruby-2.5.3-104.module+el8.0.0+3250+4b7d6d43', 'cpu':'s390x', 'release':'8'},\n {'reference':'ruby-2.5.3-104.module+el8.0.0+3250+4b7d6d43', 'cpu':'x86_64', 'release':'8'},\n {'reference':'ruby-debugsource-2.5.3-104.module+el8.0.0+3250+4b7d6d43', 'cpu':'aarch64', 'release':'8'},\n {'reference':'ruby-debugsource-2.5.3-104.module+el8.0.0+3250+4b7d6d43', 'cpu':'i686', 'release':'8'},\n {'reference':'ruby-debugsource-2.5.3-104.module+el8.0.0+3250+4b7d6d43', 'cpu':'s390x', 'release':'8'},\n {'reference':'ruby-debugsource-2.5.3-104.module+el8.0.0+3250+4b7d6d43', 'cpu':'x86_64', 'release':'8'},\n {'reference':'ruby-devel-2.5.3-104.module+el8.0.0+3250+4b7d6d43', 'cpu':'aarch64', 'release':'8'},\n {'reference':'ruby-devel-2.5.3-104.module+el8.0.0+3250+4b7d6d43', 'cpu':'i686', 'release':'8'},\n {'reference':'ruby-devel-2.5.3-104.module+el8.0.0+3250+4b7d6d43', 'cpu':'s390x', 'release':'8'},\n {'reference':'ruby-devel-2.5.3-104.module+el8.0.0+3250+4b7d6d43', 'cpu':'x86_64', 'release':'8'},\n {'reference':'ruby-doc-2.5.3-104.module+el8.0.0+3250+4b7d6d43', 'release':'8'},\n {'reference':'ruby-irb-2.5.3-104.module+el8.0.0+3250+4b7d6d43', 'release':'8'},\n {'reference':'ruby-libs-2.5.3-104.module+el8.0.0+3250+4b7d6d43', 'cpu':'aarch64', 'release':'8'},\n {'reference':'ruby-libs-2.5.3-104.module+el8.0.0+3250+4b7d6d43', 'cpu':'i686', 'release':'8'},\n {'reference':'ruby-libs-2.5.3-104.module+el8.0.0+3250+4b7d6d43', 'cpu':'s390x', 'release':'8'},\n {'reference':'ruby-libs-2.5.3-104.module+el8.0.0+3250+4b7d6d43', 'cpu':'x86_64', 'release':'8'},\n {'reference':'rubygem-abrt-0.3.0-4.module+el8.0.0+3250+4b7d6d43', 'release':'8'},\n {'reference':'rubygem-abrt-doc-0.3.0-4.module+el8.0.0+3250+4b7d6d43', 'release':'8'},\n {'reference':'rubygem-bigdecimal-1.3.4-104.module+el8.0.0+3250+4b7d6d43', 'cpu':'aarch64', 'release':'8'},\n {'reference':'rubygem-bigdecimal-1.3.4-104.module+el8.0.0+3250+4b7d6d43', 'cpu':'i686', 'release':'8'},\n {'reference':'rubygem-bigdecimal-1.3.4-104.module+el8.0.0+3250+4b7d6d43', 'cpu':'s390x', 'release':'8'},\n {'reference':'rubygem-bigdecimal-1.3.4-104.module+el8.0.0+3250+4b7d6d43', 'cpu':'x86_64', 'release':'8'},\n {'reference':'rubygem-bson-4.3.0-2.module+el8.0.0+3250+4b7d6d43', 'cpu':'aarch64', 'release':'8'},\n {'reference':'rubygem-bson-4.3.0-2.module+el8.0.0+3250+4b7d6d43', 'cpu':'s390x', 'release':'8'},\n {'reference':'rubygem-bson-4.3.0-2.module+el8.0.0+3250+4b7d6d43', 'cpu':'x86_64', 'release':'8'},\n {'reference':'rubygem-bson-debugsource-4.3.0-2.module+el8.0.0+3250+4b7d6d43', 'cpu':'aarch64', 'release':'8'},\n {'reference':'rubygem-bson-debugsource-4.3.0-2.module+el8.0.0+3250+4b7d6d43', 'cpu':'s390x', 'release':'8'},\n {'reference':'rubygem-bson-debugsource-4.3.0-2.module+el8.0.0+3250+4b7d6d43', 'cpu':'x86_64', 'release':'8'},\n {'reference':'rubygem-bson-doc-4.3.0-2.module+el8.0.0+3250+4b7d6d43', 'release':'8'},\n {'reference':'rubygem-bundler-1.16.1-3.module+el8.0.0+3250+4b7d6d43', 'release':'8'},\n {'reference':'rubygem-bundler-doc-1.16.1-3.module+el8.0.0+3250+4b7d6d43', 'release':'8'},\n {'reference':'rubygem-did_you_mean-1.2.0-104.module+el8.0.0+3250+4b7d6d43', 'release':'8'},\n {'reference':'rubygem-io-console-0.4.6-104.module+el8.0.0+3250+4b7d6d43', 'cpu':'aarch64', 'release':'8'},\n {'reference':'rubygem-io-console-0.4.6-104.module+el8.0.0+3250+4b7d6d43', 'cpu':'i686', 'release':'8'},\n {'reference':'rubygem-io-console-0.4.6-104.module+el8.0.0+3250+4b7d6d43', 'cpu':'s390x', 'release':'8'},\n {'reference':'rubygem-io-console-0.4.6-104.module+el8.0.0+3250+4b7d6d43', 'cpu':'x86_64', 'release':'8'},\n {'reference':'rubygem-json-2.1.0-104.module+el8.0.0+3250+4b7d6d43', 'cpu':'aarch64', 'release':'8'},\n {'reference':'rubygem-json-2.1.0-104.module+el8.0.0+3250+4b7d6d43', 'cpu':'i686', 'release':'8'},\n {'reference':'rubygem-json-2.1.0-104.module+el8.0.0+3250+4b7d6d43', 'cpu':'s390x', 'release':'8'},\n {'reference':'rubygem-json-2.1.0-104.module+el8.0.0+3250+4b7d6d43', 'cpu':'x86_64', 'release':'8'},\n {'reference':'rubygem-minitest-5.10.3-104.module+el8.0.0+3250+4b7d6d43', 'release':'8'},\n {'reference':'rubygem-mongo-2.5.1-2.module+el8.0.0+3250+4b7d6d43', 'release':'8'},\n {'reference':'rubygem-mongo-doc-2.5.1-2.module+el8.0.0+3250+4b7d6d43', 'release':'8'},\n {'reference':'rubygem-mysql2-0.4.10-4.module+el8.0.0+3250+4b7d6d43', 'cpu':'aarch64', 'release':'8'},\n {'reference':'rubygem-mysql2-0.4.10-4.module+el8.0.0+3250+4b7d6d43', 'cpu':'s390x', 'release':'8'},\n {'reference':'rubygem-mysql2-0.4.10-4.module+el8.0.0+3250+4b7d6d43', 'cpu':'x86_64', 'release':'8'},\n {'reference':'rubygem-mysql2-debugsource-0.4.10-4.module+el8.0.0+3250+4b7d6d43', 'cpu':'aarch64', 'release':'8'},\n {'reference':'rubygem-mysql2-debugsource-0.4.10-4.module+el8.0.0+3250+4b7d6d43', 'cpu':'s390x', 'release':'8'},\n {'reference':'rubygem-mysql2-debugsource-0.4.10-4.module+el8.0.0+3250+4b7d6d43', 'cpu':'x86_64', 'release':'8'},\n {'reference':'rubygem-mysql2-doc-0.4.10-4.module+el8.0.0+3250+4b7d6d43', 'release':'8'},\n {'reference':'rubygem-net-telnet-0.1.1-104.module+el8.0.0+3250+4b7d6d43', 'release':'8'},\n {'reference':'rubygem-openssl-2.1.2-104.module+el8.0.0+3250+4b7d6d43', 'cpu':'aarch64', 'release':'8'},\n {'reference':'rubygem-openssl-2.1.2-104.module+el8.0.0+3250+4b7d6d43', 'cpu':'i686', 'release':'8'},\n {'reference':'rubygem-openssl-2.1.2-104.module+el8.0.0+3250+4b7d6d43', 'cpu':'s390x', 'release':'8'},\n {'reference':'rubygem-openssl-2.1.2-104.module+el8.0.0+3250+4b7d6d43', 'cpu':'x86_64', 'release':'8'},\n {'reference':'rubygem-pg-1.0.0-2.module+el8.0.0+3250+4b7d6d43', 'cpu':'aarch64', 'release':'8'},\n {'reference':'rubygem-pg-1.0.0-2.module+el8.0.0+3250+4b7d6d43', 'cpu':'s390x', 'release':'8'},\n {'reference':'rubygem-pg-1.0.0-2.module+el8.0.0+3250+4b7d6d43', 'cpu':'x86_64', 'release':'8'},\n {'reference':'rubygem-pg-debugsource-1.0.0-2.module+el8.0.0+3250+4b7d6d43', 'cpu':'aarch64', 'release':'8'},\n {'reference':'rubygem-pg-debugsource-1.0.0-2.module+el8.0.0+3250+4b7d6d43', 'cpu':'s390x', 'release':'8'},\n {'reference':'rubygem-pg-debugsource-1.0.0-2.module+el8.0.0+3250+4b7d6d43', 'cpu':'x86_64', 'release':'8'},\n {'reference':'rubygem-pg-doc-1.0.0-2.module+el8.0.0+3250+4b7d6d43', 'release':'8'},\n {'reference':'rubygem-power_assert-1.1.1-104.module+el8.0.0+3250+4b7d6d43', 'release':'8'},\n {'reference':'rubygem-psych-3.0.2-104.module+el8.0.0+3250+4b7d6d43', 'cpu':'aarch64', 'release':'8'},\n {'reference':'rubygem-psych-3.0.2-104.module+el8.0.0+3250+4b7d6d43', 'cpu':'i686', 'release':'8'},\n {'reference':'rubygem-psych-3.0.2-104.module+el8.0.0+3250+4b7d6d43', 'cpu':'s390x', 'release':'8'},\n {'reference':'rubygem-psych-3.0.2-104.module+el8.0.0+3250+4b7d6d43', 'cpu':'x86_64', 'release':'8'},\n {'reference':'rubygem-rake-12.3.0-104.module+el8.0.0+3250+4b7d6d43', 'release':'8'},\n {'reference':'rubygem-rdoc-6.0.1-104.module+el8.0.0+3250+4b7d6d43', 'release':'8'},\n {'reference':'rubygem-test-unit-3.2.7-104.module+el8.0.0+3250+4b7d6d43', 'release':'8'},\n {'reference':'rubygem-xmlrpc-0.3.0-104.module+el8.0.0+3250+4b7d6d43', 'release':'8'},\n {'reference':'rubygems-2.7.6-104.module+el8.0.0+3250+4b7d6d43', 'release':'8'},\n {'reference':'rubygems-devel-2.7.6-104.module+el8.0.0+3250+4b7d6d43', 'release':'8'}\n ],\n};\n\nflag = 0;\nappstreams_found = 0;\nforeach module (keys(appstreams)) {\n appstream = NULL;\n appstream_name = NULL;\n appstream_version = NULL;\n appstream_split = split(module, sep:':', keep:FALSE);\n if (!empty_or_null(appstream_split)) {\n appstream_name = appstream_split[0];\n appstream_version = appstream_split[1];\n if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/RedHat/appstream/' + appstream_name);\n }\n if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {\n appstreams_found++;\n foreach package_array ( appstreams[module] ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n }\n }\n}\n\nif (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module ruby:2.5');\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'ruby / ruby-debugsource / ruby-devel / etc');\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:23:07", "description": "From Red Hat Security Advisory 2019:1972 :\n\nAn update for the ruby:2.5 module is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nRuby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks.\n\nSecurity Fix(es) :\n\n* rubygems: Installing a malicious gem may lead to arbitrary code execution (CVE-2019-8324)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-08-12T00:00:00", "type": "nessus", "title": "Oracle Linux 8 : ruby:2.5 (ELSA-2019-1972)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8324"], "modified": "2020-01-06T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:ruby", "p-cpe:/a:oracle:linux:ruby-devel", "p-cpe:/a:oracle:linux:ruby-doc", "p-cpe:/a:oracle:linux:ruby-irb", "p-cpe:/a:oracle:linux:ruby-libs", "p-cpe:/a:oracle:linux:rubygem-abrt", "p-cpe:/a:oracle:linux:rubygem-abrt-doc", "p-cpe:/a:oracle:linux:rubygem-bigdecimal", "p-cpe:/a:oracle:linux:rubygem-bson", "p-cpe:/a:oracle:linux:rubygem-bson-doc", "p-cpe:/a:oracle:linux:rubygem-bundler", "p-cpe:/a:oracle:linux:rubygem-bundler-doc", "p-cpe:/a:oracle:linux:rubygem-did_you_mean", "p-cpe:/a:oracle:linux:rubygem-io-console", "p-cpe:/a:oracle:linux:rubygem-json", "p-cpe:/a:oracle:linux:rubygem-minitest", "p-cpe:/a:oracle:linux:rubygem-mongo", "p-cpe:/a:oracle:linux:rubygem-mongo-doc", "p-cpe:/a:oracle:linux:rubygem-mysql2", "p-cpe:/a:oracle:linux:rubygem-mysql2-doc", "p-cpe:/a:oracle:linux:rubygem-net-telnet", "p-cpe:/a:oracle:linux:rubygem-openssl", "p-cpe:/a:oracle:linux:rubygem-pg", "p-cpe:/a:oracle:linux:rubygem-pg-doc", "p-cpe:/a:oracle:linux:rubygem-power_assert", "p-cpe:/a:oracle:linux:rubygem-psych", "p-cpe:/a:oracle:linux:rubygem-rake", "p-cpe:/a:oracle:linux:rubygem-rdoc", "p-cpe:/a:oracle:linux:rubygem-test-unit", "p-cpe:/a:oracle:linux:rubygem-xmlrpc", "p-cpe:/a:oracle:linux:rubygems", "p-cpe:/a:oracle:linux:rubygems-devel", "cpe:/o:oracle:linux:8"], "id": "ORACLELINUX_ELSA-2019-1972.NASL", "href": "https://www.tenable.com/plugins/nessus/127610", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2019:1972 and \n# Oracle Linux Security Advisory ELSA-2019-1972 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(127610);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2020/01/06\");\n\n script_cve_id(\"CVE-2019-8324\");\n script_xref(name:\"RHSA\", value:\"2019:1972\");\n\n script_name(english:\"Oracle Linux 8 : ruby:2.5 (ELSA-2019-1972)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2019:1972 :\n\nAn update for the ruby:2.5 module is now available for Red Hat\nEnterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nRuby is an extensible, interpreted, object-oriented, scripting\nlanguage. It has features to process text files and to perform system\nmanagement tasks.\n\nSecurity Fix(es) :\n\n* rubygems: Installing a malicious gem may lead to arbitrary code\nexecution (CVE-2019-8324)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2019-August/009013.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected ruby:2.5 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ruby-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ruby-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ruby-irb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ruby-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:rubygem-abrt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:rubygem-abrt-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:rubygem-bigdecimal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:rubygem-bson\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:rubygem-bson-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:rubygem-bundler\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:rubygem-bundler-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:rubygem-did_you_mean\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:rubygem-io-console\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:rubygem-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:rubygem-minitest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:rubygem-mongo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:rubygem-mongo-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:rubygem-mysql2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:rubygem-mysql2-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:rubygem-net-telnet\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:rubygem-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:rubygem-pg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:rubygem-pg-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:rubygem-power_assert\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:rubygem-psych\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:rubygem-rake\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:rubygem-rdoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:rubygem-test-unit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:rubygem-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:rubygems\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:rubygems-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:8\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/06/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 8\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"ruby-2.5.3-104.module+el8.0.0+5238+4f9ac61b\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"ruby-devel-2.5.3-104.module+el8.0.0+5238+4f9ac61b\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"ruby-doc-2.5.3-104.module+el8.0.0+5238+4f9ac61b\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"ruby-irb-2.5.3-104.module+el8.0.0+5238+4f9ac61b\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"ruby-libs-2.5.3-104.module+el8.0.0+5238+4f9ac61b\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"rubygem-abrt-0.3.0-4.module+el8.0.0+5238+4f9ac61b\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"rubygem-abrt-doc-0.3.0-4.module+el8.0.0+5238+4f9ac61b\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"rubygem-bigdecimal-1.3.4-104.module+el8.0.0+5238+4f9ac61b\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"rubygem-bson-4.3.0-2.module+el8.0.0+5238+4f9ac61b\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"rubygem-bson-doc-4.3.0-2.module+el8.0.0+5238+4f9ac61b\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"rubygem-bundler-1.16.1-3.module+el8.0.0+5238+4f9ac61b\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"rubygem-bundler-doc-1.16.1-3.module+el8.0.0+5238+4f9ac61b\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"rubygem-did_you_mean-1.2.0-104.module+el8.0.0+5238+4f9ac61b\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"rubygem-io-console-0.4.6-104.module+el8.0.0+5238+4f9ac61b\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"rubygem-json-2.1.0-104.module+el8.0.0+5238+4f9ac61b\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"rubygem-minitest-5.10.3-104.module+el8.0.0+5238+4f9ac61b\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"rubygem-mongo-2.5.1-2.module+el8.0.0+5238+4f9ac61b\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"rubygem-mongo-doc-2.5.1-2.module+el8.0.0+5238+4f9ac61b\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"rubygem-mysql2-0.4.10-4.module+el8.0.0+5238+4f9ac61b\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"rubygem-mysql2-doc-0.4.10-4.module+el8.0.0+5238+4f9ac61b\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"rubygem-net-telnet-0.1.1-104.module+el8.0.0+5238+4f9ac61b\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"rubygem-openssl-2.1.2-104.module+el8.0.0+5238+4f9ac61b\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"rubygem-pg-1.0.0-2.module+el8.0.0+5238+4f9ac61b\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"rubygem-pg-doc-1.0.0-2.module+el8.0.0+5238+4f9ac61b\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"rubygem-power_assert-1.1.1-104.module+el8.0.0+5238+4f9ac61b\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"rubygem-psych-3.0.2-104.module+el8.0.0+5238+4f9ac61b\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"rubygem-rake-12.3.0-104.module+el8.0.0+5238+4f9ac61b\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"rubygem-rdoc-6.0.1-104.module+el8.0.0+5238+4f9ac61b\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"rubygem-test-unit-3.2.7-104.module+el8.0.0+5238+4f9ac61b\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"rubygem-xmlrpc-0.3.0-104.module+el8.0.0+5238+4f9ac61b\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"rubygems-2.7.6-104.module+el8.0.0+5238+4f9ac61b\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"rubygems-devel-2.7.6-104.module+el8.0.0+5238+4f9ac61b\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ruby / ruby-devel / ruby-doc / ruby-irb / ruby-libs / rubygem-abrt / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-03-06T14:57:14", "description": "This update for ruby2.5 and ruby-bundled-gems-rpmhelper fixes the following issues :\n\nChanges in ruby2.5 :\n\nUpdate to 2.5.5 and 2.5.4 :\n\nhttps://www.ruby-lang.org/en/news/2019/03/15/ruby-2-5-5-released/ https://www.ruby-lang.org/en/news/2019/03/13/ruby-2-5-4-released/\n\nSecurity issues fixed :\n\n - CVE-2019-8320: Delete directory using symlink when decompressing tar (bsc#1130627)\n\n - CVE-2019-8321: Escape sequence injection vulnerability in verbose (bsc#1130623)\n\n - CVE-2019-8322: Escape sequence injection vulnerability in gem owner (bsc#1130622)\n\n - CVE-2019-8323: Escape sequence injection vulnerability in API response handling (bsc#1130620)\n\n - CVE-2019-8324: Installing a malicious gem may lead to arbitrary code execution (bsc#1130617)\n\n - CVE-2019-8325: Escape sequence injection vulnerability in errors (bsc#1130611)\n\nRuby 2.5 was updated to 2.5.3 :\n\nThis release includes some bug fixes and some security fixes.\n\nSecurity issues fixed :\n\n - CVE-2018-16396: Tainted flags are not propagated in Array#pack and String#unpack with some directives (bsc#1112532)\n\n - CVE-2018-16395: OpenSSL::X509::Name equality check does not work correctly (bsc#1112530)\n\nRuby 2.5 was updated to 2.5.1 :\n\nThis release includes some bug fixes and some security fixes.\n\nSecurity issues fixed :\n\n - CVE-2017-17742: HTTP response splitting in WEBrick (bsc#1087434)\n\n - CVE-2018-6914: Unintentional file and directory creation with directory traversal in tempfile and tmpdir (bsc#1087441)\n\n - CVE-2018-8777: DoS by large request in WEBrick (bsc#1087436)\n\n - CVE-2018-8778: Buffer under-read in String#unpack (bsc#1087433)\n\n - CVE-2018-8779: Unintentional socket creation by poisoned NUL byte in UNIXServer and UNIXSocket (bsc#1087440)\n\n - CVE-2018-8780: Unintentional directory traversal by poisoned NUL byte in Dir (bsc#1087437)\n\n - Multiple vulnerabilities in RubyGems were fixed :\n\n - CVE-2018-1000079: Fixed path traversal issue during gem installation allows to write to arbitrary filesystem locations (bsc#1082058)\n\n - CVE-2018-1000075: Fixed infinite loop vulnerability due to negative size in tar header causes Denial of Service (bsc#1082014)\n\n - CVE-2018-1000078: Fixed XSS vulnerability in homepage attribute when displayed via gem server (bsc#1082011)\n\n - CVE-2018-1000077: Fixed that missing URL validation on spec home attribute allows malicious gem to set an invalid homepage URL (bsc#1082010)\n\n - CVE-2018-1000076: Fixed improper verification of signatures in tarball allows to install mis-signed gem (bsc#1082009)\n\n - CVE-2018-1000074: Fixed unsafe Object Deserialization Vulnerability in gem owner allowing arbitrary code execution on specially crafted YAML (bsc#1082008)\n\n - CVE-2018-1000073: Fixed path traversal when writing to a symlinked basedir outside of the root (bsc#1082007)\n\nOther changes :\n\n - Fixed Net::POPMail methods modify frozen literal when using default arg\n\n - ruby: change over of the Japanese Era to the new emperor May 1st 2019 (bsc#1133790)\n\n - build with PIE support (bsc#1130028)\n\nChanges in ruby-bundled-gems-rpmhelper :\n\n - Add a new helper for bundled ruby gems.\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-07-22T00:00:00", "type": "nessus", "title": "openSUSE Security Update : ruby-bundled-gems-rpmhelper / ruby2.5 (openSUSE-2019-1771)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 9.2, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-17742", "CVE-2018-1000073", "CVE-2018-1000074", "CVE-2018-1000075", "CVE-2018-1000076", "CVE-2018-1000077", "CVE-2018-1000078", "CVE-2018-1000079", "CVE-2018-16395", "CVE-2018-16396", "CVE-2018-6914", "CVE-2018-8777", "CVE-2018-8778", "CVE-2018-8779", "CVE-2018-8780", "CVE-2019-8320", "CVE-2019-8321", "CVE-2019-8322", "CVE-2019-8323", "CVE-2019-8324", "CVE-2019-8325"], "modified": "2022-05-23T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libruby2_5-2_5", "p-cpe:/a:novell:opensuse:libruby2_5-2_5-debuginfo", "p-cpe:/a:novell:opensuse:ruby-bundled-gems-rpmhelper", "p-cpe:/a:novell:opensuse:ruby2.5", "p-cpe:/a:novell:opensuse:ruby2.5-debuginfo", "p-cpe:/a:novell:opensuse:ruby2.5-debugsource", "p-cpe:/a:novell:opensuse:ruby2.5-devel", "p-cpe:/a:novell:opensuse:ruby2.5-devel-extra", "p-cpe:/a:novell:opensuse:ruby2.5-doc-ri", "p-cpe:/a:novell:opensuse:ruby2.5-stdlib", "p-cpe:/a:novell:opensuse:ruby2.5-stdlib-debuginfo", "cpe:/o:novell:opensuse:15.1"], "id": "OPENSUSE-2019-1771.NASL", "href": "https://www.tenable.com/plugins/nessus/126904", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-1771.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(126904);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/23\");\n\n script_cve_id(\"CVE-2017-17742\", \"CVE-2018-1000073\", \"CVE-2018-1000074\", \"CVE-2018-1000075\", \"CVE-2018-1000076\", \"CVE-2018-1000077\", \"CVE-2018-1000078\", \"CVE-2018-1000079\", \"CVE-2018-16395\", \"CVE-2018-16396\", \"CVE-2018-6914\", \"CVE-2018-8777\", \"CVE-2018-8778\", \"CVE-2018-8779\", \"CVE-2018-8780\", \"CVE-2019-8320\", \"CVE-2019-8321\", \"CVE-2019-8322\", \"CVE-2019-8323\", \"CVE-2019-8324\", \"CVE-2019-8325\");\n\n script_name(english:\"openSUSE Security Update : ruby-bundled-gems-rpmhelper / ruby2.5 (openSUSE-2019-1771)\");\n script_summary(english:\"Check for the openSUSE-2019-1771 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for ruby2.5 and ruby-bundled-gems-rpmhelper fixes the\nfollowing issues :\n\nChanges in ruby2.5 :\n\nUpdate to 2.5.5 and 2.5.4 :\n\nhttps://www.ruby-lang.org/en/news/2019/03/15/ruby-2-5-5-released/\nhttps://www.ruby-lang.org/en/news/2019/03/13/ruby-2-5-4-released/\n\nSecurity issues fixed :\n\n - CVE-2019-8320: Delete directory using symlink when\n decompressing tar (bsc#1130627)\n\n - CVE-2019-8321: Escape sequence injection vulnerability\n in verbose (bsc#1130623)\n\n - CVE-2019-8322: Escape sequence injection vulnerability\n in gem owner (bsc#1130622)\n\n - CVE-2019-8323: Escape sequence injection vulnerability\n in API response handling (bsc#1130620)\n\n - CVE-2019-8324: Installing a malicious gem may lead to\n arbitrary code execution (bsc#1130617)\n\n - CVE-2019-8325: Escape sequence injection vulnerability\n in errors (bsc#1130611)\n\nRuby 2.5 was updated to 2.5.3 :\n\nThis release includes some bug fixes and some security fixes.\n\nSecurity issues fixed :\n\n - CVE-2018-16396: Tainted flags are not propagated in\n Array#pack and String#unpack with some directives\n (bsc#1112532)\n\n - CVE-2018-16395: OpenSSL::X509::Name equality check does\n not work correctly (bsc#1112530)\n\nRuby 2.5 was updated to 2.5.1 :\n\nThis release includes some bug fixes and some security fixes.\n\nSecurity issues fixed :\n\n - CVE-2017-17742: HTTP response splitting in WEBrick\n (bsc#1087434)\n\n - CVE-2018-6914: Unintentional file and directory creation\n with directory traversal in tempfile and tmpdir\n (bsc#1087441)\n\n - CVE-2018-8777: DoS by large request in WEBrick\n (bsc#1087436)\n\n - CVE-2018-8778: Buffer under-read in String#unpack\n (bsc#1087433)\n\n - CVE-2018-8779: Unintentional socket creation by poisoned\n NUL byte in UNIXServer and UNIXSocket (bsc#1087440)\n\n - CVE-2018-8780: Unintentional directory traversal by\n poisoned NUL byte in Dir (bsc#1087437)\n\n - Multiple vulnerabilities in RubyGems were fixed :\n\n - CVE-2018-1000079: Fixed path traversal issue during gem\n installation allows to write to arbitrary filesystem\n locations (bsc#1082058)\n\n - CVE-2018-1000075: Fixed infinite loop vulnerability due\n to negative size in tar header causes Denial of Service\n (bsc#1082014)\n\n - CVE-2018-1000078: Fixed XSS vulnerability in homepage\n attribute when displayed via gem server (bsc#1082011)\n\n - CVE-2018-1000077: Fixed that missing URL validation on\n spec home attribute allows malicious gem to set an\n invalid homepage URL (bsc#1082010)\n\n - CVE-2018-1000076: Fixed improper verification of\n signatures in tarball allows to install mis-signed gem\n (bsc#1082009)\n\n - CVE-2018-1000074: Fixed unsafe Object Deserialization\n Vulnerability in gem owner allowing arbitrary code\n execution on specially crafted YAML (bsc#1082008)\n\n - CVE-2018-1000073: Fixed path traversal when writing to a\n symlinked basedir outside of the root (bsc#1082007)\n\nOther changes :\n\n - Fixed Net::POPMail methods modify frozen literal when\n using default arg\n\n - ruby: change over of the Japanese Era to the new emperor\n May 1st 2019 (bsc#1133790)\n\n - build with PIE support (bsc#1130028)\n\nChanges in ruby-bundled-gems-rpmhelper :\n\n - Add a new helper for bundled ruby gems.\n\nThis update was imported from the SUSE:SLE-15:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1082007\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1082008\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1082009\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1082010\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1082011\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1082014\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1082058\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1087433\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1087434\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1087436\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1087437\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1087440\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1087441\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112530\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112532\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1130028\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1130611\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1130617\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1130620\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1130622\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1130623\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1130627\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1133790\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.ruby-lang.org/en/news/2019/03/13/ruby-2-5-4-released/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.ruby-lang.org/en/news/2019/03/15/ruby-2-5-5-released/\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected ruby-bundled-gems-rpmhelper / ruby2.5 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-8320\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libruby2_5-2_5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libruby2_5-2_5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ruby-bundled-gems-rpmhelper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ruby2.5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ruby2.5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ruby2.5-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ruby2.5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ruby2.5-devel-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ruby2.5-doc-ri\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ruby2.5-stdlib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ruby2.5-stdlib-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/03/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/07/22\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libruby2_5-2_5-2.5.5-lp151.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libruby2_5-2_5-debuginfo-2.5.5-lp151.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"ruby-bundled-gems-rpmhelper-0.0.2-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"ruby2.5-2.5.5-lp151.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"ruby2.5-debuginfo-2.5.5-lp151.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"ruby2.5-debugsource-2.5.5-lp151.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"ruby2.5-devel-2.5.5-lp151.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"ruby2.5-devel-extra-2.5.5-lp151.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"ruby2.5-doc-ri-2.5.5-lp151.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"ruby2.5-stdlib-2.5.5-lp151.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"ruby2.5-stdlib-debuginfo-2.5.5-lp151.4.3.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ruby-bundled-gems-rpmhelper / libruby2_5-2_5 / etc\");\n}\n", "cvss": {"score": 8.8, "vector": "AV:N/AC:M/Au:N/C:N/I:C/A:C"}}, {"lastseen": "2023-03-05T15:25:38", "description": "This update for ruby2.5 and ruby-bundled-gems-rpmhelper fixes the following issues :\n\nChanges in ruby2.5 :\n\nUpdate to 2.5.5 and 2.5.4 :\n\nhttps://www.ruby-lang.org/en/news/2019/03/15/ruby-2-5-5-released/ https://www.ruby-lang.org/en/news/2019/03/13/ruby-2-5-4-released/\n\nSecurity issues fixed :\n\nCVE-2019-8320: Delete directory using symlink when decompressing tar (bsc#1130627)\n\nCVE-2019-8321: Escape sequence injection vulnerability in verbose (bsc#1130623)\n\nCVE-2019-8322: Escape sequence injection vulnerability in gem owner (bsc#1130622)\n\nCVE-2019-8323: Escape sequence injection vulnerability in API response handling (bsc#1130620)\n\nCVE-2019-8324: Installing a malicious gem may lead to arbitrary code execution (bsc#1130617)\n\nCVE-2019-8325: Escape sequence injection vulnerability in errors (bsc#1130611)\n\nRuby 2.5 was updated to 2.5.3 :\n\nThis release includes some bug fixes and some security fixes.\n\nSecurity issues fixed: CVE-2018-16396: Tainted flags are not propagated in Array#pack and String#unpack with some directives (bsc#1112532)\n\nCVE-2018-16395: OpenSSL::X509::Name equality check does not work correctly (bsc#1112530)\n\nRuby 2.5 was updated to 2.5.1 :\n\nThis release includes some bug fixes and some security fixes.\n\nSecurity issues fixed: CVE-2017-17742: HTTP response splitting in WEBrick (bsc#1087434)\n\nCVE-2018-6914: Unintentional file and directory creation with directory traversal in tempfile and tmpdir (bsc#1087441)\n\nCVE-2018-8777: DoS by large request in WEBrick (bsc#1087436)\n\nCVE-2018-8778: Buffer under-read in String#unpack (bsc#1087433)\n\nCVE-2018-8779: Unintentional socket creation by poisoned NUL byte in UNIXServer and UNIXSocket (bsc#1087440)\n\nCVE-2018-8780: Unintentional directory traversal by poisoned NUL byte in Dir (bsc#1087437)\n\nMultiple vulnerabilities in RubyGems were fixed :\n\n - CVE-2018-1000079: Fixed path traversal issue during gem installation allows to write to arbitrary filesystem locations (bsc#1082058)\n\n - CVE-2018-1000075: Fixed infinite loop vulnerability due to negative size in tar header causes Denial of Service (bsc#1082014)\n\n - CVE-2018-1000078: Fixed XSS vulnerability in homepage attribute when displayed via gem server (bsc#1082011)\n\n - CVE-2018-1000077: Fixed that missing URL validation on spec home attribute allows malicious gem to set an invalid homepage URL (bsc#1082010)\n\n - CVE-2018-1000076: Fixed improper verification of signatures in tarball allows to install mis-signed gem (bsc#1082009)\n\n - CVE-2018-1000074: Fixed unsafe Object Deserialization Vulnerability in gem owner allowing arbitrary code execution on specially crafted YAML (bsc#1082008)\n\n - CVE-2018-1000073: Fixed path traversal when writing to a symlinked basedir outside of the root (bsc#1082007)\n\nOther changes: Fixed Net::POPMail methods modify frozen literal when using default arg\n\nruby: change over of the Japanese Era to the new emperor May 1st 2019 (bsc#1133790)\n\nbuild with PIE support (bsc#1130028)\n\nChanges in ruby-bundled-gems-rpmhelper: Add a new helper for bundled ruby gems.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-07-11T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : ruby-bundled-gems-rpmhelper, ruby2.5 (SUSE-SU-2019:1804-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 9.2, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-17742", "CVE-2018-1000073", "CVE-2018-1000074", "CVE-2018-1000075", "CVE-2018-1000076", "CVE-2018-1000077", "CVE-2018-1000078", "CVE-2018-1000079", "CVE-2018-16395", "CVE-2018-16396", "CVE-2018-6914", "CVE-2018-8777", "CVE-2018-8778", "CVE-2018-8779", "CVE-2018-8780", "CVE-2019-8320", "CVE-2019-8321", "CVE-2019-8322", "CVE-2019-8323", "CVE-2019-8324", "CVE-2019-8325"], "modified": "2022-05-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libruby2_5", "p-cpe:/a:novell:suse_linux:libruby2_5-2_5-debuginfo", "p-cpe:/a:novell:suse_linux:ruby2.5", "p-cpe:/a:novell:suse_linux:ruby2.5-debuginfo", "p-cpe:/a:novell:suse_linux:ruby2.5-debugsource", "p-cpe:/a:novell:suse_linux:ruby2.5-devel", "p-cpe:/a:novell:suse_linux:ruby2.5-devel-extra", "p-cpe:/a:novell:suse_linux:ruby2.5-doc", "p-cpe:/a:novell:suse_linux:ruby2.5-stdlib", "p-cpe:/a:novell:suse_linux:ruby2.5-stdlib-debuginfo", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2019-1804-1.NASL", "href": "https://www.tenable.com/plugins/nessus/126617", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:1804-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(126617);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/19\");\n\n script_cve_id(\n \"CVE-2017-17742\",\n \"CVE-2018-6914\",\n \"CVE-2018-8777\",\n \"CVE-2018-8778\",\n \"CVE-2018-8779\",\n \"CVE-2018-8780\",\n \"CVE-2018-16395\",\n \"CVE-2018-16396\",\n \"CVE-2018-1000073\",\n \"CVE-2018-1000074\",\n \"CVE-2018-1000075\",\n \"CVE-2018-1000076\",\n \"CVE-2018-1000077\",\n \"CVE-2018-1000078\",\n \"CVE-2018-1000079\",\n \"CVE-2019-8320\",\n \"CVE-2019-8321\",\n \"CVE-2019-8322\",\n \"CVE-2019-8323\",\n \"CVE-2019-8324\",\n \"CVE-2019-8325\"\n );\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : ruby-bundled-gems-rpmhelper, ruby2.5 (SUSE-SU-2019:1804-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for ruby2.5 and ruby-bundled-gems-rpmhelper fixes the\nfollowing issues :\n\nChanges in ruby2.5 :\n\nUpdate to 2.5.5 and 2.5.4 :\n\nhttps://www.ruby-lang.org/en/news/2019/03/15/ruby-2-5-5-released/\nhttps://www.ruby-lang.org/en/news/2019/03/13/ruby-2-5-4-released/\n\nSecurity issues fixed :\n\nCVE-2019-8320: Delete directory using symlink when decompressing tar\n(bsc#1130627)\n\nCVE-2019-8321: Escape sequence injection vulnerability in verbose\n(bsc#1130623)\n\nCVE-2019-8322: Escape sequence injection vulnerability in gem owner\n(bsc#1130622)\n\nCVE-2019-8323: Escape sequence injection vulnerability in API response\nhandling (bsc#1130620)\n\nCVE-2019-8324: Installing a malicious gem may lead to arbitrary code\nexecution (bsc#1130617)\n\nCVE-2019-8325: Escape sequence injection vulnerability in errors\n(bsc#1130611)\n\nRuby 2.5 was updated to 2.5.3 :\n\nThis release includes some bug fixes and some security fixes.\n\nSecurity issues fixed: CVE-2018-16396: Tainted flags are not\npropagated in Array#pack and String#unpack with some directives\n(bsc#1112532)\n\nCVE-2018-16395: OpenSSL::X509::Name equality check does not work\ncorrectly (bsc#1112530)\n\nRuby 2.5 was updated to 2.5.1 :\n\nThis release includes some bug fixes and some security fixes.\n\nSecurity issues fixed: CVE-2017-17742: HTTP response splitting in\nWEBrick (bsc#1087434)\n\nCVE-2018-6914: Unintentional file and directory creation with\ndirectory traversal in tempfile and tmpdir (bsc#1087441)\n\nCVE-2018-8777: DoS by large request in WEBrick (bsc#1087436)\n\nCVE-2018-8778: Buffer under-read in String#unpack (bsc#1087433)\n\nCVE-2018-8779: Unintentional socket creation by poisoned NUL byte in\nUNIXServer and UNIXSocket (bsc#1087440)\n\nCVE-2018-8780: Unintentional directory traversal by poisoned NUL byte\nin Dir (bsc#1087437)\n\nMultiple vulnerabilities in RubyGems were fixed :\n\n - CVE-2018-1000079: Fixed path traversal issue during gem\n installation allows to write to arbitrary filesystem\n locations (bsc#1082058)\n\n - CVE-2018-1000075: Fixed infinite loop vulnerability due\n to negative size in tar header causes Denial of Service\n (bsc#1082014)\n\n - CVE-2018-1000078: Fixed XSS vulnerability in homepage\n attribute when displayed via gem server (bsc#1082011)\n\n - CVE-2018-1000077: Fixed that missing URL validation on\n spec home attribute allows malicious gem to set an\n invalid homepage URL (bsc#1082010)\n\n - CVE-2018-1000076: Fixed improper verification of\n signatures in tarball allows to install mis-signed gem\n (bsc#1082009)\n\n - CVE-2018-1000074: Fixed unsafe Object Deserialization\n Vulnerability in gem owner allowing arbitrary code\n execution on specially crafted YAML (bsc#1082008)\n\n - CVE-2018-1000073: Fixed path traversal when writing to a\n symlinked basedir outside of the root (bsc#1082007)\n\nOther changes: Fixed Net::POPMail methods modify frozen literal when\nusing default arg\n\nruby: change over of the Japanese Era to the new emperor May 1st 2019\n(bsc#1133790)\n\nbuild with PIE support (bsc#1130028)\n\nChanges in ruby-bundled-gems-rpmhelper: Add a new helper for bundled\nruby gems.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1082007\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1082008\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1082009\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1082010\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1082011\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1082014\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1082058\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1087433\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1087434\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1087436\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1087437\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1087440\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1087441\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1112530\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1112532\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1130028\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1130611\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1130617\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1130620\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1130622\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1130623\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1130627\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1133790\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.ruby-lang.org/en/news/2019/03/13/ruby-2-5-4-released/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.ruby-lang.org/en/news/2019/03/15/ruby-2-5-5-released/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-17742/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-1000073/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-1000074/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-1000075/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-1000076/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-1000077/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-1000078/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-1000079/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-16395/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-16396/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-6914/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-8777/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-8778/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-8779/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-8780/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8320/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8321/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8322/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8323/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8324/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8325/\");\n # https://www.suse.com/support/update/announcement/2019/suse-su-20191804-1/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?f388fbfb\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Open Buildservice Development Tools\n15-SP1:zypper in -t patch\nSUSE-SLE-Module-Development-Tools-OBS-15-SP1-2019-1804=1\n\nSUSE Linux Enterprise Module for Open Buildservice Development Tools\n15:zypper in -t patch\nSUSE-SLE-Module-Development-Tools-OBS-15-2019-1804=1\n\nSUSE Linux Enterprise Module for Basesystem 15-SP1:zypper in -t patch\nSUSE-SLE-Module-Basesystem-15-SP1-2019-1804=1\n\nSUSE Linux Enterprise Module for Basesystem 15:zypper in -t patch\nSUSE-SLE-Module-Basesystem-15-2019-1804=1\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-8320\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2018-16395\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/03/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/07/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libruby2_5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libruby2_5-2_5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ruby2.5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ruby2.5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ruby2.5-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ruby2.5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ruby2.5-devel-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ruby2.5-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ruby2.5-stdlib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ruby2.5-stdlib-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0|1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP0/1\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(0|1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP0/1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libruby2_5-2_5-2.5.5-4.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libruby2_5-2_5-debuginfo-2.5.5-4.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"ruby2.5-2.5.5-4.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"ruby2.5-debuginfo-2.5.5-4.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"ruby2.5-debugsource-2.5.5-4.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"ruby2.5-devel-2.5.5-4.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"ruby2.5-devel-extra-2.5.5-4.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"ruby2.5-doc-2.5.5-4.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"ruby2.5-stdlib-2.5.5-4.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"ruby2.5-stdlib-debuginfo-2.5.5-4.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libruby2_5-2_5-2.5.5-4.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libruby2_5-2_5-debuginfo-2.5.5-4.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"ruby2.5-2.5.5-4.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"ruby2.5-debuginfo-2.5.5-4.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"ruby2.5-debugsource-2.5.5-4.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"ruby2.5-devel-2.5.5-4.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"ruby2.5-devel-extra-2.5.5-4.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"ruby2.5-doc-2.5.5-4.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"ruby2.5-stdlib-2.5.5-4.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"ruby2.5-stdlib-debuginfo-2.5.5-4.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libruby2_5-2_5-2.5.5-4.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libruby2_5-2_5-debuginfo-2.5.5-4.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"ruby2.5-2.5.5-4.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"ruby2.5-debuginfo-2.5.5-4.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"ruby2.5-debugsource-2.5.5-4.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"ruby2.5-devel-2.5.5-4.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"ruby2.5-devel-extra-2.5.5-4.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"ruby2.5-doc-2.5.5-4.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"ruby2.5-stdlib-2.5.5-4.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"ruby2.5-stdlib-debuginfo-2.5.5-4.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libruby2_5-2_5-2.5.5-4.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libruby2_5-2_5-debuginfo-2.5.5-4.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"ruby2.5-2.5.5-4.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"ruby2.5-debuginfo-2.5.5-4.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"ruby2.5-debugsource-2.5.5-4.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"ruby2.5-devel-2.5.5-4.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"ruby2.5-devel-extra-2.5.5-4.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"ruby2.5-doc-2.5.5-4.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"ruby2.5-stdlib-2.5.5-4.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"ruby2.5-stdlib-debuginfo-2.5.5-4.3.1\")) flag++;\n\n\nif (flag)\n{\n set_kb_item(name:'www/0/XSS', value:TRUE);\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ruby-bundled-gems-rpmhelper / ruby2.5\");\n}\n", "cvss": {"score": 8.8, "vector": "AV:N/AC:M/Au:N/C:N/I:C/A:C"}}, {"lastseen": "2023-03-01T14:24:53", "description": "This update for ruby2.1 fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2015-9096: Fixed an SMTP command injection via CRLFsequences in a RCPT TO or MAIL FROM command (bsc#1043983).\n\nCVE-2016-7798: Fixed an IV Reuse in GCM Mode (bsc#1055265).\n\nCVE-2017-0898: Fixed a buffer underrun vulnerability in Kernel.sprintf (bsc#1058755).\n\nCVE-2017-0899: Fixed an issue with malicious gem specifications, insufficient sanitation when printing gem specifications could have included terminal characters (bsc#1056286).\n\nCVE-2017-0900: Fixed an issue with malicious gem specifications, the query command could have led to a denial of service attack against clients (bsc#1056286).\n\nCVE-2017-0901: Fixed an issue with malicious gem specifications, potentially overwriting arbitrary files on the client system (bsc#1056286).\n\nCVE-2017-0902: Fixed an issue with malicious gem specifications, that could have enabled MITM attacks against clients (bsc#1056286).\n\nCVE-2017-0903: Fixed an unsafe object deserialization vulnerability (bsc#1062452).\n\nCVE-2017-9228: Fixed a heap out-of-bounds write in bitset_set_range() during regex compilation (bsc#1069607).\n\nCVE-2017-9229: Fixed an invalid pointer dereference in left_adjust_char_head() in oniguruma (bsc#1069632).\n\nCVE-2017-10784: Fixed an escape sequence injection vulnerability in the Basic authentication of WEBrick (bsc#1058754).\n\nCVE-2017-14033: Fixed a buffer underrun vulnerability in OpenSSL ASN1 decode (bsc#1058757).\n\nCVE-2017-14064: Fixed an arbitrary memory exposure during a JSON.generate call (bsc#1056782).\n\nCVE-2017-17405: Fixed a command injection vulnerability in Net::FTP (bsc#1073002).\n\nCVE-2017-17742: Fixed an HTTP response splitting issue in WEBrick (bsc#1087434).\n\nCVE-2017-17790: Fixed a command injection in lib/resolv.rb:lazy_initialize() (bsc#1078782).\n\nCVE-2018-6914: Fixed an unintentional file and directory creation with directory traversal in tempfile and tmpdir (bsc#1087441).\n\nCVE-2018-8777: Fixed a potential DoS caused by large requests in WEBrick (bsc#1087436).\n\nCVE-2018-8778: Fixed a buffer under-read in String#unpack (bsc#1087433).\n\nCVE-2018-8779: Fixed an unintentional socket creation by poisoned NUL byte in UNIXServer and UNIXSocket (bsc#1087440).\n\nCVE-2018-8780: Fixed an unintentional directory traversal by poisoned NUL byte in Dir (bsc#1087437).\n\nCVE-2018-16395: Fixed an issue with OpenSSL::X509::Name equality checking (bsc#1112530).\n\nCVE-2018-16396: Fixed an issue with tainted string handling, where the flag was not propagated in Array#pack and String#unpack with some directives (bsc#1112532).\n\nCVE-2018-1000073: Fixed a path traversal issue (bsc#1082007).\n\nCVE-2018-1000074: Fixed an unsafe object deserialization vulnerability in gem owner, allowing arbitrary code execution with specially crafted YAML (bsc#1082008).\n\nCVE-2018-1000075: Fixed an infinite loop vulnerability due to negative size in tar header causes Denial of Service (bsc#1082014).\n\nCVE-2018-1000076: Fixed an improper verification of signatures in tarballs (bsc#1082009).\n\nCVE-2018-1000077: Fixed an improper URL validation in the homepage attribute of ruby gems (bsc#1082010).\n\nCVE-2018-1000078: Fixed a XSS vulnerability in the homepage attribute when displayed via gem server (bsc#1082011).\n\nCVE-2018-1000079: Fixed a path traversal issue during gem installation allows to write to arbitrary filesystem locations (bsc#1082058).\n\nCVE-2019-8320: Fixed a directory traversal issue when decompressing tar files (bsc#1130627).\n\nCVE-2019-8321: Fixed an escape sequence injection vulnerability in verbose (bsc#1130623).\n\nCVE-2019-8322: Fixed an escape sequence injection vulnerability in gem owner (bsc#1130622).\n\nCVE-2019-8323: Fixed an escape sequence injection vulnerability in API response handling (bsc#1130620).\n\nCVE-2019-8324: Fixed an issue with malicious gems that may have led to arbitrary code execution (bsc#1130617).\n\nCVE-2019-8325: Fixed an escape sequence injection vulnerability in errors (bsc#1130611).\n\nCVE-2019-15845: Fixed a NUL injection vulnerability in File.fnmatch and File.fnmatch? (bsc#1152994).\n\nCVE-2019-16201: Fixed a regular expression denial of service vulnerability in WEBrick's digest access authentication (bsc#1152995).\n\nCVE-2019-16254: Fixed an HTTP response splitting vulnerability in WEBrick (bsc#1152992).\n\nCVE-2019-16255: Fixed a code injection vulnerability in Shell#[] and Shell#test (bsc#1152990).\n\nCVE-2020-10663: Fixed an unsafe object creation vulnerability in JSON (bsc#1171517).\n\nNon-security issue fixed :\n\nAdd conflicts to libruby to make sure ruby and ruby-stdlib are also updated when libruby is updated (bsc#1048072).\n\nAlso yast2-ruby-bindings on SLES 12 SP2 LTSS was updated to handle the updated ruby interpreter. (bsc#1172275)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-06-18T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : ruby2.1 (SUSE-SU-2020:1570-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-9096", "CVE-2016-2339", "CVE-2016-7798", "CVE-2017-0898", "CVE-2017-0899", "CVE-2017-0900", "CVE-2017-0901", "CVE-2017-0902", "CVE-2017-0903", "CVE-2017-10784", "CVE-2017-14033", "CVE-2017-14064", "CVE-2017-17405", "CVE-2017-17742", "CVE-2017-17790", "CVE-2017-9228", "CVE-2017-9229", "CVE-2018-1000073", "CVE-2018-1000074", "CVE-2018-1000075", "CVE-2018-1000076", "CVE-2018-1000077", "CVE-2018-1000078", "CVE-2018-1000079", "CVE-2018-16395", "CVE-2018-16396", "CVE-2018-6914", "CVE-2018-8777", "CVE-2018-8778", "CVE-2018-8779", "CVE-2018-8780", "CVE-2019-15845", "CVE-2019-16201", "CVE-2019-16254", "CVE-2019-16255", "CVE-2019-8320", "CVE-2019-8321", "CVE-2019-8322", "CVE-2019-8323", "CVE-2019-8324", "CVE-2019-8325", "CVE-2020-10663"], "modified": "2022-05-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libruby2_1", "p-cpe:/a:novell:suse_linux:libruby2_1-2_1-debuginfo", "p-cpe:/a:novell:suse_linux:ruby2.1", "p-cpe:/a:novell:suse_linux:ruby2.1-debuginfo", "p-cpe:/a:novell:suse_linux:ruby2.1-debugsource", "p-cpe:/a:novell:suse_linux:ruby2.1-stdlib", "p-cpe:/a:novell:suse_linux:ruby2.1-stdlib-debuginfo", "p-cpe:/a:novell:suse_linux:yast2-ruby-bindings", "p-cpe:/a:novell:suse_linux:yast2-ruby-bindings-debuginfo", "p-cpe:/a:novell:suse_linux:yast2-ruby-bindings-debugsource", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2020-1570-1.NASL", "href": "https://www.tenable.com/plugins/nessus/137599", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2020:1570-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(137599);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/13\");\n\n script_cve_id(\n \"CVE-2015-9096\",\n \"CVE-2016-2339\",\n \"CVE-2016-7798\",\n \"CVE-2017-0898\",\n \"CVE-2017-0899\",\n \"CVE-2017-0900\",\n \"CVE-2017-0901\",\n \"CVE-2017-0902\",\n \"CVE-2017-0903\",\n \"CVE-2017-9228\",\n \"CVE-2017-9229\",\n \"CVE-2017-10784\",\n \"CVE-2017-14033\",\n \"CVE-2017-14064\",\n \"CVE-2017-17405\",\n \"CVE-2017-17742\",\n \"CVE-2017-17790\",\n \"CVE-2018-6914\",\n \"CVE-2018-8777\",\n \"CVE-2018-8778\",\n \"CVE-2018-8779\",\n \"CVE-2018-8780\",\n \"CVE-2018-16395\",\n \"CVE-2018-16396\",\n \"CVE-2018-1000073\",\n \"CVE-2018-1000074\",\n \"CVE-2018-1000075\",\n \"CVE-2018-1000076\",\n \"CVE-2018-1000077\",\n \"CVE-2018-1000078\",\n \"CVE-2018-1000079\",\n \"CVE-2019-8320\",\n \"CVE-2019-8321\",\n \"CVE-2019-8322\",\n \"CVE-2019-8323\",\n \"CVE-2019-8324\",\n \"CVE-2019-8325\",\n \"CVE-2019-15845\",\n \"CVE-2019-16201\",\n \"CVE-2019-16254\",\n \"CVE-2019-16255\",\n \"CVE-2020-10663\"\n );\n\n script_name(english:\"SUSE SLES12 Security Update : ruby2.1 (SUSE-SU-2020:1570-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for ruby2.1 fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2015-9096: Fixed an SMTP command injection via CRLFsequences in a\nRCPT TO or MAIL FROM command (bsc#1043983).\n\nCVE-2016-7798: Fixed an IV Reuse in GCM Mode (bsc#1055265).\n\nCVE-2017-0898: Fixed a buffer underrun vulnerability in Kernel.sprintf\n(bsc#1058755).\n\nCVE-2017-0899: Fixed an issue with malicious gem specifications,\ninsufficient sanitation when printing gem specifications could have\nincluded terminal characters (bsc#1056286).\n\nCVE-2017-0900: Fixed an issue with malicious gem specifications, the\nquery command could have led to a denial of service attack against\nclients (bsc#1056286).\n\nCVE-2017-0901: Fixed an issue with malicious gem specifications,\npotentially overwriting arbitrary files on the client system\n(bsc#1056286).\n\nCVE-2017-0902: Fixed an issue with malicious gem specifications, that\ncould have enabled MITM attacks against clients (bsc#1056286).\n\nCVE-2017-0903: Fixed an unsafe object deserialization vulnerability\n(bsc#1062452).\n\nCVE-2017-9228: Fixed a heap out-of-bounds write in bitset_set_range()\nduring regex compilation (bsc#1069607).\n\nCVE-2017-9229: Fixed an invalid pointer dereference in\nleft_adjust_char_head() in oniguruma (bsc#1069632).\n\nCVE-2017-10784: Fixed an escape sequence injection vulnerability in\nthe Basic authentication of WEBrick (bsc#1058754).\n\nCVE-2017-14033: Fixed a buffer underrun vulnerability in OpenSSL ASN1\ndecode (bsc#1058757).\n\nCVE-2017-14064: Fixed an arbitrary memory exposure during a\nJSON.generate call (bsc#1056782).\n\nCVE-2017-17405: Fixed a command injection vulnerability in Net::FTP\n(bsc#1073002).\n\nCVE-2017-17742: Fixed an HTTP response splitting issue in WEBrick\n(bsc#1087434).\n\nCVE-2017-17790: Fixed a command injection in\nlib/resolv.rb:lazy_initialize() (bsc#1078782).\n\nCVE-2018-6914: Fixed an unintentional file and directory creation with\ndirectory traversal in tempfile and tmpdir (bsc#1087441).\n\nCVE-2018-8777: Fixed a potential DoS caused by large requests in\nWEBrick (bsc#1087436).\n\nCVE-2018-8778: Fixed a buffer under-read in String#unpack\n(bsc#1087433).\n\nCVE-2018-8779: Fixed an unintentional socket creation by poisoned NUL\nbyte in UNIXServer and UNIXSocket (bsc#1087440).\n\nCVE-2018-8780: Fixed an unintentional directory traversal by poisoned\nNUL byte in Dir (bsc#1087437).\n\nCVE-2018-16395: Fixed an issue with OpenSSL::X509::Name equality\nchecking (bsc#1112530).\n\nCVE-2018-16396: Fixed an issue with tainted string handling, where the\nflag was not propagated in Array#pack and String#unpack with some\ndirectives (bsc#1112532).\n\nCVE-2018-1000073: Fixed a path traversal issue (bsc#1082007).\n\nCVE-2018-1000074: Fixed an unsafe object deserialization vulnerability\nin gem owner, allowing arbitrary code execution with specially crafted\nYAML (bsc#1082008).\n\nCVE-2018-1000075: Fixed an infinite loop vulnerability due to negative\nsize in tar header causes Denial of Service (bsc#1082014).\n\nCVE-2018-1000076: Fixed an improper verification of signatures in\ntarballs (bsc#1082009).\n\nCVE-2018-1000077: Fixed an improper URL validation in the homepage\nattribute of ruby gems (bsc#1082010).\n\nCVE-2018-1000078: Fixed a XSS vulnerability in the homepage attribute\nwhen displayed via gem server (bsc#1082011).\n\nCVE-2018-1000079: Fixed a path traversal issue during gem installation\nallows to write to arbitrary filesystem locations (bsc#1082058).\n\nCVE-2019-8320: Fixed a directory traversal issue when decompressing\ntar files (bsc#1130627).\n\nCVE-2019-8321: Fixed an escape sequence injection vulnerability in\nverbose (bsc#1130623).\n\nCVE-2019-8322: Fixed an escape sequence injection vulnerability in gem\nowner (bsc#1130622).\n\nCVE-2019-8323: Fixed an escape sequence injection vulnerability in API\nresponse handling (bsc#1130620).\n\nCVE-2019-8324: Fixed an issue with malicious gems that may have led to\narbitrary code execution (bsc#1130617).\n\nCVE-2019-8325: Fixed an escape sequence injection vulnerability in\nerrors (bsc#1130611).\n\nCVE-2019-15845: Fixed a NUL injection vulnerability in File.fnmatch\nand File.fnmatch? (bsc#1152994).\n\nCVE-2019-16201: Fixed a regular expression denial of service\nvulnerability in WEBrick's digest access authentication (bsc#1152995).\n\nCVE-2019-16254: Fixed an HTTP response splitting vulnerability in\nWEBrick (bsc#1152992).\n\nCVE-2019-16255: Fixed a code injection vulnerability in Shell#[] and\nShell#test (bsc#1152990).\n\nCVE-2020-10663: Fixed an unsafe object creation vulnerability in JSON\n(bsc#1171517).\n\nNon-security issue fixed :\n\nAdd conflicts to libruby to make sure ruby and ruby-stdlib are also\nupdated when libruby is updated (bsc#1048072).\n\nAlso yast2-ruby-bindings on SLES 12 SP2 LTSS was updated to handle the\nupdated ruby interpreter. (bsc#1172275)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1043983\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1048072\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1055265\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1056286\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1056782\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1058754\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1058755\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1058757\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1062452\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1069607\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1069632\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1073002\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1078782\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1082007\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1082008\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1082009\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1082010\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1082011\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1082014\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1082058\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1087433\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1087434\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1087436\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1087437\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1087440\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1087441\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1112530\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1112532\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1130611\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1130617\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1130620\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1130622\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1130623\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1130627\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152990\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152992\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152994\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152995\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1171517\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1172275\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2015-9096/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2016-2339/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2016-7798/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-0898/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-0899/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-0900/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-0901/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-0902/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-0903/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-10784/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-14033/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-14064/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-17405/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-17742/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-17790/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-9228/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-9229/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-1000073/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-1000074/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-1000075/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-1000076/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-1000077/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-1000078/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-1000079/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-16395/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-16396/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-6914/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-8777/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-8778/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-8779/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-8780/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-15845/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-16201/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-16254/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-16255/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8320/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8321/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8322/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8323/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8324/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8325/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-10663/\");\n # https://www.suse.com/support/update/announcement/2020/suse-su-20201570-1/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1d525cde\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE OpenStack Cloud Crowbar 8 :\n\nzypper in -t patch SUSE-OpenStack-Cloud-Crowbar-8-2020-1570=1\n\nSUSE OpenStack Cloud 8 :\n\nzypper in -t patch SUSE-OpenStack-Cloud-8-2020-1570=1\n\nSUSE OpenStack Cloud 7 :\n\nzypper in -t patch SUSE-OpenStack-Cloud-7-2020-1570=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP5 :\n\nzypper in -t patch SUSE-SLE-SDK-12-SP5-2020-1570=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP4 :\n\nzypper in -t patch SUSE-SLE-SDK-12-SP4-2020-1570=1\n\nSUSE Linux Enterprise Server for SAP 12-SP3 :\n\nzypper in -t patch SUSE-SLE-SAP-12-SP3-2020-1570=1\n\nSUSE Linux Enterprise Server for SAP 12-SP2 :\n\nzypper in -t patch SUSE-SLE-SAP-12-SP2-2020-1570=1\n\nSUSE Linux Enterprise Server 12-SP5 :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP5-2020-1570=1\n\nSUSE Linux Enterprise Server 12-SP4 :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP4-2020-1570=1\n\nSUSE Linux Enterprise Server 12-SP3-LTSS :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP3-2020-1570=1\n\nSUSE Linux Enterprise Server 12-SP3-BCL :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP3-BCL-2020-1570=1\n\nSUSE Linux Enterprise Server 12-SP2-LTSS :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP2-2020-1570=1\n\nSUSE Linux Enterprise Server 12-SP2-BCL :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP2-BCL-2020-1570=1\n\nSUSE Enterprise Storage 5 :\n\nzypper in -t patch SUSE-Storage-5-2020-1570=1\n\nHPE Helion Openstack 8 :\n\nzypper in -t patch HPE-Helion-OpenStack-8-2020-1570=1\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2017-17405\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2018-16395\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/01/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/06/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/06/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libruby2_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libruby2_1-2_1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ruby2.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ruby2.1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ruby2.1-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ruby2.1-stdlib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ruby2.1-stdlib-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:yast2-ruby-bindings\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:yast2-ruby-bindings-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:yast2-ruby-bindings-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(2|3|4|5)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP2/3/4/5\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libruby2_1-2_1-2.1.9-19.3.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libruby2_1-2_1-debuginfo-2.1.9-19.3.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"ruby2.1-2.1.9-19.3.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"ruby2.1-debuginfo-2.1.9-19.3.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"ruby2.1-debugsource-2.1.9-19.3.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"ruby2.1-stdlib-2.1.9-19.3.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"ruby2.1-stdlib-debuginfo-2.1.9-19.3.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libruby2_1-2_1-2.1.9-19.3.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libruby2_1-2_1-debuginfo-2.1.9-19.3.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"ruby2.1-2.1.9-19.3.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"ruby2.1-debuginfo-2.1.9-19.3.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"ruby2.1-debugsource-2.1.9-19.3.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"ruby2.1-stdlib-2.1.9-19.3.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"ruby2.1-stdlib-debuginfo-2.1.9-19.3.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libruby2_1-2_1-2.1.9-19.3.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libruby2_1-2_1-debuginfo-2.1.9-19.3.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"ruby2.1-2.1.9-19.3.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"ruby2.1-debuginfo-2.1.9-19.3.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"ruby2.1-debugsource-2.1.9-19.3.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"ruby2.1-stdlib-2.1.9-19.3.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"ruby2.1-stdlib-debuginfo-2.1.9-19.3.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"yast2-ruby-bindings-3.1.53-9.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"yast2-ruby-bindings-debuginfo-3.1.53-9.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"yast2-ruby-bindings-debugsource-3.1.53-9.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libruby2_1-2_1-2.1.9-19.3.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libruby2_1-2_1-debuginfo-2.1.9-19.3.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"ruby2.1-2.1.9-19.3.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"ruby2.1-debuginfo-2.1.9-19.3.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"ruby2.1-debugsource-2.1.9-19.3.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"ruby2.1-stdlib-2.1.9-19.3.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"ruby2.1-stdlib-debuginfo-2.1.9-19.3.2\")) flag++;\n\n\nif (flag)\n{\n set_kb_item(name:'www/0/XSS', value:TRUE);\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ruby2.1\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "openvas": [{"lastseen": "2019-06-21T14:43:44", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-22T00:00:00", "type": "openvas", "title": "CentOS Update for ruby CESA-2019:1235 centos7 ", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-8325", "CVE-2019-8323", "CVE-2019-8322", "CVE-2019-8324"], "modified": "2019-06-21T00:00:00", "id": "OPENVAS:1361412562310883057", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310883057", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.883057\");\n script_version(\"2019-06-21T07:26:45+0000\");\n script_cve_id(\"CVE-2019-8322\", \"CVE-2019-8323\", \"CVE-2019-8324\", \"CVE-2019-8325\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-06-21 07:26:45 +0000 (Fri, 21 Jun 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-22 02:00:38 +0000 (Wed, 22 May 2019)\");\n script_name(\"CentOS Update for ruby CESA-2019:1235 centos7 \");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS7\");\n\n script_xref(name:\"CESA\", value:\"2019:1235\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2019-May/023315.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'ruby'\n package(s) announced via the CESA-2019:1235 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Ruby is an extensible, interpreted, object-oriented, scripting language. It\nhas features to process text files and to perform system management tasks.\n\nSecurity Fix(es):\n\n * rubygems: Installing a malicious gem may lead to arbitrary code execution\n(CVE-2019-8324)\n\n * rubygems: Escape sequence injection vulnerability in gem owner\n(CVE-2019-8322)\n\n * rubygems: Escape sequence injection vulnerability in API response\nhandling (CVE-2019-8323)\n\n * rubygems: Escape sequence injection vulnerability in errors\n(CVE-2019-8325)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section.\");\n\n script_tag(name:\"affected\", value:\"'ruby' package(s) on CentOS 7.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"CentOS7\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~2.0.0.648~35.el7_6\", rls:\"CentOS7\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ruby-devel\", rpm:\"ruby-devel~2.0.0.648~35.el7_6\", rls:\"CentOS7\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ruby-doc\", rpm:\"ruby-doc~2.0.0.648~35.el7_6\", rls:\"CentOS7\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rubygem-bigdecimal\", rpm:\"rubygem-bigdecimal~1.2.0~35.el7_6\", rls:\"CentOS7\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rubygem-io-console\", rpm:\"rubygem-io-console~0.4.2~35.el7_6\", rls:\"CentOS7\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rubygem-json\", rpm:\"rubygem-json~1.7.7~35.el7_6\", rls:\"CentOS7\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rubygem-minitest\", rpm:\"rubygem-minitest~4.3.2~35.el7_6\", rls:\"CentOS7\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rubygem-psych\", rpm:\"rubygem-psych~2.0.0~35.el7_6\", rls:\"CentOS7\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rubygem-rake\", rpm:\"rubygem-rake~0.9.6~35.el7_6\", rls:\"CentOS7\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rubygem-rdoc\", rpm:\"rubygem-rdoc~4.0.0~35.el7_6\", rls:\"CentOS7\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rubygems\", rpm:\"rubygems~2.0.14.1~35.el7_6\", rls:\"CentOS7\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rubygems-devel\", rpm:\"rubygems-devel~2.0.14.1~35.el7_6\", rls:\"CentOS7\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ruby-irb\", rpm:\"ruby-irb~2.0.0.648~35.el7_6\", rls:\"CentOS7\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ruby-libs\", rpm:\"ruby-libs~2.0.0.648~35.el7_6\", rls:\"CentOS7\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ruby-tcltk\", rpm:\"ruby-tcltk~2.0.0.648~35.el7_6\", rls:\"CentOS7\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-27T18:34:59", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2019-1597)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-8325", "CVE-2019-8323", "CVE-2019-8322", "CVE-2019-8324"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220191597", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191597", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1597\");\n script_version(\"2020-01-23T12:16:40+0000\");\n script_cve_id(\"CVE-2019-8322\", \"CVE-2019-8323\", \"CVE-2019-8324\", \"CVE-2019-8325\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 12:16:40 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:16:40 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2019-1597)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP5\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1597\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1597\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'ruby' package(s) announced via the EulerOS-SA-2019-1597 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"rubygems: Installing a malicious gem may lead to arbitrary code execution (CVE-2019-8324)\n\nrubygems: Escape sequence injection vulnerability in gem owner (CVE-2019-8322)\n\nrubygems: Escape sequence injection vulnerability in API response handling (CVE-2019-8323)\n\nrubygems: Escape sequence injection vulnerability in errors (CVE-2019-8325)\");\n\n script_tag(name:\"affected\", value:\"'ruby' package(s) on Huawei EulerOS V2.0SP5.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP5\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~2.0.0.648~33.h13.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ruby-irb\", rpm:\"ruby-irb~2.0.0.648~33.h13.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ruby-libs\", rpm:\"ruby-libs~2.0.0.648~33.h13.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-29T19:24:33", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-04-02T00:00:00", "type": "openvas", "title": "Debian LTS: Security Advisory for ruby2.1 (DLA-1735-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-8320", "CVE-2019-8325", "CVE-2019-8323", "CVE-2019-8322", "CVE-2019-8324"], "modified": "2020-01-29T00:00:00", "id": "OPENVAS:1361412562310891735", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310891735", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.891735\");\n script_version(\"2020-01-29T08:22:52+0000\");\n script_cve_id(\"CVE-2019-8320\", \"CVE-2019-8322\", \"CVE-2019-8323\", \"CVE-2019-8324\", \"CVE-2019-8325\");\n script_tag(name:\"cvss_base\", value:\"8.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-29 08:22:52 +0000 (Wed, 29 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-04-02 20:00:00 +0000 (Tue, 02 Apr 2019)\");\n script_name(\"Debian LTS: Security Advisory for ruby2.1 (DLA-1735-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2019/03/msg00037.html\");\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/DLA-1735-1\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'ruby2.1'\n package(s) announced via the DLA-1735-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Several vulnerabilities have been discovered in rubygems embedded in\nruby2.1, the interpreted scripting language.\n\nCVE-2019-8320\n\nA Directory Traversal issue was discovered in RubyGems. Before\nmaking new directories or touching files (which now include\npath-checking code for symlinks), it would delete the target\ndestination.\n\nCVE-2019-8322\n\nThe gem owner command outputs the contents of the API response\ndirectly to stdout. Therefore, if the response is crafted, escape\nsequence injection may occur.\n\nCVE-2019-8323\n\nGem::GemcutterUtilities#with_response may output the API response to\nstdout as it is. Therefore, if the API side modifies the response,\nescape sequence injection may occur.\n\nCVE-2019-8324\n\nA crafted gem with a multi-line name is not handled correctly.\nTherefore, an attacker could inject arbitrary code to the stub line\nof gemspec, which is eval-ed by code in ensure_loadable_spec during\nthe preinstall check.\n\nCVE-2019-8325\n\nAn issue was discovered in RubyGems 2.6 and later through 3.0.2.\nSince Gem::CommandManager#run calls alert_error without escaping,\nescape sequence injection is possible. (There are many ways to cause\nan error.)\");\n\n script_tag(name:\"affected\", value:\"'ruby2.1' package(s) on Debian Linux.\");\n\n script_tag(name:\"solution\", value:\"For Debian 8 'Jessie', these problems have been fixed in version\n2.1.5-2+deb8u7.\n\nWe recommend that you upgrade your ruby2.1 packages.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"libruby2.1\", ver:\"2.1.5-2+deb8u7\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"ruby2.1\", ver:\"2.1.5-2+deb8u7\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"ruby2.1-dev\", ver:\"2.1.5-2+deb8u7\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"ruby2.1-doc\", ver:\"2.1.5-2+deb8u7\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"ruby2.1-tcltk\", ver:\"2.1.5-2+deb8u7\", rls:\"DEB8\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n\nexit(0);\n", "cvss": {"score": 8.8, "vector": "AV:N/AC:M/Au:N/C:N/I:C/A:C"}}, {"lastseen": "2019-06-21T14:43:09", "description": "The remote host is missing an update for the\n ", "cvss3": {}, "published": "2019-05-10T00:00:00", "type": "openvas", "title": "Fedora Update for ruby FEDORA-2019-feac6674b7", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-8320", "CVE-2019-8325", "CVE-2019-8321", "CVE-2019-8323", "CVE-2019-8322", "CVE-2019-8324"], "modified": "2019-06-21T00:00:00", "id": "OPENVAS:1361412562310876346", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876346", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876346\");\n script_version(\"2019-06-21T07:26:45+0000\");\n script_cve_id(\"CVE-2019-8320\", \"CVE-2019-8321\", \"CVE-2019-8322\", \"CVE-2019-8323\",\n \"CVE-2019-8324\", \"CVE-2019-8325\");\n script_tag(name:\"cvss_base\", value:\"8.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-06-21 07:26:45 +0000 (Fri, 21 Jun 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-10 02:11:44 +0000 (Fri, 10 May 2019)\");\n script_name(\"Fedora Update for ruby FEDORA-2019-feac6674b7\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC28\");\n\n script_xref(name:\"FEDORA\", value:\"2019-feac6674b7\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WUFHAULLX3OK2O3CMJLJL6KKISCNX3J5\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the\n 'ruby' package(s) announced via the FEDORA-2019-feac6674b7 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is\n present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Ruby is the interpreted scripting language\n for quick and easy object-oriented programming. It has many features to process\n text files and to do system management tasks (as in Perl). It is simple,\n straight-forward, and extensible.\");\n\n script_tag(name:\"affected\", value:\"'ruby' package(s) on Fedora 28.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC28\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~2.5.5~108.fc28\", rls:\"FC28\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 8.8, "vector": "AV:N/AC:M/Au:N/C:N/I:C/A:C"}}, {"lastseen": "2020-01-27T18:36:40", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2019-1617)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-16395", "CVE-2019-8325", "CVE-2018-16396", "CVE-2019-8323", "CVE-2019-8322", "CVE-2019-8324"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220191617", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191617", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1617\");\n script_version(\"2020-01-23T14:23:06+0000\");\n script_cve_id(\"CVE-2018-16395\", \"CVE-2018-16396\", \"CVE-2019-8322\", \"CVE-2019-8323\", \"CVE-2019-8324\", \"CVE-2019-8325\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 14:23:06 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:17:30 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2019-1617)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRTARM64-3\\.0\\.2\\.0\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1617\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1617\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'ruby' package(s) announced via the EulerOS-SA-2019-1617 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"An issue was discovered in the OpenSSL library in Ruby before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.2, and 2.6.x before 2.6.0-preview3. When two OpenSSL::X509::Name objects are compared using ==, depending on the ordering, non-equal objects may return true. When the first argument is one character longer than the second, or the second argument contains a character that is one less than a character in the same position of the first argument, the result of == will be true. This could be leveraged to create an illegitimate certificate that may be accepted as legitimate and then used in signing or encryption operations.(CVE-2018-16395)\n\nAn issue was discovered in Ruby before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.2, and 2.6.x before 2.6.0-preview3. It does not taint strings that result from unpacking tainted strings with some formats.(CVE-2018-16396)\n\nAn issue was discovered in RubyGems 2.6 and later through 3.0.2. The gem owner command outputs the contents of the API response directly to stdout. Therefore, if the response is crafted, escape sequence injection may occur.(CVE-2019-8322)\n\nAn issue was discovered in RubyGems 2.6 and later through 3.0.2. Gem::GemcutterUtilities#with_response may output the API response to stdout as it is. Therefore, if the API side modifies the response, escape sequence injection may occur.(CVE-2019-8323)\n\nAn issue was discovered in RubyGems 2.6 and later through 3.0.2. A crafted gem with a multi-line name is not handled correctly. Therefore, an attacker could inject arbitrary code to the stub line of gemspec, which is eval-ed by code in ensure_loadable_spec during the preinstall check.(CVE-2019-8324)\n\nAn issue was discovered in RubyGems 2.6 and later through 3.0.2. Since Gem::CommandManager#run calls alert_error without escaping, escape sequence injection is possible. (There are many ways to cause an error.)(CVE-2019-8325)\");\n\n script_tag(name:\"affected\", value:\"'ruby' package(s) on Huawei EulerOS Virtualization for ARM 64 3.0.2.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRTARM64-3.0.2.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~2.0.0.648~33.h13\", rls:\"EULEROSVIRTARM64-3.0.2.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ruby-irb\", rpm:\"ruby-irb~2.0.0.648~33.h13\", rls:\"EULEROSVIRTARM64-3.0.2.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ruby-libs\", rpm:\"ruby-libs~2.0.0.648~33.h13\", rls:\"EULEROSVIRTARM64-3.0.2.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rubygem-bigdecimal\", rpm:\"rubygem-bigdecimal~1.2.0~33.h13\", rls:\"EULEROSVIRTARM64-3.0.2.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rubygem-io-console\", rpm:\"rubygem-io-console~0.4.2~33.h13\", rls:\"EULEROSVIRTARM64-3.0.2.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rubygem-json\", rpm:\"rubygem-json~1.7.7~33.h13\", rls:\"EULEROSVIRTARM64-3.0.2.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rubygem-psych\", rpm:\"rubygem-psych~2.0.0~33.h13\", rls:\"EULEROSVIRTARM64-3.0.2.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rubygem-rdoc\", rpm:\"rubygem-rdoc~4.0.0~33.h13\", rls:\"EULEROSVIRTARM64-3.0.2.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rubygems\", rpm:\"rubygems~2.0.14.1~33.h13\", rls:\"EULEROSVIRTARM64-3.0.2.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-27T18:40:34", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2019-1718)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-16395", "CVE-2019-8325", "CVE-2018-16396", "CVE-2019-8323", "CVE-2019-8322", "CVE-2019-8324"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220191718", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191718", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1718\");\n script_version(\"2020-01-23T12:20:42+0000\");\n script_cve_id(\"CVE-2018-16395\", \"CVE-2018-16396\", \"CVE-2019-8322\", \"CVE-2019-8323\", \"CVE-2019-8324\", \"CVE-2019-8325\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 12:20:42 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:20:42 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2019-1718)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP2\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1718\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1718\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'ruby' package(s) announced via the EulerOS-SA-2019-1718 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"rubygems: Installing a malicious gem may lead to arbitrary code execution (CVE-2019-8324)\n\nrubygems: Escape sequence injection vulnerability in gem owner (CVE-2019-8322)\n\nrubygems: Escape sequence injection vulnerability in API response handling (CVE-2019-8323)\n\nrubygems: Escape sequence injection vulnerability in errors (CVE-2019-8325)\");\n\n script_tag(name:\"affected\", value:\"'ruby' package(s) on Huawei EulerOS V2.0SP2.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP2\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~2.0.0.648~33.h14\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ruby-irb\", rpm:\"ruby-irb~2.0.0.648~33.h14\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ruby-libs\", rpm:\"ruby-libs~2.0.0.648~33.h14\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-06-21T14:43:47", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-04-18T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 4433-1 (ruby2.3 - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-8320", "CVE-2019-8325", "CVE-2019-8321", "CVE-2019-8323", "CVE-2019-8322", "CVE-2019-8324"], "modified": "2019-06-21T00:00:00", "id": "OPENVAS:1361412562310704433", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310704433", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.704433\");\n script_version(\"2019-06-21T07:26:45+0000\");\n script_cve_id(\"CVE-2019-8320\", \"CVE-2019-8321\", \"CVE-2019-8322\", \"CVE-2019-8323\", \"CVE-2019-8324\", \"CVE-2019-8325\");\n script_tag(name:\"cvss_base\", value:\"8.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-06-21 07:26:45 +0000 (Fri, 21 Jun 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-04-18 02:00:08 +0000 (Thu, 18 Apr 2019)\");\n script_name(\"Debian Security Advisory DSA 4433-1 (ruby2.3 - security update)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB9\");\n\n script_xref(name:\"URL\", value:\"https://www.debian.org/security/2019/dsa-4433.html\");\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/DSA-4433-1\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'ruby2.3'\n package(s) announced via the DSA-4433-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Several vulnerabilities have been discovered in the Rubygems included in\nthe interpreter for the Ruby language, which may result in denial of\nservice or the execution of arbitrary code.\");\n\n script_tag(name:\"affected\", value:\"'ruby2.3' package(s) on Debian Linux.\");\n\n script_tag(name:\"solution\", value:\"For the stable distribution (stretch), these problems have been fixed in\nversion 2.3.3-1+deb9u6.\n\nWe recommend that you upgrade your ruby2.3 packages.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"libruby2.3\", ver:\"2.3.3-1+deb9u6\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"ruby2.3\", ver:\"2.3.3-1+deb9u6\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"ruby2.3-dev\", ver:\"2.3.3-1+deb9u6\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"ruby2.3-doc\", ver:\"2.3.3-1+deb9u6\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"ruby2.3-tcltk\", ver:\"2.3.3-1+deb9u6\", rls:\"DEB9\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n\nexit(0);", "cvss": {"score": 8.8, "vector": "AV:N/AC:M/Au:N/C:N/I:C/A:C"}}, {"lastseen": "2019-06-21T14:43:42", "description": "The remote host is missing an update for the\n ", "cvss3": {}, "published": "2019-04-12T00:00:00", "type": "openvas", "title": "Ubuntu Update for ruby2.5 USN-3945-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-8320", "CVE-2019-8325", "CVE-2019-8321", "CVE-2019-8323", "CVE-2019-8322", "CVE-2019-8324"], "modified": "2019-06-21T00:00:00", "id": "OPENVAS:1361412562310843974", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310843974", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.843974\");\n script_version(\"2019-06-21T07:26:45+0000\");\n script_cve_id(\"CVE-2019-8320\", \"CVE-2019-8321\", \"CVE-2019-8322\", \"CVE-2019-8323\",\n \"CVE-2019-8324\", \"CVE-2019-8325\");\n script_tag(name:\"cvss_base\", value:\"8.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-06-21 07:26:45 +0000 (Fri, 21 Jun 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-04-12 02:00:22 +0000 (Fri, 12 Apr 2019)\");\n script_name(\"Ubuntu Update for ruby2.5 USN-3945-1\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=(UBUNTU14\\.04 LTS|UBUNTU18\\.04 LTS|UBUNTU18\\.10|UBUNTU16\\.04 LTS)\");\n\n script_xref(name:\"USN\", value:\"3945-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3945-1/\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the\n 'ruby2.5' package(s) announced via the USN-3945-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version\n is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"It was discovered that Ruby incorrectly\nhandled certain RubyGems.\nAn attacker could possibly use this issue to execute arbitrary\ncommands. (CVE-2019-8320)\n\nIt was discovered that Ruby incorrectly handled certain inputs.\nAn attacker could possibly use this issue to execute arbitrary code.\n(CVE-2019-8321, CVE-2019-8322, CVE-2019-8323, CVE-2019-8324, CVE-2019-8325)\");\n\n script_tag(name:\"affected\", value:\"'ruby2.5' package(s) on Ubuntu 18.10, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS, Ubuntu 14.04 LTS.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"UBUNTU14.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"libruby1.9.1\", ver:\"1.9.3.484-2ubuntu1.14\", rls:\"UBUNTU14.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"libruby2.0\", ver:\"2.0.0.484-1ubuntu2.13\", rls:\"UBUNTU14.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"ruby1.9.1\", ver:\"1.9.3.484-2ubuntu1.14\", rls:\"UBUNTU14.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"ruby1.9.3\", ver:\"1.9.3.484-2ubuntu1.14\", rls:\"UBUNTU14.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"ruby2.0\", ver:\"2.0.0.484-1ubuntu2.13\", rls:\"UBUNTU14.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"UBUNTU18.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"libruby2.5\", ver:\"2.5.1-1ubuntu1.2\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"ruby2.5\", ver:\"2.5.1-1ubuntu1.2\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"UBUNTU18.10\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"libruby2.5\", ver:\"2.5.1-5ubuntu4.3\", rls:\"UBUNTU18.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"ruby2.5\", ver:\"2.5.1-5ubuntu4.3\", rls:\"UBUNTU18.10\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"UBUNTU16.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"libruby2.3\", ver:\"2.3.1-2~16.04.12\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"ruby2.3\", ver:\"2.3.1-2~16.04.12\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 8.8, "vector": "AV:N/AC:M/Au:N/C:N/I:C/A:C"}}, {"lastseen": "2019-06-21T14:42:55", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-07T00:00:00", "type": "openvas", "title": "Fedora Update for ruby FEDORA-2019-a155364f3c", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-8320", "CVE-2019-8325", "CVE-2019-8321", "CVE-2019-8323", "CVE-2019-8322", "CVE-2019-8324"], "modified": "2019-06-21T00:00:00", "id": "OPENVAS:1361412562310876000", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876000", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876000\");\n script_version(\"2019-06-21T07:26:45+0000\");\n script_cve_id(\"CVE-2019-8320\", \"CVE-2019-8321\", \"CVE-2019-8322\", \"CVE-2019-8323\", \"CVE-2019-8324\", \"CVE-2019-8325\");\n script_tag(name:\"cvss_base\", value:\"8.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-06-21 07:26:45 +0000 (Fri, 21 Jun 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:31:07 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for ruby FEDORA-2019-a155364f3c\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-a155364f3c\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V3V4CAKK4UMS7K7U653RJ4XBOM4CFP7O\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'ruby'\n package(s) announced via the FEDORA-2019-a155364f3c advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Ruby is the interpreted scripting language for quick and easy\nobject-oriented programming. It has many features to process text\nfiles and to do system management tasks (as in Perl). It is simple,\nstraight-forward, and extensible.\");\n\n script_tag(name:\"affected\", value:\"'ruby' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~2.5.5~101.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 8.8, "vector": "AV:N/AC:M/Au:N/C:N/I:C/A:C"}}, {"lastseen": "2020-01-29T19:25:44", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-21T00:00:00", "type": "openvas", "title": "Debian LTS: Security Advisory for jruby (DLA-1796-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1000078", "CVE-2018-1000075", "CVE-2019-8325", "CVE-2018-1000076", "CVE-2018-1000074", "CVE-2019-8321", "CVE-2019-8323", "CVE-2018-1000077", "CVE-2019-8322", "CVE-2019-8324"], "modified": "2020-01-29T00:00:00", "id": "OPENVAS:1361412562310891796", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310891796", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.891796\");\n script_version(\"2020-01-29T08:22:52+0000\");\n script_cve_id(\"CVE-2018-1000074\", \"CVE-2018-1000075\", \"CVE-2018-1000076\", \"CVE-2018-1000077\", \"CVE-2018-1000078\", \"CVE-2019-8321\", \"CVE-2019-8322\", \"CVE-2019-8323\", \"CVE-2019-8324\", \"CVE-2019-8325\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-29 08:22:52 +0000 (Wed, 29 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-05-21 02:00:23 +0000 (Tue, 21 May 2019)\");\n script_name(\"Debian LTS: Security Advisory for jruby (DLA-1796-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2019/05/msg00028.html\");\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/DLA-1796-1\");\n script_xref(name:\"URL\", value:\"https://bugs.debian.org/895778\");\n script_xref(name:\"URL\", value:\"https://bugs.debian.org/925987\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'jruby'\n package(s) announced via the DLA-1796-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities have been discovered in jruby, Java\nimplementation of the Ruby programming language.\n\nCVE-2018-1000074\n\nDeserialization of Untrusted Data vulnerability in owner command\nthat can result in code execution. This attack appear to be\nexploitable via victim must run the `gem owner` command on a gem\nwith a specially crafted YAML file\n\nCVE-2018-1000075\n\nan infinite loop caused by negative size vulnerability in ruby gem\npackage tar header that can result in a negative size could cause an\ninfinite loop\n\nCVE-2018-1000076\n\nImproper Verification of Cryptographic Signature vulnerability in\npackage.rb that can result in a mis-signed gem could be installed,\nas the tarball would contain multiple gem signatures.\n\nCVE-2018-1000077\n\nImproper Input Validation vulnerability in ruby gems specification\nhomepage attribute that can result in a malicious gem could set an\ninvalid homepage URL\n\nCVE-2018-1000078\n\nCross Site Scripting (XSS) vulnerability in gem server display of\nhomepage attribute that can result in XSS. This attack appear to be\nexploitable via the victim must browse to a malicious gem on a\nvulnerable gem server\n\nCVE-2019-8321\n\nGem::UserInteraction#verbose calls say without escaping, escape\nsequence injection is possible\n\nCVE-2019-8322\n\nThe gem owner command outputs the contents of the API response\ndirectly to stdout. Therefore, if the response is crafted, escape\nsequence injection may occur\n\nCVE-2019-8323\n\nGem::GemcutterUtilities#with_response may output the API response to\nstdout as it is. Therefore, if the API side modifies the response,\nescape sequence injection may occur.\n\nCVE-2019-8324\n\nA crafted gem with a multi-line name is not handled correctly.\nTherefore, an attacker could inject arbitrary code to the stub line\nof gemspec\n\nCVE-2019-8325\n\nGem::CommandManager#run calls alert_error without escaping, escape\nsequence injection is possible. (There are many ways to cause an\nerror.)\");\n\n script_tag(name:\"affected\", value:\"'jruby' package(s) on Debian Linux.\");\n\n script_tag(name:\"solution\", value:\"For Debian 8 'Jessie', these problems have been fixed in version\n1.5.6-9+deb8u1.\n\nWe recommend that you upgrade your jruby packages.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"jruby\", ver:\"1.5.6-9+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-31T16:47:02", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-07-22T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for ruby-bundled-gems-rpmhelper, ruby2.5 (openSUSE-SU-2019:1771-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-8778", "CVE-2017-17742", "CVE-2018-1000073", "CVE-2018-8780", "CVE-2018-1000078", "CVE-2018-16395", "CVE-2018-1000075", "CVE-2019-8320", "CVE-2019-8325", "CVE-2018-1000076", "CVE-2018-16396", "CVE-2018-1000074", "CVE-2019-8321", "CVE-2018-8777", "CVE-2019-8323", "CVE-2018-8779", "CVE-2018-1000077", "CVE-2018-1000079", "CVE-2018-6914", "CVE-2019-8322", "CVE-2019-8324"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310852623", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852623", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852623\");\n script_version(\"2020-01-31T08:04:39+0000\");\n script_cve_id(\"CVE-2017-17742\", \"CVE-2018-1000073\", \"CVE-2018-1000074\", \"CVE-2018-1000075\",\n \"CVE-2018-1000076\", \"CVE-2018-1000077\", \"CVE-2018-1000078\", \"CVE-2018-1000079\",\n \"CVE-2018-16395\", \"CVE-2018-16396\", \"CVE-2018-6914\", \"CVE-2018-8777\",\n \"CVE-2018-8778\", \"CVE-2018-8779\", \"CVE-2018-8780\", \"CVE-2019-8320\",\n \"CVE-2019-8321\", \"CVE-2019-8322\", \"CVE-2019-8323\", \"CVE-2019-8324\",\n \"CVE-2019-8325\");\n script_tag(name:\"cvss_base\", value:\"8.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:04:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-07-22 02:00:43 +0000 (Mon, 22 Jul 2019)\");\n script_name(\"openSUSE: Security Advisory for ruby-bundled-gems-rpmhelper, ruby2.5 (openSUSE-SU-2019:1771-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.0\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2019:1771-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2019-07/msg00036.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'ruby-bundled-gems-rpmhelper, ruby2.5'\n package(s) announced via the openSUSE-SU-2019:1771-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for ruby2.5 and ruby-bundled-gems-rpmhelper fixes the\n following issues:\n\n Security issues fixed:\n\n - CVE-2019-8320: Delete directory using symlink when decompressing tar\n (bsc#1130627)\n\n - CVE-2019-8321: Escape sequence injection vulnerability in verbose\n (bsc#1130623)\n\n - CVE-2019-8322: Escape sequence injection vulnerability in gem\n owner (bsc#1130622)\n\n - CVE-2019-8323: Escape sequence injection vulnerability in API response\n handling (bsc#1130620)\n\n - CVE-2019-8324: Installing a malicious gem may lead to arbitrary code\n execution (bsc#1130617)\n\n - CVE-2019-8325: Escape sequence injection vulnerability in errors\n (bsc#1130611)\n\n\n Ruby 2.5 was updated to 2.5.3:\n\n This release includes some bug fixes and some security fixes.\n\n Security issues fixed:\n\n - CVE-2018-16396: Tainted flags are not propagated in Array#pack and\n String#unpack with some directives (bsc#1112532)\n\n - CVE-2018-16395: OpenSSL::X509::Name equality check does not work\n correctly (bsc#1112530)\n\n Ruby 2.5 was updated to 2.5.1:\n\n This release includes some bug fixes and some security fixes.\n\n Security issues fixed:\n\n - CVE-2017-17742: HTTP response splitting in WEBrick (bsc#1087434)\n\n - CVE-2018-6914: Unintentional file and directory creation with directory\n traversal in tempfile and tmpdir (bsc#1087441)\n\n - CVE-2018-8777: DoS by large request in WEBrick (bsc#1087436)\n\n - CVE-2018-8778: Buffer under-read in String#unpack (bsc#1087433)\n\n - CVE-2018-8779: Unintentional socket creation by poisoned NUL byte in\n UNIXServer and UNIXSocket (bsc#1087440)\n\n - CVE-2018-8780: Unintentional directory traversal by poisoned NUL byte in\n Dir (bsc#1087437)\n\n - Multiple vulnerabilities in RubyGems were fixed:\n\n - CVE-2018-1000079: Fixed path traversal issue during gem installation\n allows to write to arbitrary filesystem locations (bsc#1082058)\n\n - CVE-2018-1000075: Fixed infinite loop vulnerability due to negative\n size in tar header causes Denial of Service (bsc#1082014)\n\n - CVE-2018-1000078: Fixed XSS vulnerability in homepage attribute when\n displayed via gem server (bsc#1082011)\n\n - CVE-2018-1000077: Fixed that missing URL validation on spec home\n attribute allows malicious gem to set an invalid homepa ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'ruby-bundled-gems-rpmhelper, ' package(s) on openSUSE Leap 15.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"ruby-bundled-gems-rpmhelper\", rpm:\"ruby-bundled-gems-rpmhelper~0.0.2~lp150.2.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ruby2.5-doc-ri\", rpm:\"ruby2.5-doc-ri~2.5.5~lp150.3.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libruby2_5-2_5\", rpm:\"libruby2_5-2_5~2.5.5~lp150.3.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libruby2_5-2_5-debuginfo\", rpm:\"libruby2_5-2_5-debuginfo~2.5.5~lp150.3.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ruby2.5\", rpm:\"ruby2.5~2.5.5~lp150.3.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ruby2.5-debuginfo\", rpm:\"ruby2.5-debuginfo~2.5.5~lp150.3.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ruby2.5-debugsource\", rpm:\"ruby2.5-debugsource~2.5.5~lp150.3.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ruby2.5-devel\", rpm:\"ruby2.5-devel~2.5.5~lp150.3.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ruby2.5-devel-extra\", rpm:\"ruby2.5-devel-extra~2.5.5~lp150.3.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ruby2.5-doc\", rpm:\"ruby2.5-doc~2.5.5~lp150.3.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ruby2.5-stdlib\", rpm:\"ruby2.5-stdlib~2.5.5~lp150.3.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"uby2.5-stdlib-debuginfo\", rpm:\"uby2.5-stdlib-debuginfo~2.5.5~lp150.3.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 8.8, "vector": "AV:N/AC:M/Au:N/C:N/I:C/A:C"}}], "oraclelinux": [{"lastseen": "2021-07-28T14:24:32", "description": "[2.0.0.648-35]\n- Introduce method as precondition to fix\n CVE-2019-8321.\n * rubygems-2.3.0-refactor-checking-really_verbose.patch\n- Fix escape sequence injection vulnerability in verbose.\n- Fix escape sequence injection vulnerability in gem owner.\n- Fix escape sequence injection vulnerability in API response handling.\n- Prohibit arbitrary code execution when installing a malicious gem.\n- Fix escape sequence injection vulnerability in errors.\n * ruby-2.4.6-Applied-security-patches-for-RubyGems.patch\n Resolves: rhbz#1699283\n[2.0.0.648-35]\n- Refresh expired certificates.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-05-16T00:00:00", "type": "oraclelinux", "title": "ruby security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8321", "CVE-2019-8322", "CVE-2019-8323", "CVE-2019-8324", "CVE-2019-8325"], "modified": "2019-05-16T00:00:00", "id": "ELSA-2019-1235", "href": "http://linux.oracle.com/errata/ELSA-2019-1235.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-07-28T14:24:54", "description": "ruby\n[2.5.3-104]\n- Prohibit arbitrary code execution when installing a malicious gem.\n Resolves: CVE-2019-8324\nrubygem-mongo\n[2.5.1-2]\n- Disable tests to fix FTBFS by dropped MongoDB module.\n Resolves: rhbz#1710863\nrubygem-pg\n[1.0.0-2]\n- Assign a random testing port.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-08-05T00:00:00", "type": "oraclelinux", "title": "ruby:2.5 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8324"], "modified": "2019-08-05T00:00:00", "id": "ELSA-2019-1972", "href": "http://linux.oracle.com/errata/ELSA-2019-1972.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-07-28T14:24:58", "description": "[2.0.0.648-36]\n- Introduce 'Gem::UserInteraction#verbose' method as precondition to fix\n CVE-2019-8321.\n * rubygems-2.3.0-refactor-checking-really_verbose.patch\n- Fix escape sequence injection vulnerability in verbose.\n- Fix escape sequence injection vulnerability in gem owner.\n Resolves: CVE-2019-8322\n- Fix escape sequence injection vulnerability in API response handling.\n Resolves: CVE-2019-8323\n- Prohibit arbitrary code execution when installing a malicious gem.\n Resolves: CVE-2019-8324\n- Fix escape sequence injection vulnerability in errors.\n Resolves: CVE-2019-8325\n * ruby-2.4.6-Applied-security-patches-for-RubyGems.patch", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-08-13T00:00:00", "type": "oraclelinux", "title": "ruby security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-17742", "CVE-2018-1000073", "CVE-2018-1000074", "CVE-2018-1000075", "CVE-2018-1000076", "CVE-2018-1000077", "CVE-2018-1000078", "CVE-2018-1000079", "CVE-2018-16396", "CVE-2018-6914", "CVE-2018-8777", "CVE-2018-8778", "CVE-2018-8779", "CVE-2018-8780", "CVE-2019-8321", "CVE-2019-8322", "CVE-2019-8323", "CVE-2019-8324", "CVE-2019-8325"], "modified": "2019-08-13T00:00:00", "id": "ELSA-2019-2028", "href": "http://linux.oracle.com/errata/ELSA-2019-2028.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "centos": [{"lastseen": "2023-01-01T04:41:29", "description": "**CentOS Errata and Security Advisory** CESA-2019:1235\n\n\nRuby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks.\n\nSecurity Fix(es):\n\n* rubygems: Installing a malicious gem may lead to arbitrary code execution (CVE-2019-8324)\n\n* rubygems: Escape sequence injection vulnerability in gem owner (CVE-2019-8322)\n\n* rubygems: Escape sequence injection vulnerability in API response handling (CVE-2019-8323)\n\n* rubygems: Escape sequence injection vulnerability in errors (CVE-2019-8325)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\n**Merged security bulletin from advisories:**\nhttps://lists.centos.org/pipermail/centos-announce/2019-May/072790.html\n\n**Affected packages:**\nruby\nruby-devel\nruby-doc\nruby-irb\nruby-libs\nruby-tcltk\nrubygem-bigdecimal\nrubygem-io-console\nrubygem-json\nrubygem-minitest\nrubygem-psych\nrubygem-rake\nrubygem-rdoc\nrubygems\nrubygems-devel\n\n**Upstream details at:**\nhttps://access.redhat.com/errata/RHSA-2019:1235", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-05-21T21:25:00", "type": "centos", "title": "ruby, rubygem, rubygems security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8321", "CVE-2019-8322", "CVE-2019-8323", "CVE-2019-8324", "CVE-2019-8325"], "modified": "2019-05-21T21:25:00", "id": "CESA-2019:1235", "href": "https://lists.centos.org/pipermail/centos-announce/2019-May/072790.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "redhat": [{"lastseen": "2021-10-19T20:40:30", "description": "Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks.\n\nSecurity Fix(es):\n\n* rubygems: Installing a malicious gem may lead to arbitrary code execution (CVE-2019-8324)\n\n* rubygems: Escape sequence injection vulnerability in gem owner (CVE-2019-8322)\n\n* rubygems: Escape sequence injection vulnerability in API response handling (CVE-2019-8323)\n\n* rubygems: Escape sequence injection vulnerability in errors (CVE-2019-8325)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-05-15T17:11:12", "type": "redhat", "title": "(RHSA-2019:1235) Important: ruby security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8321", "CVE-2019-8322", "CVE-2019-8323", "CVE-2019-8324", "CVE-2019-8325"], "modified": "2020-06-03T12:20:56", "id": "RHSA-2019:1235", "href": "https://access.redhat.com/errata/RHSA-2019:1235", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-19T20:37:16", "description": "Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks.\n\nSecurity Fix(es):\n\n* rubygems: Installing a malicious gem may lead to arbitrary code execution (CVE-2019-8324)\n\n* ruby: Tainted flags are not propagated in Array#pack and String#unpack with some directives (CVE-2018-16396)\n\n* rubygems: Escape sequence injection vulnerability in verbose (CVE-2019-8321)\n\n* rubygems: Escape sequence injection vulnerability in gem owner (CVE-2019-8322)\n\n* rubygems: Escape sequence injection vulnerability in API response handling (CVE-2019-8323)\n\n* rubygems: Escape sequence injection vulnerability in errors (CVE-2019-8325)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-06-30T11:41:17", "type": "redhat", "title": "(RHSA-2020:2769) Important: ruby security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16396", "CVE-2019-8321", "CVE-2019-8322", "CVE-2019-8323", "CVE-2019-8324", "CVE-2019-8325"], "modified": "2020-06-30T11:52:04", "id": "RHSA-2020:2769", "href": "https://access.redhat.com/errata/RHSA-2020:2769", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-19T20:39:01", "description": "Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller (MVC) framework for web application development. Action Pack implements the controller and the view components.\n\nSecurity Fix(es):\n\n* rubygems: Installing a malicious gem may lead to arbitrary code execution (CVE-2019-8324)\n\n* rubygems: Delete directory using symlink when decompressing tar (CVE-2019-8320)\n\n* rubygems: Escape sequence injection vulnerability in verbose (CVE-2019-8321)\n\n* rubygems: Escape sequence injection vulnerability in gem owner (CVE-2019-8322)\n\n* rubygems: Escape sequence injection vulnerability in API response handling (CVE-2019-8323)\n\n* rubygems: Escape sequence injection vulnerability in errors (CVE-2019-8325)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nThis update fixes various bugs and adds enhancements. Documentation for these changes is available from the Release Notes document linked to in the References section.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-06-11T05:28:05", "type": "redhat", "title": "(RHSA-2019:1429) Important: CloudForms 4.7.5 security, bug fix and enhancement update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 9.2, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8320", "CVE-2019-8321", "CVE-2019-8322", "CVE-2019-8323", "CVE-2019-8324", "CVE-2019-8325"], "modified": "2019-06-11T05:30:42", "id": "RHSA-2019:1429", "href": "https://access.redhat.com/errata/RHSA-2019:1429", "cvss": {"score": 8.8, "vector": "AV:N/AC:M/Au:N/C:N/I:C/A:C"}}, {"lastseen": "2021-10-19T20:36:07", "description": "Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks.\n\nThe following packages have been upgraded to a later upstream version: rh-ruby25-ruby (2.5.5). (BZ#1700274)\n\nSecurity Fix(es):\n\n* rubygems: Installing a malicious gem may lead to arbitrary code execution (CVE-2019-8324)\n\n* rubygems: Delete directory using symlink when decompressing tar (CVE-2019-8320)\n\n* rubygems: Escape sequence injection vulnerability in verbose (CVE-2019-8321)\n\n* rubygems: Escape sequence injection vulnerability in gem owner (CVE-2019-8322)\n\n* rubygems: Escape sequence injection vulnerability in API response handling (CVE-2019-8323)\n\n* rubygems: Escape sequence injection vulnerability in errors (CVE-2019-8325)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-05-13T08:37:41", "type": "redhat", "title": "(RHSA-2019:1148) Important: rh-ruby25-ruby security, bug fix, and enhancement update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 9.2, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8320", "CVE-2019-8321", "CVE-2019-8322", "CVE-2019-8323", "CVE-2019-8324", "CVE-2019-8325"], "modified": "2019-05-13T08:53:03", "id": "RHSA-2019:1148", "href": "https://access.redhat.com/errata/RHSA-2019:1148", "cvss": {"score": 8.8, "vector": "AV:N/AC:M/Au:N/C:N/I:C/A:C"}}, {"lastseen": "2021-10-19T20:37:28", "description": "Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks.\n\nThe following packages have been upgraded to a later upstream version: rh-ruby24-ruby (2.4.6). (BZ#1700275)\n\nSecurity Fix(es):\n\n* rubygems: Installing a malicious gem may lead to arbitrary code execution (CVE-2019-8324)\n\n* rubygems: Delete directory using symlink when decompressing tar (CVE-2019-8320)\n\n* rubygems: Escape sequence injection vulnerability in verbose (CVE-2019-8321)\n\n* rubygems: Escape sequence injection vulnerability in gem owner (CVE-2019-8322)\n\n* rubygems: Escape sequence injection vulnerability in API response handling (CVE-2019-8323)\n\n* rubygems: Escape sequence injection vulnerability in errors (CVE-2019-8325)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-05-13T09:00:24", "type": "redhat", "title": "(RHSA-2019:1150) Important: rh-ruby24-ruby security, bug fix, and enhancement update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 9.2, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8320", "CVE-2019-8321", "CVE-2019-8322", "CVE-2019-8323", "CVE-2019-8324", "CVE-2019-8325"], "modified": "2019-05-13T09:10:06", "id": "RHSA-2019:1150", "href": "https://access.redhat.com/errata/RHSA-2019:1150", "cvss": {"score": 8.8, "vector": "AV:N/AC:M/Au:N/C:N/I:C/A:C"}}, {"lastseen": "2021-10-19T20:37:38", "description": "Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks.\n\nSecurity Fix(es):\n\n* rubygems: Installing a malicious gem may lead to arbitrary code execution (CVE-2019-8324)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-07-30T11:16:25", "type": "redhat", "title": "(RHSA-2019:1972) Important: ruby:2.5 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8324"], "modified": "2019-08-07T15:20:59", "id": "RHSA-2019:1972", "href": "https://access.redhat.com/errata/RHSA-2019:1972", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-19T20:36:08", "description": "Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks.\n\nSecurity Fix(es):\n\n* rubygems: Installing a malicious gem may lead to arbitrary code execution (CVE-2019-8324)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-05-13T09:02:13", "type": "redhat", "title": "(RHSA-2019:1151) Important: rh-ruby23-ruby security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8324"], "modified": "2019-05-13T09:13:19", "id": "RHSA-2019:1151", "href": "https://access.redhat.com/errata/RHSA-2019:1151", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "debian": [{"lastseen": "2021-12-17T15:15:13", "description": "Package : ruby2.1\nVersion : 2.1.5-2+deb8u7\nCVE ID : CVE-2019-8320 CVE-2019-8322 CVE-2019-8323 CVE-2019-8324\n CVE-2019-8325\n\n\nSeveral vulnerabilities have been discovered in rubygems embedded in\nruby2.1, the interpreted scripting language.\n\nCVE-2019-8320\n\n A Directory Traversal issue was discovered in RubyGems. Before\n making new directories or touching files (which now include\n path-checking code for symlinks), it would delete the target\n destination.\n\nCVE-2019-8322\n\n The gem owner command outputs the contents of the API response\n directly to stdout. Therefore, if the response is crafted, escape\n sequence injection may occur.\n\nCVE-2019-8323\n\n Gem::GemcutterUtilities#with_response may output the API response to\n stdout as it is. Therefore, if the API side modifies the response,\n escape sequence injection may occur.\n\nCVE-2019-8324\n\n A crafted gem with a multi-line name is not handled correctly.\n Therefore, an attacker could inject arbitrary code to the stub line\n of gemspec, which is eval-ed by code in ensure_loadable_spec during\n the preinstall check.\n\nCVE-2019-8325\n\n An issue was discovered in RubyGems 2.6 and later through 3.0.2.\n Since Gem::CommandManager#run calls alert_error without escaping,\n escape sequence injection is possible. (There are many ways to cause\n an error.)\n\nFor Debian 8 "Jessie", these problems have been fixed in version\n2.1.5-2+deb8u7.\n\nWe recommend that you upgrade your ruby2.1 packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-03-29T08:53:04", "type": "debian", "title": "[SECURITY] [DLA 1735-1] ruby2.1 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 9.2, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8320", "CVE-2019-8322", "CVE-2019-8323", "CVE-2019-8324", "CVE-2019-8325"], "modified": "2019-03-29T08:53:04", "id": "DEBIAN:DLA-1735-1:A1848", "href": "https://lists.debian.org/debian-lts-announce/2019/03/msg00037.html", "cvss": {"score": 8.8, "vector": "AV:N/AC:M/Au:N/C:N/I:C/A:C"}}, {"lastseen": "2021-10-22T12:29:40", "description": "Package : ruby2.1\nVersion : 2.1.5-2+deb8u7\nCVE ID : CVE-2019-8320 CVE-2019-8322 CVE-2019-8323 CVE-2019-8324\n CVE-2019-8325\n\n\nSeveral vulnerabilities have been discovered in rubygems embedded in\nruby2.1, the interpreted scripting language.\n\nCVE-2019-8320\n\n A Directory Traversal issue was discovered in RubyGems. Before\n making new directories or touching files (which now include\n path-checking code for symlinks), it would delete the target\n destination.\n\nCVE-2019-8322\n\n The gem owner command outputs the contents of the API response\n directly to stdout. Therefore, if the response is crafted, escape\n sequence injection may occur.\n\nCVE-2019-8323\n\n Gem::GemcutterUtilities#with_response may output the API response to\n stdout as it is. Therefore, if the API side modifies the response,\n escape sequence injection may occur.\n\nCVE-2019-8324\n\n A crafted gem with a multi-line name is not handled correctly.\n Therefore, an attacker could inject arbitrary code to the stub line\n of gemspec, which is eval-ed by code in ensure_loadable_spec during\n the preinstall check.\n\nCVE-2019-8325\n\n An issue was discovered in RubyGems 2.6 and later through 3.0.2.\n Since Gem::CommandManager#run calls alert_error without escaping,\n escape sequence injection is possible. (There are many ways to cause\n an error.)\n\nFor Debian 8 "Jessie", these problems have been fixed in version\n2.1.5-2+deb8u7.\n\nWe recommend that you upgrade your ruby2.1 packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-03-29T08:53:04", "type": "debian", "title": "[SECURITY] [DLA 1735-1] ruby2.1 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 9.2, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8320", "CVE-2019-8322", "CVE-2019-8323", "CVE-2019-8324", "CVE-2019-8325"], "modified": "2019-03-29T08:53:04", "id": "DEBIAN:DLA-1735-1:BFB49", "href": "https://lists.debian.org/debian-lts-announce/2019/03/msg00037.html", "cvss": {"score": 8.8, "vector": "AV:N/AC:M/Au:N/C:N/I:C/A:C"}}, {"lastseen": "2022-02-19T00:08:31", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4433-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nApril 16, 2019 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : ruby2.3\nCVE ID : CVE-2019-8320 CVE-2019-8321 CVE-2019-8322 CVE-2019-8323 \n CVE-2019-8324 CVE-2019-8325\n\nSeveral vulnerabilities have been discovered in the Rubygems included in\nthe interpreter for the Ruby language, which may result in denial of\nservice or the execution of arbitrary code.\n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 2.3.3-1+deb9u6.\n\nWe recommend that you upgrade your ruby2.3 packages.\n\nFor the detailed security status of ruby2.3 please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/ruby2.3\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-04-16T20:57:32", "type": "debian", "title": "[SECURITY] [DSA 4433-1] ruby2.3 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 9.2, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8320", "CVE-2019-8321", "CVE-2019-8322", "CVE-2019-8323", "CVE-2019-8324", "CVE-2019-8325"], "modified": "2019-04-16T20:57:32", "id": "DEBIAN:DSA-4433-1:2DFCF", "href": "https://lists.debian.org/debian-security-announce/2019/msg00077.html", "cvss": {"score": 8.8, "vector": "AV:N/AC:M/Au:N/C:N/I:C/A:C"}}, {"lastseen": "2021-10-22T12:14:40", "description": "Package : jruby\nVersion : 1.5.6-9+deb8u1\nCVE ID : CVE-2018-1000074 CVE-2018-1000075 CVE-2018-1000076\n CVE-2018-1000077 CVE-2018-1000078 CVE-2019-8321\n CVE-2019-8322 CVE-2019-8323 CVE-2019-8324 CVE-2019-8325\nDebian Bug : 895778 925987\n\n\nMultiple vulnerabilities have been discovered in jruby, Java\nimplementation of the Ruby programming language.\n\nCVE-2018-1000074\n\n Deserialization of Untrusted Data vulnerability in owner command\n that can result in code execution. This attack appear to be\n exploitable via victim must run the `gem owner` command on a gem\n with a specially crafted YAML file\n\nCVE-2018-1000075\n\n an infinite loop caused by negative size vulnerability in ruby gem\n package tar header that can result in a negative size could cause an\n infinite loop\n\nCVE-2018-1000076\n\n Improper Verification of Cryptographic Signature vulnerability in\n package.rb that can result in a mis-signed gem could be installed,\n as the tarball would contain multiple gem signatures.\n\nCVE-2018-1000077\n\n Improper Input Validation vulnerability in ruby gems specification\n homepage attribute that can result in a malicious gem could set an\n invalid homepage URL\n\nCVE-2018-1000078\n\n Cross Site Scripting (XSS) vulnerability in gem server display of\n homepage attribute that can result in XSS. This attack appear to be\n exploitable via the victim must browse to a malicious gem on a\n vulnerable gem server\n\nCVE-2019-8321\n\n Gem::UserInteraction#verbose calls say without escaping, escape\n sequence injection is possible\n\nCVE-2019-8322\n\n The gem owner command outputs the contents of the API response\n directly to stdout. Therefore, if the response is crafted, escape\n sequence injection may occur\n\nCVE-2019-8323\n\n Gem::GemcutterUtilities#with_response may output the API response to\n stdout as it is. Therefore, if the API side modifies the response,\n escape sequence injection may occur.\n\nCVE-2019-8324\n\n A crafted gem with a multi-line name is not handled correctly.\n Therefore, an attacker could inject arbitrary code to the stub line\n of gemspec\n\nCVE-2019-8325\n\n Gem::CommandManager#run calls alert_error without escaping, escape\n sequence injection is possible. (There are many ways to cause an\n error.)\n\nFor Debian 8 "Jessie", these problems have been fixed in version\n1.5.6-9+deb8u1.\n\nWe recommend that you upgrade your jruby packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-05-20T11:06:55", "type": "debian", "title": "[SECURITY] [DLA 1796-1] jruby security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1000074", "CVE-2018-1000075", "CVE-2018-1000076", "CVE-2018-1000077", "CVE-2018-1000078", "CVE-2019-8321", "CVE-2019-8322", "CVE-2019-8323", "CVE-2019-8324", "CVE-2019-8325"], "modified": "2019-05-20T11:06:55", "id": "DEBIAN:DLA-1796-1:396E7", "href": "https://lists.debian.org/debian-lts-announce/2019/05/msg00028.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-02-28T11:27:21", "description": "Package : jruby\nVersion : 1.5.6-9+deb8u1\nCVE ID : CVE-2018-1000074 CVE-2018-1000075 CVE-2018-1000076\n CVE-2018-1000077 CVE-2018-1000078 CVE-2019-8321\n CVE-2019-8322 CVE-2019-8323 CVE-2019-8324 CVE-2019-8325\nDebian Bug : 895778 925987\n\n\nMultiple vulnerabilities have been discovered in jruby, Java\nimplementation of the Ruby programming language.\n\nCVE-2018-1000074\n\n Deserialization of Untrusted Data vulnerability in owner command\n that can result in code execution. This attack appear to be\n exploitable via victim must run the `gem owner` command on a gem\n with a specially crafted YAML file\n\nCVE-2018-1000075\n\n an infinite loop caused by negative size vulnerability in ruby gem\n package tar header that can result in a negative size could cause an\n infinite loop\n\nCVE-2018-1000076\n\n Improper Verification of Cryptographic Signature vulnerability in\n package.rb that can result in a mis-signed gem could be installed,\n as the tarball would contain multiple gem signatures.\n\nCVE-2018-1000077\n\n Improper Input Validation vulnerability in ruby gems specification\n homepage attribute that can result in a malicious gem could set an\n invalid homepage URL\n\nCVE-2018-1000078\n\n Cross Site Scripting (XSS) vulnerability in gem server display of\n homepage attribute that can result in XSS. This attack appear to be\n exploitable via the victim must browse to a malicious gem on a\n vulnerable gem server\n\nCVE-2019-8321\n\n Gem::UserInteraction#verbose calls say without escaping, escape\n sequence injection is possible\n\nCVE-2019-8322\n\n The gem owner command outputs the contents of the API response\n directly to stdout. Therefore, if the response is crafted, escape\n sequence injection may occur\n\nCVE-2019-8323\n\n Gem::GemcutterUtilities#with_response may output the API response to\n stdout as it is. Therefore, if the API side modifies the response,\n escape sequence injection may occur.\n\nCVE-2019-8324\n\n A crafted gem with a multi-line name is not handled correctly.\n Therefore, an attacker could inject arbitrary code to the stub line\n of gemspec\n\nCVE-2019-8325\n\n Gem::CommandManager#run calls alert_error without escaping, escape\n sequence injection is possible. (There are many ways to cause an\n error.)\n\nFor Debian 8 "Jessie", these problems have been fixed in version\n1.5.6-9+deb8u1.\n\nWe recommend that you upgrade your jruby packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-05-20T11:06:55", "type": "debian", "title": "[SECURITY] [DLA 1796-1] jruby security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1000074", "CVE-2018-1000075", "CVE-2018-1000076", "CVE-2018-1000077", "CVE-2018-1000078", "CVE-2019-8321", "CVE-2019-8322", "CVE-2019-8323", "CVE-2019-8324", "CVE-2019-8325"], "modified": "2019-05-20T11:06:55", "id": "DEBIAN:DLA-1796-1:B8D0E", "href": "https://lists.debian.org/debian-lts-announce/2019/05/msg00028.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-22T11:05:50", "description": "- -------------------------------------------------------------------------\nDebian LTS Advisory DLA-2330-1 debian-lts@lists.debian.org\nhttps://www.debian.org/lts/security/ \nAugust 16, 2020 https://wiki.debian.org/LTS\n- -------------------------------------------------------------------------\n\nPackage : jruby\nVersion : 1.7.26-1+deb9u2\nCVE ID : CVE-2017-17742 CVE-2019-8320 CVE-2019-8321 CVE-2019-8322 \n CVE-2019-8323 CVE-2019-8324 CVE-2019-8325 CVE-2019-16201 \n CVE-2019-16254 CVE-2019-16255\nDebian Bug : 925987\n\nSeveral vulnerabilities were fixed in JRuby,\na 100% pure-Java implementation of Ruby.\n\nCVE-2017-17742\nCVE-2019-16254\n\n HTTP Response Splitting attacks in the HTTP server of WEBrick.\n\nCVE-2019-16201\n\n Regular Expression Denial of Service vulnerability of WEBrick's \n Digest access authentication.\n\nCVE-2019-8320\n\n Delete directory using symlink when decompressing tar.\n\nCVE-2019-8321\n\n Escape sequence injection vulnerability in verbose.\n\nCVE-2019-8322\n\n Escape sequence injection vulnerability in gem owner.\n\nCVE-2019-8323\n\n Escape sequence injection vulnerability in API response handling.\n\nCVE-2019-8324\n\n Installing a malicious gem may lead to arbitrary code execution.\n\nCVE-2019-8325\n\n Escape sequence injection vulnerability in errors.\n\nCVE-2019-16255\n\n Code injection vulnerability of Shell#[] and Shell#test.\n\nFor Debian 9 stretch, these problems have been fixed in version\n1.7.26-1+deb9u2.\n\nWe recommend that you upgrade your jruby packages.\n\nFor the detailed security status of jruby please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/jruby\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-08-16T13:13:11", "type": "debian", "title": "[SECURITY] [DLA 2330-1] jruby security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 9.2, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-17742", "CVE-2019-16201", "CVE-2019-16254", "CVE-2019-16255", "CVE-2019-8320", "CVE-2019-8321", "CVE-2019-8322", "CVE-2019-8323", "CVE-2019-8324", "CVE-2019-8325"], "modified": "2020-08-16T13:13:11", "id": "DEBIAN:DLA-2330-1:B8DE4", "href": "https://lists.debian.org/debian-lts-announce/2020/08/msg00027.html", "cvss": {"score": 8.8, "vector": "AV:N/AC:M/Au:N/C:N/I:C/A:C"}}], "osv": [{"lastseen": "2022-08-05T05:18:28", "description": "\nSeveral vulnerabilities have been discovered in rubygems embedded in\nruby2.1, the interpreted scripting language.\n\n\n* [CVE-2019-8320](https://security-tracker.debian.org/tracker/CVE-2019-8320)\nA Directory Traversal issue was discovered in RubyGems. Before\n making new directories or touching files (which now include\n path-checking code for symlinks), it would delete the target\n destination.\n* [CVE-2019-8322](https://security-tracker.debian.org/tracker/CVE-2019-8322)\nThe gem owner command outputs the contents of the API response\n directly to stdout. Therefore, if the response is crafted, escape\n sequence injection may occur.\n* [CVE-2019-8323](https://security-tracker.debian.org/tracker/CVE-2019-8323)\nGem::GemcutterUtilities#with\\_response may output the API response to\n stdout as it is. Therefore, if the API side modifies the response,\n escape sequence injection may occur.\n* [CVE-2019-8324](https://security-tracker.debian.org/tracker/CVE-2019-8324)\nA crafted gem with a multi-line name is not handled correctly.\n Therefore, an attacker could inject arbitrary code to the stub line\n of gemspec, which is eval-ed by code in ensure\\_loadable\\_spec during\n the preinstall check.\n* [CVE-2019-8325](https://security-tracker.debian.org/tracker/CVE-2019-8325)\nAn issue was discovered in RubyGems 2.6 and later through 3.0.2.\n Since Gem::CommandManager#run calls alert\\_error without escaping,\n escape sequence injection is possible. (There are many ways to cause\n an error.)\n\n\nFor Debian 8 Jessie, these problems have been fixed in version\n2.1.5-2+deb8u7.\n\n\nWe recommend that you upgrade your ruby2.1 packages.\n\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: <https://wiki.debian.org/LTS>\n\n\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-03-29T00:00:00", "type": "osv", "title": "ruby2.1 - security update", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 9.2, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8320", "CVE-2019-8325", "CVE-2019-8323", "CVE-2019-8322", "CVE-2019-8324"], "modified": "2022-08-05T05:18:25", "id": "OSV:DLA-1735-1", "href": "https://osv.dev/vulnerability/DLA-1735-1", "cvss": {"score": 8.8, "vector": "AV:N/AC:M/Au:N/C:N/I:C/A:C"}}, {"lastseen": "2022-08-10T07:14:29", "description": "\nSeveral vulnerabilities have been discovered in the Rubygems included in\nthe interpreter for the Ruby language, which may result in denial of\nservice or the execution of arbitrary code.\n\n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 2.3.3-1+deb9u6.\n\n\nWe recommend that you upgrade your ruby2.3 packages.\n\n\nFor the detailed security status of ruby2.3 please refer to\nits security tracker page at:\n[\\\nhttps://security-tracker.debian.org/tracker/ruby2.3](https://security-tracker.debian.org/tracker/ruby2.3)\n\n\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-04-16T00:00:00", "type": "osv", "title": "ruby2.3 - security update", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 9.2, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8320", "CVE-2019-8325", "CVE-2019-8321", "CVE-2019-8323", "CVE-2019-8322", "CVE-2019-8324"], "modified": "2022-08-10T07:14:25", "id": "OSV:DSA-4433-1", "href": "https://osv.dev/vulnerability/DSA-4433-1", "cvss": {"score": 8.8, "vector": "AV:N/AC:M/Au:N/C:N/I:C/A:C"}}, {"lastseen": "2022-08-05T05:18:53", "description": "\nBrief introduction\n\n\n* [CVE-2017-17742](https://security-tracker.debian.org/tracker/CVE-2017-17742)\nResponse Splitting attack in the HTTP server of WEBrick.\n* [CVE-2019-8320](https://security-tracker.debian.org/tracker/CVE-2019-8320)\nDelete directory using symlink when decompressing tar.\n* [CVE-2019-8321](https://security-tracker.debian.org/tracker/CVE-2019-8321)\nEscape sequence injection vulnerability in verbose.\n* [CVE-2019-8322](https://security-tracker.debian.org/tracker/CVE-2019-8322)\nEscape sequence injection vulnerability in gem owner.\n* [CVE-2019-8323](https://security-tracker.debian.org/tracker/CVE-2019-8323)\nEscape sequence injection vulnerability in API response handling.\n* [CVE-2019-8324](https://security-tracker.debian.org/tracker/CVE-2019-8324)\nInstalling a malicious gem may lead to arbitrary code execution.\n* [CVE-2019-8325](https://security-tracker.debian.org/tracker/CVE-2019-8325)\nEscape sequence injection vulnerability in errors.\n* [CVE-2019-16201](https://security-tracker.debian.org/tracker/CVE-2019-16201)\nRegular Expression Denial of Service vulnerability of WEBrick's Digest access authentication.\n* [CVE-2019-16254](https://security-tracker.debian.org/tracker/CVE-2019-16254)\nHTTP Response Splitting attack in the HTTP server of WEBrick.\n* [CVE-2019-16255](https://security-tracker.debian.org/tracker/CVE-2019-16255)\nCode injection vulnerability.\n\n\nFor Debian 9 stretch, these problems have been fixed in version\n1.7.26-1+deb9u2.\n\n\nWe recommend that you upgrade your jruby packages.\n\n\nFor the detailed security status of jruby please refer to\nits security tracker page at:\n<https://security-tracker.debian.org/tracker/jruby>\n\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: <https://wiki.debian.org/LTS>\n\n\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-08-16T00:00:00", "type": "osv", "title": "jruby - security update", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 9.2, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-17742", "CVE-2019-8320", "CVE-2019-8325", "CVE-2019-8321", "CVE-2019-8323", "CVE-2019-16255", "CVE-2019-16254", "CVE-2019-16201", "CVE-2019-8322", "CVE-2019-8324"], "modified": "2022-08-05T05:18:51", "id": "OSV:DLA-2330-1", "href": "https://osv.dev/vulnerability/DLA-2330-1", "cvss": {"score": 8.8, "vector": "AV:N/AC:M/Au:N/C:N/I:C/A:C"}}, {"lastseen": "2022-07-21T08:18:35", "description": "\nMultiple vulnerabilities have been discovered in jruby, Java\nimplementation of the Ruby programming language.\n\n\n* [CVE-2018-1000074](https://security-tracker.debian.org/tracker/CVE-2018-1000074)\nDeserialization of Untrusted Data vulnerability in owner command\n that can result in code execution. This attack appear to be\n exploitable via victim must run the `gem owner` command on a gem\n with a specially crafted YAML file\n* [CVE-2018-1000075](https://security-tracker.debian.org/tracker/CVE-2018-1000075)\nan infinite loop caused by negative size vulnerability in ruby gem\n package tar header that can result in a negative size could cause an\n infinite loop\n* [CVE-2018-1000076](https://security-tracker.debian.org/tracker/CVE-2018-1000076)\nImproper Verification of Cryptographic Signature vulnerability in\n package.rb that can result in a mis-signed gem could be installed,\n as the tarball would contain multiple gem signatures.\n* [CVE-2018-1000077](https://security-tracker.debian.org/tracker/CVE-2018-1000077)\nImproper Input Validation vulnerability in ruby gems specification\n homepage attribute that can result in a malicious gem could set an\n invalid homepage URL\n* [CVE-2018-1000078](https://security-tracker.debian.org/tracker/CVE-2018-1000078)\nCross Site Scripting (XSS) vulnerability in gem server display of\n homepage attribute that can result in XSS. This attack appear to be\n exploitable via the victim must browse to a malicious gem on a\n vulnerable gem server\n* [CVE-2019-8321](https://security-tracker.debian.org/tracker/CVE-2019-8321)\nGem::UserInteraction#verbose calls say without escaping, escape\n sequence injection is possible\n* [CVE-2019-8322](https://security-tracker.debian.org/tracker/CVE-2019-8322)\nThe gem owner command outputs the contents of the API response\n directly to stdout. Therefore, if the response is crafted, escape\n sequence injection may occur\n* [CVE-2019-8323](https://security-tracker.debian.org/tracker/CVE-2019-8323)\nGem::GemcutterUtilities#with\\_response may output the API response to\n stdout as it is. Therefore, if the API side modifies the response,\n escape sequence injection may occur.\n* [CVE-2019-8324](https://security-tracker.debian.org/tracker/CVE-2019-8324)\nA crafted gem with a multi-line name is not handled correctly.\n Therefore, an attacker could inject arbitrary code to the stub line\n of gemspec\n* [CVE-2019-8325](https://security-tracker.debian.org/tracker/CVE-2019-8325)\nGem::CommandManager#run calls alert\\_error without escaping, escape\n sequence injection is possible. (There are many ways to cause an\n error.)\n\n\nFor Debian 8 Jessie, these problems have been fixed in version\n1.5.6-9+deb8u1.\n\n\nWe recommend that you upgrade your jruby packages.\n\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: <https://wiki.debian.org/LTS>\n\n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-05-21T00:00:00", "type": "osv", "title": "jruby - security update", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1000078", "CVE-2018-1000075", "CVE-2019-8325", "CVE-2018-1000076", "CVE-2018-1000074", "CVE-2019-8321", "CVE-2019-8323", "CVE-2018-1000077", "CVE-2019-8322", "CVE-2019-8324"], "modified": "2022-07-21T05:52:39", "id": "OSV:DLA-1796-1", "href": "https://osv.dev/vulnerability/DLA-1796-1", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-03-28T05:12:23", "description": "An issue was discovered in RubyGems 2.6 and later through 3.0.2. The gem owner command outputs the contents of the API response directly to stdout. Therefore, if the response is crafted, escape sequence injection may occur.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-06-20T16:06:00", "type": "osv", "title": "Escape sequence injection in RubyGems", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8322"], "modified": "2023-03-28T05:12:18", "id": "OSV:GHSA-MH37-8C3G-3FGC", "href": "https://osv.dev/vulnerability/GHSA-mh37-8c3g-3fgc", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-03-28T05:39:40", "description": "An issue was discovered in RubyGems 2.6 and later through 3.0.2. Gem::GemcutterUtilities#with_response may output the API response to stdout as it is. Therefore, if the API side modifies the response, escape sequence injection may occur.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-06-20T16:05:57", "type": "osv", "title": "Escape sequence injection in RubyGems", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8323"], "modified": "2023-03-28T05:39:36", "id": "OSV:GHSA-3H4R-PJV6-CPH9", "href": "https://osv.dev/vulnerability/GHSA-3h4r-pjv6-cph9", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-03-28T05:22:37", "description": "An issue was discovered in RubyGems 2.6 and later through 3.0.2. A crafted gem with a multi-line name is not handled correctly. Therefore, an attacker could inject arbitrary code to the stub line of gemspec, which is eval-ed by code in ensure_loadable_spec during the preinstall check.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-06-20T16:06:11", "type": "osv", "title": "Code injection in RubyGems", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8324"], "modified": "2023-03-28T05:22:34", "id": "OSV:GHSA-76WM-422Q-92MQ", "href": "https://osv.dev/vulnerability/GHSA-76wm-422q-92mq", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-03-28T05:44:13", "description": "An issue was discovered in RubyGems 2.6 and later through 3.0.2. Since Gem::CommandManager#run calls alert_error without escaping, escape sequence injection is possible. (There are many ways to cause an error.)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-06-20T16:08:21", "type": "osv", "title": "Escape sequence injection in RubyGems", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8325"], "modified": "2023-03-28T05:44:06", "id": "OSV:GHSA-4WM8-FJV7-J774", "href": "https://osv.dev/vulnerability/GHSA-4wm8-fjv7-j774", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}], "fedora": [{"lastseen": "2021-07-28T18:41:38", "description": "Ruby is the interpreted scripting language for quick and easy object-oriented programming. It has many features to process text files and to do system management tasks (as in Perl). It is simple, straight-forward, and extensible. ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-05-03T03:43:05", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: ruby-2.5.5-101.fc29", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 9.2, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8320", "CVE-2019-8321", "CVE-2019-8322", "CVE-2019-8323", "CVE-2019-8324", "CVE-2019-8325"], "modified": "2019-05-03T03:43:05", "id": "FEDORA:63D6A607603A", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/V3V4CAKK4UMS7K7U653RJ4XBOM4CFP7O/", "cvss": {"score": 8.8, "vector": "AV:N/AC:M/Au:N/C:N/I:C/A:C"}}, {"lastseen": "2021-07-28T18:41:38", "description": "Ruby is the interpreted scripting language for quick and easy object-oriented programming. It has many features to process text files and to do system management tasks (as in Perl). It is simple, straight-forward, and extensible. ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-05-10T01:35:27", "type": "fedora", "title": "[SECURITY] Fedora 28 Update: ruby-2.5.5-108.fc28", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 9.2, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8320", "CVE-2019-8321", "CVE-2019-8322", "CVE-2019-8323", "CVE-2019-8324", "CVE-2019-8325"], "modified": "2019-05-10T01:35:27", "id": "FEDORA:1F47A611D253", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/WUFHAULLX3OK2O3CMJLJL6KKISCNX3J5/", "cvss": {"score": 8.8, "vector": "AV:N/AC:M/Au:N/C:N/I:C/A:C"}}], "ubuntu": [{"lastseen": "2023-01-26T15:47:27", "description": "## Releases\n\n * Ubuntu 18.10 \n * Ubuntu 18.04 LTS\n * Ubuntu 16.04 ESM\n * Ubuntu 14.04 ESM\n\n## Packages\n\n * ruby1.9.1 \\- Object-oriented scripting language\n * ruby2.0 \\- Object-oriented scripting language\n * ruby2.3 \\- Object-oriented scripting language\n * ruby2.5 \\- Interpreter of object-oriented scripting language Ruby\n\nIt was discovered that Ruby incorrectly handled certain RubyGems. \nAn attacker could possibly use this issue to execute arbitrary commands. \n(CVE-2019-8320)\n\nIt was discovered that Ruby incorrectly handled certain inputs. \nAn attacker could possibly use this issue to execute arbitrary code. \n(CVE-2019-8321, CVE-2019-8322, CVE-2019-8323, CVE-2019-8324, CVE-2019-8325)\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-04-11T00:00:00", "type": "ubuntu", "title": "Ruby vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 9.2, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8320", "CVE-2019-8321", "CVE-2019-8322", "CVE-2019-8323", "CVE-2019-8324", "CVE-2019-8325"], "modified": "2019-04-11T00:00:00", "id": "USN-3945-1", "href": "https://ubuntu.com/security/notices/USN-3945-1", "cvss": {"score": 8.8, "vector": "AV:N/AC:M/Au:N/C:N/I:C/A:C"}}], "cloudfoundry": [{"lastseen": "2021-08-11T17:43:08", "description": "# \n\n# Severity\n\nMedium\n\n# Vendor\n\nCanonical Ubuntu\n\n# Versions Affected\n\n * Canonical Ubuntu 18.04\n\n# Description\n\nIt was discovered that Ruby incorrectly handled certain RubyGems. An attacker could possibly use this issue to execute arbitrary commands. (CVE-2019-8320)\n\nIt was discovered that Ruby incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. (CVE-2019-8321, CVE-2019-8322, CVE-2019-8323, CVE-2019-8324, CVE-2019-8325)\n\nCVEs contained in this USN include: CVE-2019-8320, CVE-2019-8321, CVE-2019-8322, CVE-2019-8323, CVE-2019-8324, CVE-2019-8325\n\n# Affected Cloud Foundry Products and Versions\n\n_Severity is medium unless otherwise noted._\n\n * All versions of Cloud Foundry cflinuxfs3 prior to 0.80.0\n\n# Mitigation\n\nUsers of affected products are strongly encouraged to follow one of the mitigations below:\n\n * The Cloud Foundry project recommends that Cloud Foundry deployments run with cflinuxfs3 version 0.80.0 or later.\n\n# References\n\n * [USN-3945-1](<https://usn.ubuntu.com/3945-1>)\n * [CVE-2019-8320](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-8320>)\n * [CVE-2019-8321](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-8321>)\n * [CVE-2019-8322](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-8322>)\n * [CVE-2019-8323](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-8323>)\n * [CVE-2019-8324](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-8324>)\n * [CVE-2019-8325](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-8325>)\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-04-12T00:00:00", "type": "cloudfoundry", "title": "USN-3945-1: Ruby vulnerabilities | Cloud Foundry", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 9.2, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8320", "CVE-2019-8321", "CVE-2019-8322", "CVE-2019-8323", "CVE-2019-8324", "CVE-2019-8325"], "modified": "2019-04-12T00:00:00", "id": "CFOUNDRY:1269D3F2131B2758F6111555E51EA48A", "href": "https://www.cloudfoundry.org/blog/usn-3945-1/", "cvss": {"score": 8.8, "vector": "AV:N/AC:M/Au:N/C:N/I:C/A:C"}}], "freebsd": [{"lastseen": "2022-01-19T15:51:31", "description": "\n\nRubyGems Security Advisories:\n\nCVE-2019-8320: Delete directory using symlink when decompressing tar\nCVE-2019-8321: Escape sequence injection vulnerability in 'verbose'\nCVE-2019-8322: Escape sequence injection vulnerability in 'gem owner'\nCVE-2019-8323: Escape sequence injection vulnerability in API response handling\nCVE-2019-8324: Installing a malicious gem may lead to arbitrary code execution\nCVE-2019-8325: Escape sequence injection vulnerability in errors\n\n\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-03-05T00:00:00", "type": "freebsd", "title": "RubyGems -- multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 9.2, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8320", "CVE-2019-8321", "CVE-2019-8322", "CVE-2019-8323", "CVE-2019-8324", "CVE-2019-8325"], "modified": "2019-03-05T00:00:00", "id": "27B12D04-4722-11E9-8B7C-B5E01141761F", "href": "https://vuxml.freebsd.org/freebsd/27b12d04-4722-11e9-8b7c-b5e01141761f.html", "cvss": {"score": 8.8, "vector": "AV:N/AC:M/Au:N/C:N/I:C/A:C"}}], "rocky": [{"lastseen": "2023-02-02T17:13:00", "description": "An update is available for rubygem-bson, rubygem-mysql2, rubygem-bundler, rubygem-mongo, rubygem-pg, rubygem-abrt.\nThis update affects Rocky Linux 8.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list\nFor detailed information on changes in this release, see the Rocky Linux 8.1 Release Notes linked from the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-11-05T17:38:32", "type": "rocky", "title": "2.5 bug fix and enhancement update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 9.2, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8320", "CVE-2019-8321", "CVE-2019-8322", "CVE-2019-8323", "CVE-2019-8325"], "modified": "2019-11-05T17:38:32", "id": "RLBA-2019:3384", "href": "https://errata.rockylinux.org/RLBA-2019:3384", "cvss": {"score": 8.8, "vector": "AV:N/AC:M/Au:N/C:N/I:C/A:C"}}, {"lastseen": "2023-02-02T17:13:00", "description": "An update is available for rubygem-bson, rubygem-mysql2, rubygem-bundler, rubygem-mongo, rubygem-pg, rubygem-abrt.\nThis update affects Rocky Linux 8.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list\nRuby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks.\n\nSecurity Fix(es):\n\n* rubygems: Installing a malicious gem may lead to arbitrary code execution (CVE-2019-8324)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-07-30T11:16:25", "type": "rocky", "title": "ruby:2.5 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8324"], "modified": "2019-07-30T11:16:25", "id": "RLSA-2019:1972", "href": "https://errata.rockylinux.org/RLSA-2019:1972", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "mageia": [{"lastseen": "2022-04-18T11:19:34", "description": "Response Splitting attack in the HTTP server of WEBrick (CVE-2017-17742). Delete directory using symlink when decompressing tar (CVE-2019-8320). Escape sequence injection vulnerability in verbose (CVE-2019-8321). Escape sequence injection vulnerability in gem owner (CVE-2019-8322). Escape sequence injection vulnerability in API response handling (CVE-2019-8323). Installing a malicious gem may lead to arbitrary code execution (CVE-2019-8324). Escape sequence injection vulnerability in errors (CVE-2019-8325). Regular Expression Denial of Service vulnerability of WEBrick's Digest access authentication (CVE-2019-16201). HTTP Response Splitting attack in the HTTP server of WEBrick (CVE-2019-16254). Code injection vulnerability (CVE-2019-16255). A potential HTTP request smuggling vulnerability in WEBrick was reported. WEBrick (bundled along with jruby) was too tolerant against an invalid Transfer-Encoding header. This may lead to inconsistent interpretation between WEBrick and some HTTP proxy servers, which may allow the attacker to \"smuggle\" a request (CVE-2020-25613). \n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2020-11-27T20:14:57", "type": "mageia", "title": "Updated jruby packages fix security vulnerabilities\n", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 9.2, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-17742", "CVE-2019-16201", "CVE-2019-16254", "CVE-2019-16255", "CVE-2019-8320", "CVE-2019-8321", "CVE-2019-8322", "CVE-2019-8323", "CVE-2019-8324", "CVE-2019-8325", "CVE-2020-25613"], "modified": "2020-11-27T20:14:57", "id": "MGASA-2020-0440", "href": "https://advisories.mageia.org/MGASA-2020-0440.html", "cvss": {"score": 8.8, "vector": "AV:N/AC:M/Au:N/C:N/I:C/A:C"}}, {"lastseen": "2022-04-18T11:19:34", "description": "Updated ruby-RubyGems package fixes security vulnerabilities The following vulnerabilities have been reported. CVE-2019-8320: Delete directory using symlink when decompressing tar CVE-2019-8321: Escape sequence injection vulnerability in verbose CVE-2019-8322: Escape sequence injection vulnerability in gem owner CVE-2019-8323: Escape sequence injection vulnerability in API response handling CVE-2019-8324: Installing a malicious gem may lead to arbitrary code execution CVE-2019-8325: Escape sequence injection vulnerability in errors \n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-06-10T21:39:20", "type": "mageia", "title": "Updated ruby-RubyGems packages fix security vulnerability\n", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 9.2, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1000073", "CVE-2018-1000074", "CVE-2018-1000075", "CVE-2018-1000076", "CVE-2018-1000077", "CVE-2018-1000078", "CVE-2018-1000079", "CVE-2019-8320", "CVE-2019-8321", "CVE-2019-8322", "CVE-2019-8323", "CVE-2019-8324", "CVE-2019-8325"], "modified": "2020-06-10T21:39:20", "id": "MGASA-2020-0243", "href": "https://advisories.mageia.org/MGASA-2020-0243.html", "cvss": {"score": 8.8, "vector": "AV:N/AC:M/Au:N/C:N/I:C/A:C"}}], "ubuntucve": [{"lastseen": "2022-12-07T14:05:09", "description": "An issue was discovered in RubyGems 2.6 and later through 3.0.2. The gem\nowner command outputs the contents of the API response directly to stdout.\nTherefore, if the response is crafted, escape sequence injection may occur.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[tyhicks](<https://launchpad.net/~tyhicks>) | ruby{1.9.1,2.0,2.3} and jruby ship an embedded rubygems.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-03-27T00:00:00", "type": "ubuntucve", "title": "CVE-2019-8322", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8322"], "modified": "2019-03-27T00:00:00", "id": "UB:CVE-2019-8322", "href": "https://ubuntu.com/security/CVE-2019-8322", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-12-07T14:05:09", "description": "An issue was discovered in RubyGems 2.6 and later through 3.0.2.\nGem::GemcutterUtilities#with_response may output the API response to stdout\nas it is. Therefore, if the API side modifies the response, escape sequence\ninjection may occur.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[tyhicks](<https://launchpad.net/~tyhicks>) | ruby{1.9.1,2.0,2.3} and jruby ship an embedded rubygems.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-03-27T00:00:00", "type": "ubuntucve", "title": "CVE-2019-8323", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8323"], "modified": "2019-03-27T00:00:00", "id": "UB:CVE-2019-8323", "href": "https://ubuntu.com/security/CVE-2019-8323", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-12-07T14:05:10", "description": "An issue was discovered in RubyGems 2.6 and later through 3.0.2. A crafted\ngem with a multi-line name is not handled correctly. Therefore, an attacker\ncould inject arbitrary code to the stub line of gemspec, which is eval-ed\nby code in ensure_loadable_spec during the preinstall check.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[tyhicks](<https://launchpad.net/~tyhicks>) | ruby{1.9.1,2.0,2.3} and jruby ship an embedded rubygems.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-03-27T00:00:00", "type": "ubuntucve", "title": "CVE-2019-8324", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8324"], "modified": "2019-03-27T00:00:00", "id": "UB:CVE-2019-8324", "href": "https://ubuntu.com/security/CVE-2019-8324", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-12-07T14:05:11", "description": "An issue was discovered in RubyGems 2.6 and later through 3.0.2. Since\nGem::CommandManager#run calls alert_error without escaping, escape sequence\ninjection is possible. (There are many ways to cause an error.)\n\n#### Notes\n\nAuthor| Note \n---|--- \n[tyhicks](<https://launchpad.net/~tyhicks>) | ruby{1.9.1,2.0,2.3} and jruby ship an embedded rubygems.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-03-27T00:00:00", "type": "ubuntucve", "title": "CVE-2019-8325", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8325"], "modified": "2019-03-27T00:00:00", "id": "UB:CVE-2019-8325", "href": "https://ubuntu.com/security/CVE-2019-8325", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}], "cve": [{"lastseen": "2023-02-09T14:56:34", "description": "An issue was discovered in RubyGems 2.6 and later through 3.0.2. The gem owner command outputs the contents of the API response directly to stdout. Therefore, if the response is crafted, escape sequence injection may occur.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-06-17T20:15:00", "type": "cve", "title": "CVE-2019-8322", "cwe": ["CWE-74"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8322"], "modified": "2020-08-19T19:00:00", "cpe": ["cpe:/o:opensuse:leap:15.1", "cpe:/o:debian:debian_linux:9.0", "cpe:/a:rubygems:rubygems:3.0.2", "cpe:/o:opensuse:leap:15.0"], "id": "CVE-2019-8322", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-8322", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "cpe:2.3:a:rubygems:rubygems:3.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:56:33", "description": "An issue was discovered in RubyGems 2.6 and later through 3.0.2. Gem::GemcutterUtilities#with_response may output the API response to stdout as it is. Therefore, if the API side modifies the response, escape sequence injection may occur.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-06-17T20:15:00", "type": "cve", "title": "CVE-2019-8323", "cwe": ["CWE-74"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8323"], "modified": "2020-08-19T19:00:00", "cpe": ["cpe:/o:opensuse:leap:15.1", "cpe:/o:debian:debian_linux:9.0", "cpe:/a:rubygems:rubygems:3.0.2", "cpe:/o:opensuse:leap:15.0"], "id": "CVE-2019-8323", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-8323", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "cpe:2.3:a:rubygems:rubygems:3.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:56:33", "description": "An issue was discovered in RubyGems 2.6 and later through 3.0.2. A crafted gem with a multi-line name is not handled correctly. Therefore, an attacker could inject arbitrary code to the stub line of gemspec, which is eval-ed by code in ensure_loadable_spec during the preinstall check.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-06-17T19:15:00", "type": "cve", "title": "CVE-2019-8324", "cwe": ["CWE-94"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8324"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/o:debian:debian_linux:9.0", "cpe:/o:opensuse:leap:15.1", "cpe:/o:opensuse:leap:15.0", "cpe:/a:rubygems:rubygems:3.0.2", "cpe:/o:redhat:enterprise_linux:8.0"], "id": "CVE-2019-8324", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-8324", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:a:rubygems:rubygems:3.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:56:33", "description": "An issue was discovered in RubyGems 2.6 and later through 3.0.2. Since Gem::CommandManager#run calls alert_error without escaping, escape sequence injection is possible. (There are many ways to cause an error.)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-06-17T19:15:00", "type": "cve", "title": "CVE-2019-8325", "cwe": ["CWE-74"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8325"], "modified": "2020-08-19T19:01:00", "cpe": ["cpe:/o:opensuse:leap:15.1", "cpe:/o:debian:debian_linux:9.0", "cpe:/a:rubygems:rubygems:3.0.2", "cpe:/o:opensuse:leap:15.0"], "id": "CVE-2019-8325", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-8325", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "cpe:2.3:a:rubygems:rubygems:3.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*"]}], "redhatcve": [{"lastseen": "2023-03-08T20:24:08", "description": "An issue was discovered in RubyGems 2.6 and later through 3.0.2. The gem owner command outputs the contents of the API response directly to stdout. Therefore, if the response is crafted, escape sequence injection may occur.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-04-02T08:32:54", "type": "redhatcve", "title": "CVE-2019-8322", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8322"], "modified": "2023-03-08T18:19:33", "id": "RH:CVE-2019-8322", "href": "https://access.redhat.com/security/cve/cve-2019-8322", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-03-08T20:24:10", "description": "An issue was discovered in RubyGems 2.6 and later through 3.0.2. Gem::GemcutterUtilities#with_response may output the API response to stdout as it is. Therefore, if the API side modifies the response, escape sequence injection may occur.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-04-02T08:32:55", "type": "redhatcve", "title": "CVE-2019-8323", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8323"], "modified": "2023-03-08T18:19:53", "id": "RH:CVE-2019-8323", "href": "https://access.redhat.com/security/cve/cve-2019-8323", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-03-08T20:24:09", "description": "A flaw was found in RubyGems. A crafted gem with a multi-line name is not handled correctly allowing an attacker to inject arbitrary code to the stub line of gemspec. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-10-16T00:15:52", "type": "redhatcve", "title": "CVE-2019-8324", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8324"], "modified": "2023-03-08T18:19:46", "id": "RH:CVE-2019-8324", "href": "https://access.redhat.com/security/cve/cve-2019-8324", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-03-08T20:24:08", "description": "An issue was discovered in RubyGems 2.6 and later through 3.0.2. Since Gem::CommandManager#run calls alert_error without escaping, escape sequence injection is possible. (There are many ways to cause an error.)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-04-09T03:16:04", "type": "redhatcve", "title": "CVE-2019-8325", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8325"], "modified": "2023-03-08T18:20:03", "id": "RH:CVE-2019-8325", "href": "https://access.redhat.com/security/cve/cve-2019-8325", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}], "github": [{"lastseen": "2023-03-13T23:10:31", "description": "An issue was discovered in RubyGems 2.6 and later through 3.0.2. The gem owner command outputs the contents of the API response directly to stdout. Therefore, if the response is crafted, escape sequence injection may occur.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-06-20T16:06:00", "type": "github", "title": "Escape sequence injection in RubyGems", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8322"], "modified": "2023-01-09T05:01:44", "id": "GHSA-MH37-8C3G-3FGC", "href": "https://github.com/advisories/GHSA-mh37-8c3g-3fgc", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-03-13T23:10:31", "description": "An issue was discovered in RubyGems 2.6 and later through 3.0.2. Gem::GemcutterUtilities#with_response may output the API response to stdout as it is. Therefore, if the API side modifies the response, escape sequence injection may occur.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-06-20T16:05:57", "type": "github", "title": "Escape sequence injection in RubyGems", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8323"], "modified": "2023-01-09T05:01:44", "id": "GHSA-3H4R-PJV6-CPH9", "href": "https://github.com/advisories/GHSA-3h4r-pjv6-cph9", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-03-13T23:10:31", "description": "An issue was discovered in RubyGems 2.6 and later through 3.0.2. A crafted gem with a multi-line name is not handled correctly. Therefore, an attacker could inject arbitrary code to the stub line of gemspec, which is eval-ed by code in ensure_loadable_spec during the preinstall check.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-06-20T16:06:11", "type": "github", "title": "Code injection in RubyGems", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8324"], "modified": "2023-01-09T05:01:40", "id": "GHSA-76WM-422Q-92MQ", "href": "https://github.com/advisories/GHSA-76wm-422q-92mq", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-03-13T23:10:31", "description": "An issue was discovered in RubyGems 2.6 and later through 3.0.2. Since Gem::CommandManager#run calls alert_error without escaping, escape sequence injection is possible. (There are many ways to cause an error.)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-06-20T16:08:21", "type": "github", "title": "Escape sequence injection in RubyGems", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8325"], "modified": "2023-01-09T05:01:37", "id": "GHSA-4WM8-FJV7-J774", "href": "https://github.com/advisories/GHSA-4wm8-fjv7-j774", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}], "debiancve": [{"lastseen": "2023-01-19T18:06:01", "description": "An issue was discovered in RubyGems 2.6 and later through 3.0.2. The gem owner command outputs the contents of the API response directly to stdout. Therefore, if the response is crafted, escape sequence injection may occur.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-06-17T20:15:00", "type": "debiancve", "title": "CVE-2019-8322", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8322"], "modified": "2019-06-17T20:15:00", "id": "DEBIANCVE:CVE-2019-8322", "href": "https://security-tracker.debian.org/tracker/CVE-2019-8322", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-01-19T18:06:01", "description": "An issue was discovered in RubyGems 2.6 and later through 3.0.2. Gem::GemcutterUtilities#with_response may output the API response to stdout as it is. Therefore, if the API side modifies the response, escape sequence injection may occur.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-06-17T20:15:00", "type": "debiancve", "title": "CVE-2019-8323", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8323"], "modified": "2019-06-17T20:15:00", "id": "DEBIANCVE:CVE-2019-8323", "href": "https://security-tracker.debian.org/tracker/CVE-2019-8323", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-01-19T18:06:01", "description": "An issue was discovered in RubyGems 2.6 and later through 3.0.2. A crafted gem with a multi-line name is not handled correctly. Therefore, an attacker could inject arbitrary code to the stub line of gemspec, which is eval-ed by code in ensure_loadable_spec during the preinstall check.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-06-17T19:15:00", "type": "debiancve", "title": "CVE-2019-8324", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8324"], "modified": "2019-06-17T19:15:00", "id": "DEBIANCVE:CVE-2019-8324", "href": "https://security-tracker.debian.org/tracker/CVE-2019-8324", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-19T18:06:01", "description": "An issue was discovered in RubyGems 2.6 and later through 3.0.2. Since Gem::CommandManager#run calls alert_error without escaping, escape sequence injection is possible. (There are many ways to cause an error.)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-06-17T19:15:00", "type": "debiancve", "title": "CVE-2019-8325", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8325"], "modified": "2019-06-17T19:15:00", "id": "DEBIANCVE:CVE-2019-8325", "href": "https://security-tracker.debian.org/tracker/CVE-2019-8325", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}], "attackerkb": [{"lastseen": "2021-07-20T20:17:42", "description": "An issue was discovered in RubyGems 2.6 and later through 3.0.2. A crafted gem with a multi-line name is not handled correctly. Therefore, an attacker could inject arbitrary code to the stub line of gemspec, which is eval-ed by code in ensure_loadable_spec during the preinstall check.\n\n \n**Recent assessments:** \n \n**busterb** at May 09, 2019 5:57pm UTC reported:\n\nRubygems has a vulnerability that allows for arbitrary code execution while a gem is being installed. However, it\u2019s unclear how this is any worse than either using the malicious gem itself, or using the ability of gems to compile and execute arbitrary build instructions in the first place. It is interesting to be able to name a gem a particular way to create code execution. But you have to convince someone to install your gem in the first place. I presume that rubygems.org now prevents malicious gems from being published, but it would be interesting to see.\n\n**0xEmma** at March 15, 2020 7:14pm UTC reported:\n\nRubygems has a vulnerability that allows for arbitrary code execution while a gem is being installed. However, it\u2019s unclear how this is any worse than either using the malicious gem itself, or using the ability of gems to compile and execute arbitrary build instructions in the first place. It is interesting to be able to name a gem a particular way to create code execution. But you have to convince someone to install your gem in the first place. I presume that rubygems.org now prevents malicious gems from being published, but it would be interesting to see.\n\n**avishwakarma-r7** at March 17, 2020 5:28am UTC reported:\n\nRubygems has a vulnerability that allows for arbitrary code execution while a gem is being installed. However, it\u2019s unclear how this is any worse than either using the malicious gem itself, or using the ability of gems to compile and execute arbitrary build instructions in the first place. It is interesting to be able to name a gem a particular way to create code execution. But you have to convince someone to install your gem in the first place. I presume that rubygems.org now prevents malicious gems from being published, but it would be interesting to see.\n\nAssessed Attacker Value: 1 \nAssessed Attacker Value: 1Assessed Attacker Value: 3\n", "edition": 2, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-03-17T00:00:00", "type": "attackerkb", "title": "Installing a malicious gem may lead to arbitrary code execution", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8324"], "modified": "2020-03-17T00:00:00", "id": "AKB:B2EBBF0E-24E2-4432-8E53-7E8A540D8917", "href": "https://attackerkb.com/topics/7lNzC8sTL1/installing-a-malicious-gem-may-lead-to-arbitrary-code-execution", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "almalinux": [{"lastseen": "2022-09-14T18:10:22", "description": "Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks.\n\nSecurity Fix(es):\n\n* rubygems: Installing a malicious gem may lead to arbitrary code execution (CVE-2019-8324)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-07-30T11:16:25", "type": "almalinux", "title": "Important: ruby:2.5 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8324"], "modified": "2019-07-30T15:56:05", "id": "ALSA-2019:1972", "href": "https://errata.almalinux.org/8/ALSA-2019-1972.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "ibm": [{"lastseen": "2023-02-23T21:45:21", "description": "## Summary\n\nAT&T has released versions 1801-z for the Vyatta 5600. \n \nDetails of these releases can be found at https://cloud.ibm.com/docs/infrastructure/virtual-router-appliance?topic=virtual-router-appliance-at-t-vyatta-5600-vrouter-software-patches#at-t-vyatta-5600-vrouter-software-patches\n\n## Vulnerability Details\n\n**CVEID: **[CVE-2019-3863](<https://vulners.com/cve/CVE-2019-3863>) \n**DESCRIPTION: **libssh2 could allow a remote attacker to execute arbitrary code on the system, caused by an integer overflow in user authenticate keyboard interactive. By sending a specially crafted message, a remote attacker could exploit this vulnerability to trigger an out-of-bounds write and execute arbitrary code on the client system. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/158347> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n**CVEID: **[CVE-2019-3862](<https://vulners.com/cve/CVE-2019-3862>) \n**DESCRIPTION: **libssh2 is vulnerable to a denial of service, caused by an out-of-bounds read when parsing packets with an exit status message and no payload. By sending specially crafted SSH_MSG_CHANNEL_REQUEST packets, a remote attacker could exploit this vulnerability to cause a denial of service or read data in the client memory. \nCVSS Base Score: 7.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/158346> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n**CVEID: **[CVE-2019-3861](<https://vulners.com/cve/CVE-2019-3861>) \n**DESCRIPTION: **libssh2 is vulnerable to a denial of service, caused by an out-of-bounds read when parsing packets with a padding length value greater than the packet length. By sending a specially crafted SSH packet, a remote attacker could exploit this vulnerability to cause a denial of service or read data in the client memory. \nCVSS Base Score: 5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/158345> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L) \n \n**CVEID: **[CVE-2019-3860](<https://vulners.com/cve/CVE-2019-3860>) \n**DESCRIPTION: **libssh2 is vulnerable to a denial of service, caused by an out-of-bounds read when parsing packets with empty payloads. By sending a specially crafted SFTP packet, a remote attacker could exploit this vulnerability to cause a denial of service or read data in the client memory. \nCVSS Base Score: 5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/158344> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L) \n \n**CVEID: **[CVE-2019-3859](<https://vulners.com/cve/CVE-2019-3859>) \n**DESCRIPTION: **libssh2 is vulnerable to a denial of service, caused by an out-of-bounds read in the _libssh2_packet_require and _libssh2_packet_requirev functions. By sending a specially crafted packet, a remote attacker could exploit this vulnerability to cause a denial of service or read data in the client memory. \nCVSS Base Score: 5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/158343> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L) \n \n**CVEID: **[CVE-2019-3858](<https://vulners.com/cve/CVE-2019-3858>) \n**DESCRIPTION: **libssh2 is vulnerable to a denial of service, caused by an out-of-bounds read. By sending a specially crafted SFTP packet, a remote attacker could exploit this vulnerability to cause a denial of service or read data in the client memory. \nCVSS Base Score: 5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/158342> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L) \n \n**CVEID: **[CVE-2019-3857](<https://vulners.com/cve/CVE-2019-3857>) \n**DESCRIPTION: **libssh2 could allow a remote attacker to execute arbitrary code on the system, caused by an integer overflow. By sending a specially crafted SSH_MSG_CHANNEL_REQUEST packet with an exit signal message, a remote attacker could exploit this vulnerability to trigger an out-of-bounds write and execute arbitrary code on the client system. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/158341> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n**CVEID: **[CVE-2019-3856](<https://vulners.com/cve/CVE-2019-3856>) \n**DESCRIPTION: **libssh2 could allow a remote attacker to execute arbitrary code on the system, caused by an integer overflow in keyboard interactive handling. By sending a specially crafted request, a remote attacker could exploit this vulnerability to trigger an out-of-bounds write and execute arbitrary code on the client system. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/158340> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n**CVEID: **[CVE-2019-3855](<https://vulners.com/cve/CVE-2019-3855>) \n**DESCRIPTION: **libssh2 could allow a remote attacker to execute arbitrary code on the system, caused by an integer overflow in transport read. By sending specially crafted packets, a remote attacker could exploit this vulnerability to trigger an out-of-bounds read and execute arbitrary code on the client system. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/158339> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n**CVEID: **[CVE-2019-6465](<https://vulners.com/cve/CVE-2019-6465>) \n**DESCRIPTION: **ISC BIND could allow a remote attacker to obtain sensitive information, caused by the failure to properly apply controls for zone transfers to Dynamically Loadable Zones (DLZs) if the zones are writable. An attacker could exploit this vulnerability to request and receive a zone transfer of a DLZ even when not permitted to do so by the allow-transfer ACL. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/157377> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n**CVEID: **[CVE-2018-5745](<https://vulners.com/cve/CVE-2018-5745>) \n**DESCRIPTION: **ISC BIND is vulnerable to a denial of service, caused by an error in the managed-keys feature. By replacing a trust anchor's keys with keys which use an unsupported algorithm, a remote authenticated attacker could exploit this vulnerability to cause an assertion failure. \nCVSS Base Score: 4.9 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/157386> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H) \n \n**CVEID: **[CVE-2018-5743](<https://vulners.com/cve/CVE-2018-5743>) \n**DESCRIPTION: **ISC BIND is vulnerable to a denial of service, caused by a flaw when setting the TCP client quota using the tcp-clients option. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause the exhaustion of file descriptors. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/160127> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n**CVEID: **[CVE-2019-8325](<https://vulners.com/cve/CVE-2019-8325>) \n**DESCRIPTION: **RubyGems could allow a remote attacker to bypass security restrictions, caused by a flaw in the Gem::CommandManager#run function. By sending a specially-crafted request, an attacker could exploit this vulnerability to perform escape sequence injection. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/159624> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N) \n \n**CVEID: **[CVE-2019-8324](<https://vulners.com/cve/CVE-2019-8324>) \n**DESCRIPTION: **RubyGems could allow a remote attacker to execute arbitrary code on the system, caused by improper handling of multi-line name. By persuading a victim to install a specially-crafted gem, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base Score: 7.8 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/159623> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n**CVEID: **[CVE-2019-8323](<https://vulners.com/cve/CVE-2019-8323>) \n**DESCRIPTION: **RubyGems could allow a remote attacker to bypass security restrictions, caused by a flaw in the Gem::UserInteraction#verbose function. By sending a specially-crafted API response, an attacker could exploit this vulnerability to perform escape sequence injection. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/159622> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N) \n \n**CVEID: **[CVE-2019-8322](<https://vulners.com/cve/CVE-2019-8322>) \n**DESCRIPTION: **RubyGems could allow a remote attacker to bypass security restrictions, caused by a flaw in the gem owner command. By sending a specially-crafted API response, an attacker could exploit this vulnerability to perform escape sequence injection. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/159621> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N) \n \n**CVEID: **[CVE-2019-8321](<https://vulners.com/cve/CVE-2019-8321>) \n**DESCRIPTION: **RubyGems could allow a remote attacker to bypass security restrictions, caused by a flaw in the Gem::UserInteraction#verbose function. By sending a specially-crafted request, an attacker could exploit this vulnerability to perform escape sequence injection. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/159619> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N) \n \n**CVEID: **[CVE-2019-8320](<https://vulners.com/cve/CVE-2019-8320>) \n**DESCRIPTION: **RubyGems could allow a remote attacker to traverse directories on the system, caused by improper validation of user-supplied input. An attacker could send a specially-crafted symlink request containing \"dot dot\" sequences (/../) to delete arbitrary directory on the system. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/159618> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N) \n \n**CVEID: **[CVE-2019-7317](<https://vulners.com/cve/CVE-2019-7317>) \n**DESCRIPTION: **Mozilla Firefox is vulnerable to a denial of service, caused by a use-after-free in the png_image_free function in the libpng library. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base Score: 6.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/161346> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nVRA - Vyatta 5600\n\n## Remediation/Fixes\n\nPlease contact IBM Cloud Support to request that the ISO for the 1801-z be pushed to your Vyatta system. Users will need to apply the upgraded code according to their defined processes (for example during a defined maintenance window).\n\n## Monitor IBM Cloud Status for Future Security Bulletins\n\nMonitor the [security notifications](<https://cloud.ibm.com/status?selected=security>) on the IBM Cloud Status page to be advised of future security bulletins.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nReview the [IBM security bulletin disclaimer and definitions](<https://www.ibm.com/support/pages/node/6610583#disclaimer>) regarding your responsibilities for assessing potential impact of security vulnerabilities to your environment.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU053\",\"label\":\"Cloud & Data Platform\"},\"Product\":{\"code\":\"SSH5QD\",\"label\":\"Vyatta 5600\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF004\",\"label\":\"Appliance\"}],\"Version\":\"All Versions\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"\",\"label\":\"\"}}]", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2019-07-15T22:35:01", "type": "ibm", "title": "Security Bulletin: Vyatta 5600 vRouter Software Patches - Release 1801-z", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-5743", "CVE-2018-5745", "CVE-2019-3855", "CVE-2019-3856", "CVE-2019-3857", "CVE-2019-3858", "CVE-2019-3859", "CVE-2019-3860", "CVE-2019-3861", "CVE-2019-3862", "CVE-2019-3863", "CVE-2019-6465", "CVE-2019-7317", "CVE-2019-8320", "CVE-2019-8321", "CVE-2019-8322", "CVE-2019-8323", "CVE-2019-8324", "CVE-2019-8325"], "modified": "2019-07-15T22:35:01", "id": "E817E7CC83FE8715306D28C653DB646FDADE31AB5B2E6D0633EF4C1838CEC408", "href": "https://www.ibm.com/support/pages/node/887793", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "suse": [{"lastseen": "2022-04-18T12:41:53", "description": "An update that solves 21 vulnerabilities and has two fixes\n is now available.\n\nDescription:\n\n This update for ruby2.5 and ruby-bundled-gems-rpmhelper fixes the\n following issues:\n\n Changes in ruby2.5:\n\n Update to 2.5.5 and 2.5.4:\n\n https://www.ruby-lang.org/en/news/2019/03/15/ruby-2-5-5-released/\nhttps://www.ruby-lang.org/en/news/2019/03/13/ruby-2-5-4-released/\n\n Security issues fixed:\n\n - CVE-2019-8320: Delete directory using symlink when decompressing tar\n (bsc#1130627)\n - CVE-2019-8321: Escape sequence injection vulnerability in verbose\n (bsc#1130623)\n - CVE-2019-8322: Escape sequence injection vulnerability in gem\n owner (bsc#1130622)\n - CVE-2019-8323: Escape sequence injection vulnerability in API response\n handling (bsc#1130620)\n - CVE-2019-8324: Installing a malicious gem may lead to arbitrary code\n execution (bsc#1130617)\n - CVE-2019-8325: Escape sequence injection vulnerability in errors\n (bsc#1130611)\n\n\n Ruby 2.5 was updated to 2.5.3:\n\n This release includes some bug fixes and some security fixes.\n\n Security issues fixed:\n\n - CVE-2018-16396: Tainted flags are not propagated in Array#pack and\n String#unpack with some directives (bsc#1112532)\n - CVE-2018-16395: OpenSSL::X509::Name equality check does not work\n correctly (bsc#1112530)\n\n Ruby 2.5 was updated to 2.5.1:\n\n This release includes some bug fixes and some security fixes.\n\n Security issues fixed:\n\n - CVE-2017-17742: HTTP response splitting in WEBrick (bsc#1087434)\n - CVE-2018-6914: Unintentional file and directory creation with directory\n traversal in tempfile and tmpdir (bsc#1087441)\n - CVE-2018-8777: DoS by large request in WEBrick (bsc#1087436)\n - CVE-2018-8778: Buffer under-read in String#unpack (bsc#1087433)\n - CVE-2018-8779: Unintentional socket creation by poisoned NUL byte in\n UNIXServer and UNIXSocket (bsc#1087440)\n - CVE-2018-8780: Unintentional directory traversal by poisoned NUL byte in\n Dir (bsc#1087437)\n\n - Multiple vulnerabilities in RubyGems were fixed:\n\n - CVE-2018-1000079: Fixed path traversal issue during gem installation\n allows to write to arbitrary filesystem locations (bsc#1082058)\n - CVE-2018-1000075: Fixed infinite loop vulnerability due to negative\n size in tar header causes Denial of Service (bsc#1082014)\n - CVE-2018-1000078: Fixed XSS vulnerability in homepage attribute when\n displayed via gem server (bsc#1082011)\n - CVE-2018-1000077: Fixed that missing URL validation on spec home\n attribute allows malicious gem to set an invalid homepage URL\n (bsc#1082010)\n - CVE-2018-1000076: Fixed improper verification of signatures in tarball\n allows to install mis-signed gem (bsc#1082009)\n - CVE-2018-1000074: Fixed unsafe Object Deserialization Vulnerability in\n gem owner allowing arbitrary code execution on specially crafted YAML\n (bsc#1082008)\n - CVE-2018-1000073: Fixed path traversal when writing to a symlinked\n basedir outside of the root (bsc#1082007)\n\n Other changes:\n\n - Fixed Net::POPMail methods modify frozen literal when using default arg\n - ruby: change over of the Japanese Era to the new emperor May 1st 2019\n (bsc#1133790)\n - build with PIE support (bsc#1130028)\n\n\n Changes in ruby-bundled-gems-rpmhelper:\n\n - Add a new helper for bundled ruby gems.\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.1:\n\n zypper in -t patch openSUSE-2019-1771=1\n\n - openSUSE Leap 15.0:\n\n zypper in -t patch openSUSE-2019-1771=1", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-07-21T00:00:00", "type": "suse", "title": "Security update for ruby-bundled-gems-rpmhelper, ruby2.5 (important)", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 9.2, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-17742", "CVE-2018-1000073", "CVE-2018-1000074", "CVE-2018-1000075", "CVE-2018-1000076", "CVE-2018-1000077", "CVE-2018-1000078", "CVE-2018-1000079", "CVE-2018-16395", "CVE-2018-16396", "CVE-2018-6914", "CVE-2018-8777", "CVE-2018-8778", "CVE-2018-8779", "CVE-2018-8780", "CVE-2019-8320", "CVE-2019-8321", "CVE-2019-8322", "CVE-2019-8323", "CVE-2019-8324", "CVE-2019-8325"], "modified": "2019-07-21T00:00:00", "id": "OPENSUSE-SU-2019:1771-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/DDFTKHWDUNIX327O4WIHXU2TIVV47W3Z/", "cvss": {"score": 8.8, "vector": "AV:N/AC:M/Au:N/C:N/I:C/A:C"}}]}