Lucene search
Ooooooo_qH1:2438265HistoryMar 27, 2024 - 11:54 p.m.
Internet Bug Bounty: CVE-2024-27281: RCE vulnerability with .rdoc_options in RDoc
2024-03-2723:54:54
ooooooo_q
hackerone.com
$4860
59
internet bug bounty
cve-2024-27281
rce vulnerability
rdoc
ruby 3.x
object injection
remote code execution
yaml
documentation cache
hackerone report
I made a report at https://hackerone.com/reports/1187477
https://www.ruby-lang.org/en/news/2024/03/21/rce-rdoc-cve-2024-27281/
> An issue was discovered in RDoc 6.3.3 through 6.6.2, as distributed in Ruby 3.x through 3.3.0.
> When parsing .rdoc_options (used for configuration in RDoc) as a YAML file, object injection and resultant remote code execution are possible because there are no restrictions on the classes that can be restored.
> When loading the documentation cache, object injection and resultant remote code execution are also possible if there were a crafted cache.
Impact
RCE is possible when the rdoc command is executed for a repository received from the external.
Related
debiancve
debiancve
CVE-2024-27281
2024-05-14 15:11:57
github
github
RDoc RCE vulnerability with .rdoc_options
2024-03-25 19:36:59
redhatcve
redhatcve
CVE-2024-27281
2024-03-21 18:29:23
veracode
veracode
Remote Code Execution
2024-03-28 10:48:53
nvd
nvd
CVE-2024-27281
2024-05-14 15:11:57
cve
cve
CVE-2024-27281
2024-05-14 15:11:57
nessus
nessus
Ruby < 3.0.7 / 3.1.x < 3.1.5 / 3.2.x < 3.2.4 / 3.3.x < 3.3.1 RCE
2024-06-06 00:00:00
Ubuntu 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS : Ruby vulnerabilities (USN-6838-1)
2024-06-17 00:00:00
Rocky Linux 9 : ruby:3.3 (RLSA-2024:3671)
2024-06-14 00:00:00
osv
osv
CGA-hr6r-398j-373c
2024-06-12 20:04:07
CVE-2024-27281
2024-05-14 15:11:57
RDoc RCE vulnerability with .rdoc_options
2024-03-25 19:36:59
ubuntucve
ubuntucve
CVE-2024-27281
2024-05-14 00:00:00
alpinelinux
alpinelinux
CVE-2024-27281
2024-05-14 15:11:57
cvelist
cvelist
CVE-2024-27281
1976-01-01 00:00:00
wolfi
wolfi
CVE-2024-27281 vulnerabilities
2024-06-18 21:08:20
cbl_mariner
cbl_mariner
CVE-2024-27281 affecting package ruby for versions less than 3.1.4-4
2024-04-17 01:35:34
cgr
cgr
CVE-2024-27281 vulnerabilities
2024-05-19 03:07:16
photon
photon
Important Photon OS Security Update - PHSA-2024-5.0-0236
2024-04-01 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-6838-1)
2024-06-18 00:00:00
Slackware: Security Advisory (SSA:2024-114-01)
2024-04-24 00:00:00
Fedora: Security Advisory for ruby (FEDORA-2024-14db7b21a2)
2024-05-27 00:00:00
mageia
mageia
Updated ruby packages fix security vulnerabilities
2024-05-09 05:40:29
almalinux
almalinux
Moderate: ruby:3.1 security, bug fix, and enhancement update
2024-06-03 00:00:00
Moderate: ruby:3.3 security, bug fix, and enhancement update
2024-06-06 00:00:00
Moderate: ruby:3.3 security, bug fix, and enhancement update
2024-06-06 00:00:00
rocky
rocky
ruby:3.1 security, bug fix, and enhancement update
2024-06-14 14:00:40
ruby:3.1 security, bug fix, and enhancement update
2024-06-14 13:59:30
ruby:3.3 security, bug fix, and enhancement update
2024-06-14 14:00:40
redhat
redhat
(RHSA-2024:3500) Moderate: ruby:3.0 security update
2024-05-30 12:07:40
slackware
slackware
[slackware-security] ruby
2024-04-23 22:33:22
oraclelinux
oraclelinux
ruby:3.3 security, bug fix, and enhancement update
2024-06-07 00:00:00
ruby:3.1 security, bug fix, and enhancement update
2024-06-03 00:00:00
ruby:3.1 security, bug fix, and enhancement update
2024-06-06 00:00:00
debian
debian
[SECURITY] [DSA 5677-1] ruby3.1 security update
2024-05-03 19:47:30
fedora
fedora
[SECURITY] Fedora 40 Update: ruby-3.3.1-7.fc40
2024-05-03 01:46:00
[SECURITY] Fedora 38 Update: ruby-3.2.4-182.fc38
2024-05-04 02:20:05
[SECURITY] Fedora 39 Update: ruby-3.2.4-182.fc39
2024-05-04 01:33:23