Updated ruby-RubyGems package fixes security vulnerabilities The following vulnerabilities have been reported. CVE-2019-8320: Delete directory using symlink when decompressing tar CVE-2019-8321: Escape sequence injection vulnerability in verbose CVE-2019-8322: Escape sequence injection vulnerability in gem owner CVE-2019-8323: Escape sequence injection vulnerability in API response handling CVE-2019-8324: Installing a malicious gem may lead to arbitrary code execution CVE-2019-8325: Escape sequence injection vulnerability in errors

OSVersionArchitecturePackageVersionFilename
Mageia7noarchruby-rubygems< 2.6.14-3.1ruby-RubyGems-2.6.14-3.1.mga7

OS	Version	Architecture	Package	Version	Filename
Mageia	7	noarch	ruby-rubygems	< 2.6.14-3.1	ruby-RubyGems-2.6.14-3.1.mga7

References

bugs.mageia.org/show_bug.cgi?id=22696

www.ruby-lang.org/en/news/2019/03/05/multiple-vulnerabilities-in-rubygems/

openvas 36

osv 19

nessus 58

debian 11

ubuntu 3

mageia 2

amazon 5

freebsd 1

fedora 4

redhat 12

cloudfoundry 1

f5 3

centos 2

rocky 1

oraclelinux 2

suse 1

ibm 1

alpinelinux 2

redhatcve 5

cvelist 6

ubuntucve 5

cve 3

prion 6

github 4

veracode 3

debiancve 3

openvas

Mageia: Security Advisory (MGASA-2020-0243)

2022-01-28 00:00:00

Debian: Security Advisory (DLA-1796-1)

2019-05-21 00:00:00

Ubuntu: Security Advisory (USN-3621-1)

2018-10-26 00:00:00

osv

jruby - security update

2019-05-20 00:00:00

jruby - security update

2018-06-08 00:00:00

ruby2.3 - security update

2019-04-16 00:00:00

nessus

Debian DLA-1796-1 : jruby security update

2019-05-21 00:00:00

Ubuntu 14.04 LTS / 16.04 LTS : Ruby vulnerabilities (USN-3621-1)

2018-04-06 00:00:00

Ubuntu 14.04 LTS : Ruby regression (USN-3621-2)

2018-04-16 00:00:00

debian

[SECURITY] [DLA 1796-1] jruby security update

2019-05-20 11:07:17

[SECURITY] [DSA 4219-1] jruby security update

2018-06-08 09:31:46

[SECURITY] [DSA 4219-1] jruby security update

2018-06-08 09:32:09

ubuntu

Ruby regression

2018-04-13 00:00:00

Ruby vulnerabilities

2018-04-05 00:00:00

Ruby vulnerabilities

2019-04-11 00:00:00

mageia

Updated jruby packages fix security vulnerability

2019-02-13 14:08:25

Updated jruby packages fix security vulnerabilities

2020-11-27 23:14:57

amazon

Important: ruby20, ruby21, ruby24

2019-08-07 22:58:00

Medium: ruby

2018-04-05 16:06:00

Important: ruby

2019-07-18 18:14:00

freebsd

RubyGems -- multiple vulnerabilities

2019-03-05 00:00:00

fedora

[SECURITY] Fedora 28 Update: ruby-2.5.5-108.fc28

2019-05-10 01:35:27

[SECURITY] Fedora 29 Update: ruby-2.5.5-101.fc29

2019-05-03 03:43:05

[SECURITY] Fedora 26 Update: ruby-2.4.3-87.fc26

2018-03-11 20:00:06

redhat

(RHSA-2019:1150) Important: rh-ruby24-ruby security, bug fix, and enhancement update

2019-05-13 09:00:24

(RHSA-2019:1429) Important: CloudForms 4.7.5 security, bug fix and enhancement update

2019-06-11 05:28:05

(RHSA-2019:1148) Important: rh-ruby25-ruby security, bug fix, and enhancement update

2019-05-13 08:37:41

cloudfoundry

USN-3945-1: Ruby vulnerabilities | Cloud Foundry

2019-04-12 00:00:00

K52952871 : Multiple RubyGems vulnerabilities

2022-02-16 00:00:00

K84262603 : Multiple Ruby vulnerabilities

2022-04-22 00:00:00

K81674333 : Ruby vulnerabilities CVE-2019-8322 CVE-2019-8323 CVE-2019-8324 CVE-2019-8325

2022-10-20 00:00:00

centos

ruby, rubygem, rubygems security update

2019-05-21 21:25:00

ruby, rubygem, rubygems security update

2019-08-30 04:17:17

rocky

2.5 bug fix and enhancement update

2019-11-05 17:38:32

oraclelinux

ruby security update

2019-05-16 00:00:00

ruby security update

2019-08-13 00:00:00

suse

Security update for ruby-bundled-gems-rpmhelper, ruby2.5 (important)

2019-07-21 00:00:00

ibm

Security Bulletin: Vyatta 5600 vRouter Software Patches - Release 1801-z

2019-07-15 22:35:01

alpinelinux

CVE-2019-8321

2019-06-17 20:15:00

CVE-2019-8322

2019-06-17 20:15:00

redhatcve

CVE-2018-1000073

2018-02-21 11:16:12

CVE-2018-1000076

2020-02-25 13:31:46

CVE-2019-8320

2020-04-04 11:14:27

cvelist

CVE-2018-1000073

2018-03-13 15:00:00

CVE-2018-1000074

2018-03-13 15:00:00

CVE-2019-8320

2019-06-06 14:50:02

ubuntucve

CVE-2018-1000079

2018-03-13 00:00:00

CVE-2018-1000078

2018-03-13 00:00:00

CVE-2018-1000074

2018-03-13 00:00:00

cve

CVE-2019-8321

2019-06-17 20:15:00

CVE-2018-1000078

2018-03-13 15:29:00

CVE-2019-8323

2019-06-17 20:15:00

prion

Design/Logic Flaw

2019-06-17 20:15:00

Input validation

2018-03-13 15:29:00

Directory traversal

2018-03-13 15:29:00

github

RubyGems Improper Input Validation vulnerability

2022-05-14 01:01:09

RubyGems Delete directory using symlink when decompressing tar

2019-06-20 16:06:15

RubyGems Escape sequence injection vulnerability in api response handling

2019-06-20 16:05:57

veracode

Deserialization Of Untrusted Data

2019-05-16 03:22:56

Escape Sequence Injection

2019-05-16 04:01:21

Escape Sequence Injection

2019-05-16 03:48:47

debiancve

CVE-2019-8322

2019-06-17 20:15:00

CVE-2018-1000078

2018-03-13 15:29:00

CVE-2018-1000073

2018-03-13 15:29:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
OpenSource

@2024 Vulners Inc

0.022 Low

EPSS

Percentile

89.3%

JSON

Related for MGASA-2020-0243