Lucene search
K

5 matches found

RedHat Linux
RedHat Linux
added 2019/11/05 9:13 p.m.5 views

rubygems: Escape sequence injection vulnerability in verbose

An issue was discovered in RubyGems 2.6 and later through 3.0.2. Since Gem::UserInteractionverbose calls say without escaping, escape sequence injection is possible...

7.5CVSS6.7AI score0.03372EPSS
Exploits0References4
Snyk
Snyk
added 2019/06/20 4:6 p.m.4 views

Arbitrary Code Injection

Overview rubygems-update is an inbuilt rubygem for updating rubygems. Affected versions of this package are vulnerable to Arbitrary Code Injection due to the Gem::UserInteractionverbose function which calls say without escaping. Remediation Upgrade rubygems-update to version 2.7.9, 3.0.3 or highe...

7.5CVSS7.3AI score0.03372EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2019/06/11 5:33 a.m.4 views

rubygems: Escape sequence injection vulnerability in verbose

An issue was discovered in RubyGems 2.6 and later through 3.0.2. Since Gem::UserInteractionverbose calls say without escaping, escape sequence injection is possible...

7.5CVSS6.7AI score0.03372EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2019/05/13 9:20 a.m.5 views

rubygems: Escape sequence injection vulnerability in verbose

An issue was discovered in RubyGems 2.6 and later through 3.0.2. Since Gem::UserInteractionverbose calls say without escaping, escape sequence injection is possible...

7.5CVSS6.7AI score0.03372EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2019/05/13 9:4 a.m.6 views

rubygems: Escape sequence injection vulnerability in verbose

An issue was discovered in RubyGems 2.6 and later through 3.0.2. Since Gem::UserInteractionverbose calls say without escaping, escape sequence injection is possible...

7.5CVSS6.7AI score0.03372EPSS
Exploits0References4
Rows per page
Query Builder