RDoc: Remote Code Execution

Background RDoc produces HTML and command-line documentation for Ruby projects. Description A vulnerability has been discovered in RDoc. Please review the CVE identifier referenced below for details. Impact When parsing .rdocoptions used for configuration in RDoc as a YAML file, object injection...

RDoc: Command Injection

Background RDoc produces HTML and command-line documentation for Ruby projects. Description A vulnerability has been discovered in RDoc. Please review the CVE identifier referenced below for details. Impact RDoc used to call Kernelopen to open a local file. If a Ruby project has a file whose name...

The vulnerability of the Bundler’s package manager in Ruby projects allows attackers to execute arbitrary code by exploiting the use of files and directories accessible from external sources.

The vulnerability of the Bundler’s package manager in Ruby projects relates to the use of files and directories accessible from external sources. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

[SECURITY] Fedora 17 Update: rubygem-rdoc-3.12-5.fc17

RDoc produces HTML and command-line documentation for Ruby projects. RDoc includes the +rdoc+ and +ri+ tools for generating and displaying online documentation. See RDoc for a description of RDoc's markup and basic use...