4 matches found
CVE-2009-5147
CVE-2009-5147 affects Ruby’s DL::dlopen by allowing libraries with tainted names to be opened on several Ruby releases (1.8, 1.9.x, 2.0.0 pre-patch 648, and 2.1 pre-2.1.8). Connected materials document a regression in later Ruby/fiddle handling (CVE-2015-7551) that ties back to this regression an...
UBUNTU-CVE-2009-5147
DL::dlopen in Ruby 1.8, 1.9.0, 1.9.2, 1.9.3, 2.0.0 before patchlevel 648, and 2.1 before 2.1.8 opens libraries with tainted names...
Low: ruby19, ruby20, ruby21, ruby22
Issue Overview: DL::dlopen could open a library with tainted library name even if $SAFE 0. Affected Packages: ruby19, ruby20, ruby21, ruby22 Issue Correction: Run yum update ruby19 or yum update --advisory ALAS-2016-632 to update your system. Run yum update ruby20 or yum update --advisory...
Ruby DL::dlopen could open a library with tainted library name even if $SAFE > 0
DL::dlopen could open a library with tainted library name even if $SAFE 0...