10 matches found
EUVD-2018-18658
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2018-6914
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Directory traversal vulnerability in the Dir.mktmpdir method in the tmpdir library in Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before...
SUSE CVE-2018-6914
Directory traversal vulnerability in the Dir.mktmpdir method in the tmpdir library in Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1 might allow attackers to create arbitrary directories or files via a .. dot dot in the prefix argument...
PT-2021-18004 · Ruby · Ruby
Name of the Vulnerable Software and Affected Versions: Ruby versions prior to 3.0 on Windows Description: A remote attacker can submit a crafted path when a Web application handles a parameter with TmpDir, potentially allowing them to exit the directory and impact the system. There is an...
Ruby Directory Traversal Vulnerability (CNVD-2018-07639)
Ruby is a cross-platform, object-oriented, dynamically typed programming language developed by Japanese software developer Yukihiro Matsumoto. tmpdir library is one of the libraries used to create files and directories. A directory traversal vulnerability exists in the Dir.mktmpdir method of the...
ALPINE-CVE-2018-6914
Directory traversal vulnerability in the Dir.mktmpdir method in the tmpdir library in Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1 might allow attackers to create arbitrary directories or files via a .. dot dot in the prefix argument...
CVE-2018-6914
Directory traversal vulnerability in the Dir.mktmpdir method in the tmpdir library in Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1 might allow attackers to create arbitrary directories or files via a .. dot dot in the prefix argument...
CVE-2018-6914
CVE-2018-6914 is a directory traversal vulnerability in Ruby’s tmpdir library (Dir.mktmpdir). The flaw allows an attacker to create arbitrary directories or files via a “..” in the prefix argument. Affected Ruby versions: before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, ...
CVE-2018-6914
Directory traversal vulnerability in the Dir.mktmpdir method in the tmpdir library in Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1 might allow attackers to create arbitrary directories or files via a .. dot dot in the prefix argument...
UBUNTU-CVE-2018-6914
Directory traversal vulnerability in the Dir.mktmpdir method in the tmpdir library in Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1 might allow attackers to create arbitrary directories or files via a .. dot dot in the prefix argument...