CVE-2019-18409
The CVE-2019-18409 entry concerns the ruby_parser-legacy gem (version 1.0.0) for Ruby, where local privilege escalation is possible due to world-writable files. The Red Hat and other sources reiterate that, for example, if the brakeman gem (with legacy dependency) versions 4.5.0–4.7.0 are used, a...