Ruby is vulnerable to improper signature validation vulnerability. This occurs in the tarball in package.rb which allows to install mis-signed gem.

References

access.redhat.com/errata/RHSA-2018:3729

access.redhat.com/security/updates/classification/#important

bugzilla.redhat.com/show_bug.cgi?id=1650591

prion 1

redhatcve 1

debiancve 1

cvelist 1

osv 9

nvd 1

github 1

ubuntucve 1

rubygems 1

cve 1

openvas 19

nessus 32

debian 8

f5 2

ubuntu 2

mageia 2

amazon 3

redhat 7

centos 1

oraclelinux 1

suse 1

prion

Input validation

2018-03-13 15:29:00

redhatcve

CVE-2018-1000076

2020-02-25 13:31:46

debiancve

CVE-2018-1000076

2018-03-13 15:29:00

cvelist

CVE-2018-1000076

2018-03-13 15:00:00

osv

CVE-2018-1000076

2018-03-13 15:29:00

RubyGems Improper Verification of Cryptographic Signature vulnerability

2022-05-14 01:01:12

jruby - security update

2018-03-31 00:00:00

nvd

CVE-2018-1000076

2018-03-13 15:29:00

github

RubyGems Improper Verification of Cryptographic Signature vulnerability

2022-05-14 01:01:12

ubuntucve

CVE-2018-1000076

2018-03-13 00:00:00

rubygems

RubyGems Improper Verification of Cryptographic Signature vulnerability

2022-05-13 21:00:00

cve

CVE-2018-1000076

2018-03-13 15:29:00

openvas

Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2018-1108)

2020-01-23 00:00:00

Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2018-1143)

2020-01-23 00:00:00

Debian: Security Advisory (DLA-1337-1)

2018-04-02 00:00:00

nessus

EulerOS 2.0 SP1 : ruby (EulerOS-SA-2018-1143)

2018-05-29 00:00:00

EulerOS 2.0 SP2 : ruby (EulerOS-SA-2018-1108)

2018-05-02 00:00:00

Debian DLA-1337-1 : jruby security update

2018-04-03 00:00:00

debian

[SECURITY] [DLA 1336-1] rubygems security update

2018-04-01 17:18:32

[SECURITY] [DLA 1337-1] jruby security update

2018-04-02 21:10:51

[SECURITY] [DSA 4219-1] jruby security update

2018-06-08 09:31:46

K52952871 : Multiple RubyGems vulnerabilities

2022-02-16 00:00:00

K84262603 : Multiple Ruby vulnerabilities

2022-04-22 00:00:00

ubuntu

Ruby vulnerabilities

2018-04-05 00:00:00

Ruby regression

2018-04-13 00:00:00

mageia

Updated jruby packages fix security vulnerability

2019-02-13 14:08:25

Updated ruby-RubyGems packages fix security vulnerability

2020-06-11 00:39:20

amazon

Medium: ruby

2018-04-05 16:06:00

Medium: ruby

2019-08-23 03:41:00

Medium: ruby20, ruby22, ruby23, ruby24

2018-04-04 23:18:00

redhat

(RHSA-2020:0591) Moderate: ruby security update

2020-02-25 11:32:20

(RHSA-2020:0542) Moderate: ruby security update

2020-02-18 13:56:05

(RHSA-2020:0663) Moderate: ruby security update

2020-03-03 13:41:04

centos

ruby, rubygem, rubygems security update

2019-08-30 04:17:17

oraclelinux

ruby security update

2019-08-13 00:00:00

suse

Security update for ruby-bundled-gems-rpmhelper, ruby2.5 (important)

2019-07-21 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

EPSS

0.014

Percentile

86.6%

JSON

Related for VERACODE:19709