CVSS: 7.5EPSS: 1%CPEs: 5EXPL: 0CVE-2018-1000075 – rubygems: Infinite loop vulnerability due to negative size in tar header causes Denial of Service
https://notcve.org/view.php?id=CVE-2018-1000075
RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 series: 2.4.3 and earlier, Ruby 2.5 series: 2.5.0 and earlier, prior to trunk revision 62422 contains a infinite loop caused by negative size vulnerability in ruby gem package tar header that can result in a negative size could cause an infinite loop.. This vulnerability appears to have been fixed in 2.7.6. Las versiones de RubyGems de la serie Ruby 2.2: 2.2.9 y anteriores, de la serie Ruby 2.3: 2.3.6 y anteriores, de la serie Ruby 2.4: 2.4.3 y anteriores, y de la serie Ruby 2.5: versiones 2.5.0 y anteriores, anteriores a la revisión del trunk 62422 contiene un bucle infinito provocado por una vulnerabilidad de tamaño negativo en la cabecera tar del paquete de ruby gem que puede resultar en un tamaño negativo que desemboque en un bucle infinito. La vulnerabilidad parece haber sido solucionada en la versión 2.7.6. • http://blog.rubygems.org/2018/02/15/2.7.6-released.html http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00036.html https://access.redhat.com/errata/RHSA-2018:3729 https://access.redhat.com/errata/RHSA-2018:3730 https://access.redhat.com/errata/RHSA-2018:3731 https://access.redhat.com/errata/RHSA-2019:2028 https://access.redhat.com/errata/RHSA-2020:0542 https://access.redhat.com/errata/RHSA-2020:0591 https://access.redhat.com/errata/RHSA-2020:0663 https& • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 6.1EPSS: 0%CPEs: 5EXPL: 0CVE-2018-1000078 – rubygems: XSS vulnerability in homepage attribute when displayed via gem server
https://notcve.org/view.php?id=CVE-2018-1000078
RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 series: 2.4.3 and earlier, Ruby 2.5 series: 2.5.0 and earlier, prior to trunk revision 62422 contains a Cross Site Scripting (XSS) vulnerability in gem server display of homepage attribute that can result in XSS. This attack appear to be exploitable via the victim must browse to a malicious gem on a vulnerable gem server. This vulnerability appears to have been fixed in 2.7.6. Las versiones de RubyGems de la serie Ruby 2.2: 2.2.9 y anteriores, de la serie Ruby 2.3: 2.3.6 y anteriores, de la serie Ruby 2.4: 2.4.3 y anteriores, y de la serie Ruby 2.5: versiones 2.5.0 y anteriores, anteriores a la revisión del trunk 62422 contiene una vulnerabilidad de Cross-Site Scripting (XSS) en la visualización del servidor gem del atributo homepage que podría resultar en XSS. El ataque parece ser explotable mediante una víctima que navegue hasta una gema maliciosa en un servidor gem vulnerable. • http://blog.rubygems.org/2018/02/15/2.7.6-released.html http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00036.html https://access.redhat.com/errata/RHSA-2018:3729 https://access.redhat.com/errata/RHSA-2018:3730 https://access.redhat.com/errata/RHSA-2018:3731 https://access.redhat.com/errata/RHSA-2019:2028 https://access.redhat.com/errata/RHSA-2020:0542 https://access.redhat.com/errata/RHSA-2020:0591 https://access.redhat.com/errata/RHSA-2020:0663 https& • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2018-1000073 – rubygems: Path traversal when writing to a symlinked basedir outside of the root
https://notcve.org/view.php?id=CVE-2018-1000073
RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 series: 2.4.3 and earlier, Ruby 2.5 series: 2.5.0 and earlier, prior to trunk revision 62422 contains a Directory Traversal vulnerability in install_location function of package.rb that can result in path traversal when writing to a symlinked basedir outside of the root. This vulnerability appears to have been fixed in 2.7.6. Las versiones de RubyGems de la serie Ruby 2.2: 2.2.9 y anteriores, de la serie Ruby 2.3: 2.3.6 y anteriores, de la serie Ruby 2.4: 2.4.3 y anteriores, y de la serie Ruby 2.5: 2.5.0 y anteriores, anteriores a la revisión del trunk 62422 contiene una vulnerabilidad de salto de directorio en la función install_location de package.rb que puede resultar en un salto de directorio al escribir en un basedir vinculado simbólicamente fuera del root. La vulnerabilidad parece haber sido solucionada en la versión 2.7.6. • http://blog.rubygems.org/2018/02/15/2.7.6-released.html http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00036.html https://access.redhat.com/errata/RHSA-2018:3729 https://access.redhat.com/errata/RHSA-2018:3730 https://access.redhat.com/errata/RHSA-2018:3731 https://access.redhat.com/errata/RHSA-2019:2028 https://access.redhat.com/errata/RHSA-2020:0542 https://access.redhat.com/errata/RHSA-2020:0591 https://access.redhat.com/errata/RHSA-2020:0663 https& • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 9.8EPSS: 2%CPEs: 13EXPL: 1CVE-2017-0899 – rubygems: Escape sequence in the "summary" field of gemspec
https://notcve.org/view.php?id=CVE-2017-0899
RubyGems version 2.6.12 and earlier is vulnerable to maliciously crafted gem specifications that include terminal escape characters. Printing the gem specification would execute terminal escape sequences. RubyGems 2.6.12 y anteriores es vulnerable a especificaciones de gemas manipuladas maliciosamente que incluyen caracteres de escapada de terminal. Imprimir la especificación de las gemas ejecutaría secuencias de escapada de terminal. A vulnerability was found where rubygems did not properly sanitize gems' specification text. • http://blog.rubygems.org/2017/08/27/2.6.13-released.html http://www.securityfocus.com/bid/100576 http://www.securitytracker.com/id/1039249 https://access.redhat.com/errata/RHSA-2017:3485 https://access.redhat.com/errata/RHSA-2018:0378 https://access.redhat.com/errata/RHSA-2018:0583 https://access.redhat.com/errata/RHSA-2018:0585 https://github.com/rubygems/rubygems/commit/1bcbc7fe637b03145401ec9c094066285934a7f1 https://github.com/rubygems/rubygems/commit/ef0aa611effb5f54d40c7fba6e8235eb43c5a491 https • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-138: Improper Neutralization of Special Elements CWE-150: Improper Neutralization of Escape, Meta, or Control Sequences •
CVSS: 8.1EPSS: 0%CPEs: 16EXPL: 2CVE-2017-0902 – rubygems: DNS hijacking vulnerability
https://notcve.org/view.php?id=CVE-2017-0902
RubyGems version 2.6.12 and earlier is vulnerable to a DNS hijacking vulnerability that allows a MITM attacker to force the RubyGems client to download and install gems from a server that the attacker controls. RubyGems 2.6.12 y anteriores es vulnerable a secuestro de DNS, lo que permite a un atacante Man-in-the-Middle (MitM) forzar el cliente RubyGems a que descargue e instale gemas desde un servidor que está bajo el control del atacante. A vulnerability was found where rubygems did not sanitize DNS responses when requesting the hostname of the rubygems server for a domain, via a _rubygems._tcp DNS SRV query. An attacker with the ability to manipulate DNS responses could direct the gem command towards a different domain. • http://blog.rubygems.org/2017/08/27/2.6.13-released.html http://www.securityfocus.com/bid/100586 http://www.securitytracker.com/id/1039249 https://access.redhat.com/errata/RHSA-2017:3485 https://access.redhat.com/errata/RHSA-2018:0378 https://access.redhat.com/errata/RHSA-2018:0583 https://access.redhat.com/errata/RHSA-2018:0585 https://github.com/rubygems/rubygems/commit/8d91516fb7037ecfb27622f605dc40245e0f8d32 https://hackerone.com/reports/218088 https://lists.debian.org/debian- • CWE-138: Improper Neutralization of Special Elements CWE-346: Origin Validation Error CWE-350: Reliance on Reverse DNS Resolution for a Security-Critical Action •