CVE-2017-0900 – rubygems: No size limit in summary length of gem spec
https://notcve.org/view.php?id=CVE-2017-0900
RubyGems version 2.6.12 and earlier is vulnerable to maliciously crafted gem specifications to cause a denial of service attack against RubyGems clients who have issued a `query` command. RubyGems 2.6.12 y anteriores es vulnerable a especificaciones de gemas manipuladas maliciosamente para provocar ataques de denegación de servicio contra clientes RubyGems que hayan enviado un comando query. It was found that rubygems could use an excessive amount of CPU while parsing a sufficiently long gem summary. A specially crafted gem from a gem repository could freeze gem commands attempting to parse its summary. • http://blog.rubygems.org/2017/08/27/2.6.13-released.html http://www.securityfocus.com/bid/100579 http://www.securitytracker.com/id/1039249 https://access.redhat.com/errata/RHSA-2017:3485 https://access.redhat.com/errata/RHSA-2018:0378 https://access.redhat.com/errata/RHSA-2018:0583 https://access.redhat.com/errata/RHSA-2018:0585 https://github.com/rubygems/rubygems/commit/8a38a4fc24c6591e6c8f43d1fadab6efeb4d6251 https://hackerone.com/reports/243003 https://lists.debian.org/debian- • CWE-20: Improper Input Validation CWE-138: Improper Neutralization of Special Elements •
CVE-2017-0901 – RubyGems < 2.6.13 - Arbitrary File Overwrite
https://notcve.org/view.php?id=CVE-2017-0901
RubyGems version 2.6.12 and earlier fails to validate specification names, allowing a maliciously crafted gem to potentially overwrite any file on the filesystem. RubyGems 2.6.12 y anteriores no valida con éxito los nombres de las especificaciones, permitiendo que una gema manipulada maliciosamente sobrescriba cualquier archivo en el sistema de archivos. It was found that rubygems did not sanitize gem names during installation of a given gem. A specially crafted gem could use this flaw to install files outside of the regular directory. RubyGems versions prior to 2.6.13 suffer from an arbitrary file overwrite vulnerability. • https://www.exploit-db.com/exploits/42611 http://blog.rubygems.org/2017/08/27/2.6.13-released.html http://www.securityfocus.com/bid/100580 http://www.securitytracker.com/id/1039249 https://access.redhat.com/errata/RHSA-2017:3485 https://access.redhat.com/errata/RHSA-2018:0378 https://access.redhat.com/errata/RHSA-2018:0583 https://access.redhat.com/errata/RHSA-2018:0585 https://github.com/rubygems/rubygems/commit/ad5c0a53a86ca5b218c7976765c0365b91d22cb2 https://hackerone.com/repor • CWE-20: Improper Input Validation CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-138: Improper Neutralization of Special Elements •
CVE-2013-4363
https://notcve.org/view.php?id=CVE-2013-4363
Algorithmic complexity vulnerability in Gem::Version::ANCHORED_VERSION_PATTERN in lib/rubygems/version.rb in RubyGems before 1.8.23.2, 1.8.24 through 1.8.26, 2.0.x before 2.0.10, and 2.1.x before 2.1.5, as used in Ruby 1.9.0 through 2.0.0p247, allows remote attackers to cause a denial of service (CPU consumption) via a crafted gem version that triggers a large amount of backtracking in a regular expression. NOTE: this issue is due to an incomplete fix for CVE-2013-4287. Vulnerabilidad en la complejidad algorítmica en Gem :: Versión :: ANCHORED_VERSION_PATTERN en lib / rubygems / version.rb en RubyGems anterior a 1.8.23.2, 1.8.24 hasta 1.8.26, 2.0.x anterior a 2.0.10, 2.1.5 y 2.1.x anterior a , como se usa en Ruby 1.9.0 hasta 2.0.0p247, permite a atacantes remotos provocar una denegación de servicio (consumo de CPU) a través de una versión gem manipulada que provoca una gran cantidad de retroceso en una expresión regular. NOTA: este problema se debe a una corrección incompleta de CVE-2013-4287. • http://blog.rubygems.org/2013/09/24/CVE-2013-4363.html http://www.openwall.com/lists/oss-security/2013/09/14/3 http://www.openwall.com/lists/oss-security/2013/09/18/8 http://www.openwall.com/lists/oss-security/2013/09/20/1 https://puppet.com/security/cve/cve-2013-4363 • CWE-310: Cryptographic Issues •
CVE-2013-4287 – rubygems: version regex algorithmic complexity vulnerability
https://notcve.org/view.php?id=CVE-2013-4287
Algorithmic complexity vulnerability in Gem::Version::VERSION_PATTERN in lib/rubygems/version.rb in RubyGems before 1.8.23.1, 1.8.24 through 1.8.25, 2.0.x before 2.0.8, and 2.1.x before 2.1.0, as used in Ruby 1.9.0 through 2.0.0p247, allows remote attackers to cause a denial of service (CPU consumption) via a crafted gem version that triggers a large amount of backtracking in a regular expression. Vulnerabilidad en la complejidad algorítmicade Gem :: Versión :: VERSION_PATTERN en lib / rubygems / version.rb de RubyGems antes 1.8.23.1, 1.8.24 hasta 1.8.25, 2.0.x antes de 2.0.8, y 2.1.x anterior a 2.1.0 , como se usa en Ruby 1.9.0 hasta 2.0.0p247, permite a atacantes remotos provocar una denegación de servicio (consumo de CPU) a través de una versión de una gem manipulada que provoca una gran cantidad de retroceso en una expresión regular. • http://blog.rubygems.org/2013/09/09/CVE-2013-4287.html http://rhn.redhat.com/errata/RHSA-2013-1427.html http://rhn.redhat.com/errata/RHSA-2013-1441.html http://rhn.redhat.com/errata/RHSA-2013-1523.html http://rhn.redhat.com/errata/RHSA-2013-1852.html http://rhn.redhat.com/errata/RHSA-2014-0207.html http://secunia.com/advisories/55381 http://www.openwall.com/lists/oss-security/2013/09/10/1 https://puppet.com/security/cve/cve-2013-4287 https://acces • CWE-310: Cryptographic Issues CWE-400: Uncontrolled Resource Consumption •