Sha256: 7cbb4cba4ac8b0f1281b45029ca02e00070e7467323bd9d94733b580638c1e80
Contents?: true
Size: 490 Bytes
Versions: 2
Compression:
Stored size: 490 Bytes
Contents
--- library: rubygems cve: 2017-0901 url: http://blog.rubygems.org/2017/08/27/2.6.13-released.html title: RubyGems vulnerability in the gem installer that allowed a malicious gem to overwrite arbitrary files date: 2017-08-29 description: | RubyGems version 2.6.12 and earlier fails to validate specification names, allowing a maliciously crafted gem to potentially overwrite any file on the filesystem. cvss_v2: 6.4 patched_versions: - ">= 2.4.5.3" - ">= 2.5.2.1" - ">= 2.6.13"
Version data entries
2 entries across 2 versions & 1 rubygems
| Version | Path |
|---|---|
| bundler-budit-0.6.2 | data/ruby-advisory-db/libraries/rubygems/CVE-2017-0901.yml |
| bundler-budit-0.6.1 | data/ruby-advisory-db/libraries/rubygems/CVE-2017-0901.yml |