Contents

---
gem: netaddr
cve: 2019-17383
ghsa: 49pj-69vf-c689
url: https://github.com/dspinhirne/netaddr-rb/pull/20
date: 2019-10-14
title: netaddr world-writeable file permissions
description: |
  The netaddr gem before 2.0.4 for Ruby has misconfigured file permissions,
  such that a gem install may result in 0777 permissions in the target filesystem.
cvss_v3: 9.8
patched_versions:
- ">= 2.0.4"

Version data entries

1 entries across 1 versions & 1 rubygems

Version	Path
bundler-audit-0.7.0.1	data/ruby-advisory-db/gems/netaddr/CVE-2019-17383.yml