File tree Expand file tree Collapse file tree 4 files changed +72
-0
lines changed
Expand file tree Collapse file tree 4 files changed +72
-0
lines changed Original file line number Diff line number Diff line change 1+ ---
2+ engine : ruby
3+ cve : 2019-15845
4+ url : https://www.ruby-lang.org/en/news/2019/10/01/nul-injection-file-fnmatch-cve-2019-15845/
5+ title : A NUL injection vulnerability of File.fnmatch and File.fnmatch?
6+ date : 2019-10-01
7+ description : |
8+ Built-in methods File.fnmatch and its alias File.fnmatch? accept the path
9+ pattern as their first parameter. When the pattern contains NUL character
10+ (\0), the methods recognize that the path pattern ends immediately before the
11+ NUL byte. Therefore, a script that uses an external input as the pattern
12+ argument, an attacker can make it wrongly match a pathname that is the second
13+ parameter.
14+ patched_versions :
15+ - " ~> 2.4.8"
16+ - " ~> 2.5.7"
17+ - " ~> 2.6.5"
18+ - " > 2.7.0-preview1"
Original file line number Diff line number Diff line change 1+ ---
2+ engine : ruby
3+ cve : 2019-16201
4+ url : https://www.ruby-lang.org/en/news/2019/10/01/webrick-regexp-digestauth-dos-cve-2019-16201/
5+ title : Regular Expression Denial of Service vulnerability of WEBrick's Digest access authentication
6+ date : 2019-10-01
7+ description : |
8+ Regular expression denial of service vulnerability of WEBrick’s Digest
9+ authentication module was found. An attacker can exploit this vulnerability
10+ to cause an effective denial of service against a WEBrick service.
11+ patched_versions :
12+ - " ~> 2.4.8"
13+ - " ~> 2.5.7"
14+ - " ~> 2.6.5"
15+ - " > 2.7.0-preview1"
Original file line number Diff line number Diff line change 1+ ---
2+ engine : ruby
3+ cve : 2019-16254
4+ url : https://www.ruby-lang.org/en/news/2019/10/01/http-response-splitting-in-webrick-cve-2019-16254/
5+ title : HTTP response splitting in WEBrick (Additional fix)
6+ date : 2019-10-01
7+ description : |
8+ If a program using WEBrick inserts untrusted input into the response header,
9+ an attacker can exploit it to insert a newline character to split a header,
10+ and inject malicious content to deceive clients.
11+
12+ This is the same issue as CVE-2017-17742. The previous fix was incomplete,
13+ which addressed the CRLF vector, but did not address an isolated CR or an
14+ isolated LF.
15+ patched_versions :
16+ - " ~> 2.4.8"
17+ - " ~> 2.5.7"
18+ - " ~> 2.6.5"
19+ - " > 2.7.0-preview1"
Original file line number Diff line number Diff line change 1+ ---
2+ engine : ruby
3+ cve : 2019-16255
4+ url : https://www.ruby-lang.org/en/news/2019/10/01/code-injection-shell-test-cve-2019-16255/
5+ title : A code injection vulnerability of Shell#[] and Shell#test
6+ date : 2019-10-01
7+ description : |
8+ Shell#[] and its alias Shell#test defined in lib/shell.rb allow code
9+ injection if the first argument (aka the “command” argument) is untrusted
10+ data. An attacker can exploit this to call an arbitrary Ruby method.
11+
12+ Note that passing untrusted data to methods of Shell is dangerous in general.
13+ Users must never do it. However, we treat this particular case as a
14+ vulnerability because the purpose of Shell#[] and Shell#[] is considered file
15+ testing.
16+ patched_versions :
17+ - " ~> 2.4.8"
18+ - " ~> 2.5.7"
19+ - " ~> 2.6.5"
20+ - " > 2.7.0-preview1"
You can’t perform that action at this time.
0 commit comments