CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:P/A:N
EPSS
Percentile
93.4%
Secunia reports:
Two vulnerabilities have been reported in Ruby, which can
be exploited by malicious people to bypass certain security
restrictions.
An error in the handling of the “alias” functionality
can be exploited to bypass the safe level protection and
replace methods called in the trusted level.
An error caused due to directory operations not being
properly checked can be exploited to bypass the safe
level protection and close untainted directory streams.