Lucene search
GoogleOSV:GHSA-3H4R-PJV6-CPH9HistoryJun 20, 2019 - 4:05 p.m.
RubyGems Escape sequence injection vulnerability in api response handling
2019-06-2016:05:57
Google
osv.dev
7
0.002 Low
EPSS
Percentile
58.3%
An issue was discovered in RubyGems 2.6 and later through 3.0.2. Gem::GemcutterUtilities#with_response may output the API response to stdout as it is. Therefore, if the API side modifies the response, escape sequence injection may occur.
References
lists.opensuse.org/opensuse-security-announce/2019-07/msg00036.html
blog.rubygems.org/2019/03/05/security-advisories-2019-03.html
github.com/rubysec/ruby-advisory-db/blob/master/gems/rubygems-update/CVE-2019-8323.yml
hackerone.com/reports/315081
lists.debian.org/debian-lts-announce/2020/08/msg00027.html
nvd.nist.gov/vuln/detail/CVE-2019-8323
Related
github
github
RubyGems Escape sequence injection vulnerability in api response handling
2019-06-20 16:05:57
veracode
veracode
Escape Sequence Injection
2019-05-16 03:48:47
osv
osv
CVE-2019-8323
2019-06-17 20:15:10
ruby2.1 - security update
2019-03-29 00:00:00
ruby:2.5 bug fix and enhancement update
2019-11-05 17:38:32
ubuntucve
ubuntucve
CVE-2019-8323
2019-03-27 00:00:00
nvd
nvd
CVE-2019-8323
2019-06-17 20:15:10
cve
cve
CVE-2019-8323
2019-06-17 20:15:10
prion
prion
Design/Logic Flaw
2019-06-17 20:15:00
debiancve
debiancve
CVE-2019-8323
2019-06-17 20:15:10
alpinelinux
alpinelinux
CVE-2019-8323
2019-06-17 20:15:10
redhatcve
redhatcve
CVE-2019-8323
2020-04-02 08:32:55
cvelist
cvelist
CVE-2019-8323
2019-06-17 19:01:32
openvas
openvas
CentOS Update for ruby CESA-2019:1235 centos7
2019-05-22 00:00:00
Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2019-1597)
2020-01-23 00:00:00
Debian: Security Advisory (DLA-1735-1)
2019-04-02 00:00:00
amazon
amazon
Important: ruby
2019-07-18 18:14:00
Important: ruby20, ruby21, ruby24
2019-08-07 22:58:00
nessus
nessus
Amazon Linux 2 : ruby (ALAS-2019-1249)
2019-07-24 00:00:00
NewStart CGSL CORE 5.05 / MAIN 5.05 : ruby Multiple Vulnerabilities (NS-SA-2019-0084)
2019-08-12 00:00:00
EulerOS 2.0 SP5 : ruby (EulerOS-SA-2019-1597)
2019-05-29 00:00:00
f5
f5
centos
centos
ruby, rubygem, rubygems security update
2019-05-21 21:25:00
debian
debian
[SECURITY] [DLA 1735-1] ruby2.1 security update
2019-03-29 08:53:04
[SECURITY] [DSA 4433-1] ruby2.3 security update
2019-04-16 20:57:32
[SECURITY] [DLA 1796-1] jruby security update
2019-05-20 11:06:55
rocky
rocky
2.5 bug fix and enhancement update
2019-11-05 17:38:32
oraclelinux
oraclelinux
ruby security update
2019-05-16 00:00:00
ruby security update
2019-08-13 00:00:00
redhat
redhat
(RHSA-2019:1235) Important: ruby security update
2019-05-15 17:11:12
freebsd
freebsd
RubyGems -- multiple vulnerabilities
2019-03-05 00:00:00
fedora
fedora
[SECURITY] Fedora 28 Update: ruby-2.5.5-108.fc28
2019-05-10 01:35:27
[SECURITY] Fedora 29 Update: ruby-2.5.5-101.fc29
2019-05-03 03:43:05
cloudfoundry
cloudfoundry
USN-3945-1: Ruby vulnerabilities | Cloud Foundry
2019-04-12 00:00:00
ubuntu
ubuntu
Ruby vulnerabilities
2019-04-11 00:00:00
mageia
mageia
Updated jruby packages fix security vulnerabilities
2020-11-27 23:14:57
Updated ruby-RubyGems packages fix security vulnerability
2020-06-11 00:39:20
ibm
ibm
Security Bulletin: Vyatta 5600 vRouter Software Patches - Release 1801-z
2019-07-15 22:35:01
suse
suse
Security update for ruby-bundled-gems-rpmhelper, ruby2.5 (important)
2019-07-21 00:00:00