Lucene search
PRIOn knowledge basePRION:CVE-2019-8324HistoryJun 17, 2019 - 7:15 p.m.
Code injection
2019-06-1719:15:00
PRIOn knowledge base
www.prio-n.com
5
An issue was discovered in RubyGems 2.6 and later through 3.0.2. A crafted gem with a multi-line name is not handled correctly. Therefore, an attacker could inject arbitrary code to the stub line of gemspec, which is eval-ed by code in ensure_loadable_spec during the preinstall check.
Related
attackerkb
attackerkb
Installing a malicious gem may lead to arbitrary code execution
2020-03-17 00:00:00
almalinux
almalinux
Important: ruby:2.5 security update
2019-07-30 11:16:25
nessus
nessus
CentOS 8 : ruby:2.5 (CESA-2019:1972)
2021-01-29 00:00:00
RHEL 6 / 7 : rh-ruby23-ruby (RHSA-2019:1151)
2024-04-28 00:00:00
Rocky Linux 8 : ruby:2.5 (RLSA-2019:1972)
2023-11-06 00:00:00
osv
osv
Important: ruby:2.5 security update
2019-07-30 11:16:25
Code injection in RubyGems
2019-06-20 16:06:11
Important: ruby:2.5 security update
2019-07-30 11:16:25
nvd
nvd
CVE-2019-8324
2019-06-17 19:15:11
alpinelinux
alpinelinux
CVE-2019-8324
2019-06-17 19:15:11
redhatcve
redhatcve
CVE-2019-8324
2019-10-16 00:15:52
debiancve
debiancve
CVE-2019-8324
2019-06-17 19:15:11
github
github
Code injection in RubyGems
2019-06-20 16:06:11
ubuntucve
ubuntucve
CVE-2019-8324
2019-03-27 00:00:00
oraclelinux
oraclelinux
ruby:2.5 security update
2019-08-05 00:00:00
ruby security update
2019-05-16 00:00:00
ruby security update
2019-08-13 00:00:00
redhat
redhat
(RHSA-2019:1972) Important: ruby:2.5 security update
2019-07-30 11:16:25
(RHSA-2019:1151) Important: rh-ruby23-ruby security update
2019-05-13 09:02:13
(RHSA-2019:1235) Important: ruby security update
2019-05-15 17:11:12
cve
cve
CVE-2019-8324
2019-06-17 19:15:11
rocky
rocky
ruby:2.5 security update
2019-07-30 11:16:25
veracode
veracode
Arbitrary Code Execution
2019-05-16 03:48:47
cvelist
cvelist
CVE-2019-8324
2019-06-17 18:59:30
openvas
openvas
CentOS Update for ruby CESA-2019:1235 centos7
2019-05-22 00:00:00
Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2019-1597)
2020-01-23 00:00:00
Debian: Security Advisory (DLA-1735-1)
2019-04-02 00:00:00
amazon
amazon
Important: ruby
2019-07-18 18:14:00
Important: ruby20, ruby21, ruby24
2019-08-07 22:58:00
f5
f5
debian
debian
[SECURITY] [DLA 1735-1] ruby2.1 security update
2019-03-29 08:53:04
[SECURITY] [DSA 4433-1] ruby2.3 security update
2019-04-16 20:57:32
[SECURITY] [DLA 1796-1] jruby security update
2019-05-20 11:06:55
centos
centos
ruby, rubygem, rubygems security update
2019-05-21 21:25:00
fedora
fedora
[SECURITY] Fedora 29 Update: ruby-2.5.5-101.fc29
2019-05-03 03:43:05
[SECURITY] Fedora 28 Update: ruby-2.5.5-108.fc28
2019-05-10 01:35:27
cloudfoundry
cloudfoundry
USN-3945-1: Ruby vulnerabilities | Cloud Foundry
2019-04-12 00:00:00
freebsd
freebsd
RubyGems -- multiple vulnerabilities
2019-03-05 00:00:00
ubuntu
ubuntu
Ruby vulnerabilities
2019-04-11 00:00:00
mageia
mageia
Updated jruby packages fix security vulnerabilities
2020-11-27 23:14:57
Updated ruby-RubyGems packages fix security vulnerability
2020-06-11 00:39:20
ibm
ibm
Security Bulletin: Vyatta 5600 vRouter Software Patches - Release 1801-z
2019-07-15 22:35:01
suse
suse
Security update for ruby-bundled-gems-rpmhelper, ruby2.5 (important)
2019-07-21 00:00:00