An issue was discovered in RubyGems 2.6 and later through 3.0.2. Since Gem::UserInteraction#verbose calls say without escaping, escape sequence injection is possible.

References

bugzilla.redhat.com/show_bug.cgi?id=1692514

nvd.nist.gov/vuln/detail/CVE-2019-8321

www.cve.org/CVERecord?id=CVE-2019-8321

alpinelinux 1

openvas 14

cve 1

nvd 1

osv 6

nessus 18

cvelist 1

prion 1

ubuntucve 1

debiancve 1

veracode 1

github 1

rubygems 1

centos 1

rocky 1

oraclelinux 2

redhat 5

fedora 2

cloudfoundry 1

debian 3

ubuntu 1

amazon 1

freebsd 1

mageia 2

suse 1

ibm 1

alpinelinux

CVE-2019-8321

2019-06-17 20:15:10

openvas

Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2019-1932)

2020-01-23 00:00:00

Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2019-1895)

2020-01-23 00:00:00

Fedora Update for ruby FEDORA-2019-feac6674b7

2019-05-10 00:00:00

cve

CVE-2019-8321

2019-06-17 20:15:10

nvd

CVE-2019-8321

2019-06-17 20:15:10

osv

RubyGems Escape sequence injection vulnerability in verbose

2019-06-20 16:06:04

CVE-2019-8321

2019-06-17 20:15:10

ruby:2.5 bug fix and enhancement update

2019-11-05 17:38:32

nessus

EulerOS 2.0 SP5 : ruby (EulerOS-SA-2019-1895)

2019-09-16 00:00:00

EulerOS Virtualization for ARM 64 3.0.2.0 : ruby (EulerOS-SA-2019-1932)

2019-09-17 00:00:00

Amazon Linux AMI : ruby20 / ruby21, ruby24 (ALAS-2019-1255)

2019-08-13 00:00:00

cvelist

CVE-2019-8321

2019-06-17 19:02:34

prion

Design/Logic Flaw

2019-06-17 20:15:00

ubuntucve

CVE-2019-8321

2019-03-27 00:00:00

debiancve

CVE-2019-8321

2019-06-17 20:15:10

veracode

Escape Sequence Injection

2019-05-16 04:01:21

github

RubyGems Escape sequence injection vulnerability in verbose

2019-06-20 16:06:04

rubygems

Escape sequence injection vulnerability in verbose

2019-03-04 21:00:00

centos

ruby, rubygem, rubygems security update

2019-05-21 21:25:00

rocky

2.5 bug fix and enhancement update

2019-11-05 17:38:32

oraclelinux

ruby security update

2019-05-16 00:00:00

ruby security update

2019-08-13 00:00:00

redhat

(RHSA-2019:1235) Important: ruby security update

2019-05-15 17:11:12

(RHSA-2019:1150) Important: rh-ruby24-ruby security, bug fix, and enhancement update

2019-05-13 09:00:24

(RHSA-2019:1429) Important: CloudForms 4.7.5 security, bug fix and enhancement update

2019-06-11 05:28:05

fedora

[SECURITY] Fedora 28 Update: ruby-2.5.5-108.fc28

2019-05-10 01:35:27

[SECURITY] Fedora 29 Update: ruby-2.5.5-101.fc29

2019-05-03 03:43:05

cloudfoundry

USN-3945-1: Ruby vulnerabilities | Cloud Foundry

2019-04-12 00:00:00

debian

[SECURITY] [DSA 4433-1] ruby2.3 security update

2019-04-16 20:57:32

[SECURITY] [DLA 1796-1] jruby security update

2019-05-20 11:06:55

[SECURITY] [DLA 2330-1] jruby security update

2020-08-16 13:13:11

ubuntu

Ruby vulnerabilities

2019-04-11 00:00:00

amazon

Important: ruby20, ruby21, ruby24

2019-08-07 22:58:00

freebsd

RubyGems -- multiple vulnerabilities

2019-03-05 00:00:00

mageia

Updated jruby packages fix security vulnerabilities

2020-11-27 23:14:57

Updated ruby-RubyGems packages fix security vulnerability

2020-06-11 00:39:20

suse

Security update for ruby-bundled-gems-rpmhelper, ruby2.5 (important)

2019-07-21 00:00:00

ibm

Security Bulletin: Vyatta 5600 vRouter Software Patches - Release 1801-z

2019-07-15 22:35:01

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

EPSS

0.002

Percentile

58.3%

JSON

Related for RH:CVE-2019-8321