Lucene search
Veracode Vulnerability DatabaseVERACODE:27520HistoryOct 04, 2020 - 4:48 a.m.
Directory Traversal
2020-10-0404:48:56
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
142
ruby
directory traversal
vulnerability
file.fnmatch
mishandles
path checking
software
EPSS
0.004
Percentile
74.4%
ruby is vulnerable to directory traversal. It mishandles path checking within File.fnmatch functions.
References
lists.opensuse.org/opensuse-security-announce/2020-03/msg00041.html
hackerone.com/reports/449617
lists.debian.org/debian-lts-announce/2019/11/msg00025.html
seclists.org/bugtraq/2019/Dec/31
seclists.org/bugtraq/2019/Dec/32
security.gentoo.org/glsa/202003-06
usn.ubuntu.com/4201-1/
www.debian.org/security/2019/dsa-4587
www.oracle.com/security-alerts/cpujan2020.html
Related
nvd
nvd
CVE-2019-15845
2019-11-26 17:15:11
ubuntucve
ubuntucve
CVE-2019-15845
2019-11-20 00:00:00
cbl_mariner
cbl_mariner
CVE-2019-15845 affecting package ruby 2.6.3-3
2021-06-09 03:50:37
debiancve
debiancve
CVE-2019-15845
2019-11-26 17:15:11
rubygems
rubygems
A NUL injection vulnerability of File.fnmatch and File.fnmatch?
2019-09-30 21:00:00
osv
osv
CVE-2019-15845
2019-11-26 17:15:11
ruby2.3 - security update
2019-12-17 00:00:00
ruby2.1 - security update
2019-11-25 00:00:00
alpinelinux
alpinelinux
CVE-2019-15845
2019-11-26 17:15:11
cvelist
cvelist
CVE-2019-15845
2019-11-26 16:45:08
prion
prion
Design/Logic Flaw
2019-11-26 17:15:00
redhatcve
redhatcve
CVE-2019-15845
2020-01-09 14:09:04
cve
cve
CVE-2019-15845
2019-11-26 17:15:11
nessus
nessus
Photon OS 2.0: Ruby PHSA-2019-2.0-0196
2020-01-16 00:00:00
EulerOS 2.0 SP5 : ruby (EulerOS-SA-2020-1324)
2020-03-23 00:00:00
Photon OS 1.0: Ruby PHSA-2019-1.0-0263
2020-01-16 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2020-1324)
2020-03-24 00:00:00
Debian: Security Advisory (DSA-4587-1)
2019-12-18 00:00:00
Mageia: Security Advisory (MGASA-2019-0408)
2022-01-28 00:00:00
debian
debian
[SECURITY] [DSA 4587-1] ruby2.3 security update
2019-12-17 09:56:14
[SECURITY] [DSA 4586-1] ruby2.5 security update
2019-12-17 09:37:05
[SECURITY] [DSA 4587-1] ruby2.3 security update
2019-12-17 09:56:14
freebsd
freebsd
ruby -- multiple vulnerabilities
2019-10-01 00:00:00
gentoo
gentoo
Ruby: Multiple vulnerabilities
2020-03-13 00:00:00
symantec
symantec
Ruby Multiple Security Vulnerabilities
2019-10-01 00:00:00
ubuntu
ubuntu
Ruby vulnerabilities
2019-11-26 00:00:00
mageia
mageia
Updated ruby packages fix security vulnerabilities
2019-12-25 22:08:41
cloudfoundry
cloudfoundry
USN-4201-1: Ruby vulnerabilities | Cloud Foundry
2019-12-05 00:00:00
archlinux
archlinux
[ASA-201910-2] ruby: multiple issues
2019-10-02 00:00:00
[ASA-201910-5] ruby2.5: multiple issues
2019-10-02 00:00:00
amazon
amazon
Important: ruby
2024-02-29 10:03:00
Important: ruby24
2020-08-26 23:09:00
suse
suse
Recommended update for ruby2.5 (important)
2020-03-28 00:00:00
photon
photon
rocky
rocky
ruby:2.5 security, bug fix, and enhancement update
2021-06-29 13:58:20
ruby:2.6 security, bug fix, and enhancement update
2021-06-29 13:58:40
redhat
redhat
oraclelinux
oraclelinux
ruby:2.5 security, bug fix, and enhancement update
2021-07-02 00:00:00
ruby:2.6 security, bug fix, and enhancement update
2021-07-07 00:00:00
almalinux
almalinux
Moderate: ruby:2.5 security, bug fix, and enhancement update
2021-06-29 13:58:20
Moderate: ruby:2.6 security, bug fix, and enhancement update
2021-06-29 13:58:40
ibm
ibm
oracle
oracle
Oracle Critical Patch Update Advisory - January 2020
2020-01-14 00:00:00