VDB

GCVE-110-MAGEIA-2017-482

GCVE-110-MAGEIA-2017-482
Advisory Published
Vulnetix · Advisory published December 31, 2017
An ANSI escape sequence vulnerability (CVE-2017-0899). A DoS vulnerability in the query command (CVE-2017-0900). A vulnerability in the gem installer that allowed a malicious gem to overwrite arbitrary files (CVE-2017-0901). A DNS request hijacking vulnerability (CVE-2017-0902). An unsafe object deserialization vulnerability that allows an attacker to inject an instance of an object of their choosing in the target system. A clever attacker can inject an object that is able to interact with the system in such a way that will allow the attacker to execute arbitrary code (CVE-2017-0903).

Affected Products

VendorProductVersionsPlatforms
Mageiaruby-RubyGems2.4.8-7.1.mga6 (unaffected), 0 (affected)
Mageiaruby-RubyGems0 (affected), 2.1.11-5.2.mga5 (unaffected)

Browse GCVE Records

73,393 records in the GCVE database · Updated July 17, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›