VDB
MGASA-2018-0411
MGASA-2018-0411
PUBLISHED
CVSS 7 HIGH
Updated ruby packages fix security vulnerability
Risk Scores
CVSS v4.0
7
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Mageia:6 | ruby | 0, 0 |
Timeline
- Oct 26, 2018 CVE Published
- Apr 16, 2026 CVE Updated
References
- https://advisories.mageia.org/MGASA-2018-0411.html advisory
- https://bugs.mageia.org/show_bug.cgi?id=22844 report
- https://www.ruby-lang.org/en/news/2018/03/28/http-response-splitting-in-webrick-cve-2017-17742/ url
- https://www.ruby-lang.org/en/news/2018/03/28/unintentional-file-and-directory-creation-with-directory-traversal-cve-2018-6914/ url
- https://www.ruby-lang.org/en/news/2018/03/28/large-request-dos-in-webrick-cve-2018-8777/ url
- https://www.ruby-lang.org/en/news/2018/03/28/buffer-under-read-unpack-cve-2018-8778/ url
- https://www.ruby-lang.org/en/news/2018/03/28/poisoned-nul-byte-unixsocket-cve-2018-8779/ url
- https://www.ruby-lang.org/en/news/2018/03/28/poisoned-nul-byte-dir-cve-2018-8780/ url
- https://www.ruby-lang.org/en/news/2018/10/17/openssl-x509-name-equality-check-does-not-work-correctly-cve-2018-16395/ url
- https://www.ruby-lang.org/en/news/2018/10/17/not-propagated-taint-flag-in-some-formats-of-pack-cve-2018-16396/ url
- https://www.ruby-lang.org/en/news/2018/03/28/ruby-2-2-10-released/ url