Vulnetix
Try Vulnetix Request Demo
GCVE-VVD-MAGEIA-2017-290
Advisory Published
Vulnetix · Advisory published August 20, 2017
It was discovered that Ruby Net::SMTP incorrectly handled CRLF sequences. A remote attacker could possibly use this issue to inject SMTP commands. (CVE-2015-9096) Marcin Noga discovered that Ruby incorrectly handled certain arguments in a TclTkIp class method. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 14.04 LTS. (CVE-2016-2337) It was discovered that Ruby Fiddle::Function.new incorrectly handled certain arguments. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 14.04 LTS. (CVE-2016-2339)
Download JSON Open in Console

Affected Products

VendorProductVersionsPlatforms
Mageiaruby0 (affected), 2.0.0.p648-1.4.mga5 (unaffected)
Mageiaruby0 (affected), 2.2.7-1.mga6 (unaffected)

Aliases

CVE-2016-2339CVE-2016-2337

Transitive aliases

VVD-GENTOO-2017-605536GSD-2016-2337EUVD-2016-3421GHSA-f58m-77qc-8gjvBDU:2017-01650EUVD-2016-3423CNVD-2016-04316BDU:2017-01651GHSA-c4w7-m676-pcvp

References

Updated ruby packages fix security vulnerabilities
advisory
Updated ruby packages fix security vulnerabilities
advisory
Updated ruby packages fix security vulnerabilities
issue

Browse GCVE Records

100 records in the GCVE database · Updated April 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

Open in Console Download JSON