CVE-2017-0901
CVSS v3.0
7.5 (High)
CVSS v2.0
6.4 (Medium)
EPSS
0.88 % (83th)
Affected Products
9
Advisories
16
RubyGems version 2.6.12 and earlier fails to validate specification names, allowing a maliciously crafted gem to potentially overwrite any file on the filesystem.
Weaknesses
- CVE Status
- PUBLISHED
- CNA
- HackerOne
- Published Date
-
2017-08-31 20:29:00
(7 years ago) - Updated Date
-
2019-10-09 23:21:09
(5 years ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Configuration #2
|
Configuration #3
|
Configuration #4
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...