[FREEBSD:1DAEA60A-4719-11DA-B5C6-0004614CC33D] ruby -- vulnerability in the safe level settings
Severity
High
Affected Packages
1
CVEs
1
Ruby home page reports:
The Object Oriented Scripting Language Ruby supports
safely executing an untrusted code with two mechanisms:
safe level and taint flag on objects.
A vulnerability has been found that allows bypassing
these mechanisms.
By using the vulnerability, arbitrary code can be executed
beyond the restrictions specified in each safe level.
Therefore, Ruby has to be updated on all systems that use
safe level to execute untrusted code.
Package | Affected Version |
---|---|
pkg:freebsd/ruby | > 1.6.*, < 1.6.8.2004.07.28_2 |
- ID
- FREEBSD:1DAEA60A-4719-11DA-B5C6-0004614CC33D
- Severity
- high
- Severity from
- CVE-2005-2337
- URL
- http://vuxml.freebsd.org/freebsd/1daea60a-4719-11da-b5c6-0004614cc33d.html
- Published
-
2005-10-02T00:00:00
(19 years ago) - Modified
-
2005-10-27T00:00:00
(19 years ago) - Rights
- FreeBSD VuXML Security Team
- Other Advisories
Source | # ID | Name | URL |
---|---|---|---|
FreeBSD VuXML | http://www.ruby-lang.org/en/20051003.html |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:freebsd/ruby | ruby | > 1.6.* < 1.6.8.2004.07.28_2 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |