[USN-1603-1] Ruby vulnerabilities
Severity
Medium
CVEs
2
Ruby could allow excessive access in untrusted programs.
Shugo Maedo and Vit Ondruch discovered that Ruby incorrectly allowed untainted
strings to be modified in protective safe levels. An attacker could use this
flaw to bypass intended access restrictions. (CVE-2012-4466, CVE-2012-4481)
- ID
- USN-1603-1
- Severity
- medium
- Severity from
- CVE-2012-4466
- URL
- https://ubuntu.com/security/notices/USN-1603-1
- Published
-
2012-10-10T22:27:18
(12 years ago) - Modified
-
2012-10-10T22:27:18
(12 years ago) - Other Advisories
-
- ALAS-2012-139
- ALAS-2013-173
- ELSA-2013-0129
- ELSA-2013-0612
- FEDORA-2012-15376
- FEDORA-2012-15395
- FEDORA-2012-15507
- FEDORA-2012-16086
- FEDORA-2012-18017
- FEDORA-2013-12062
- FEDORA-2013-3038
- FEDORA-2013-8411
- FREEBSD:2A093853-2495-11E2-B0C7-000D601460A4
- GLSA-201412-27
- RHSA-2013:0612
- USN-1602-1
- USN-1603-2
- USN-1614-1
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |