RHEL 7 : rh-ruby25-ruby (RHSA-2019:1148)
Discription

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:1148 advisory. rubygems: Delete directory using symlink when decompressing tar (CVE-2019-8320) rubygems: Escape sequence injection vulnerability in verbose (CVE-2019-8321) rubygems: Escape sequence injection vulnerability in gem owner (CVE-2019-8322) rubygems: Escape sequence injection vulnerability in API response handling (CVE-2019-8323) rubygems: Installing a malicious gem may lead to arbitrary code execution (CVE-2019-8324) rubygems: Escape sequence injection vulnerability in errors (CVE-2019-8325) Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version…Read More

Back to Main

Subscribe for the latest news: