Vulnerability Details : CVE-2018-1000079
RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 series: 2.4.3 and earlier, Ruby 2.5 series: 2.5.0 and earlier, prior to trunk revision 62422 contains a Directory Traversal vulnerability in gem installation that can result in the gem could write to arbitrary filesystem locations during installation. This attack appear to be exploitable via the victim must install a malicious gem. This vulnerability appears to have been fixed in 2.7.6.
Vulnerability category: Directory traversal
Products affected by CVE-2018-1000079
- cpe:2.3:a:rubygems:rubygems:*:*:*:*:*:*:*:*
- cpe:2.3:a:rubygems:rubygems:*:*:*:*:*:*:*:*
- cpe:2.3:a:rubygems:rubygems:*:*:*:*:*:*:*:*
- cpe:2.3:a:rubygems:rubygems:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2018-1000079
1.03%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 82 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2018-1000079
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.3
|
MEDIUM | AV:N/AC:M/Au:N/C:N/I:P/A:N |
8.6
|
2.9
|
NIST | |
5.5
|
MEDIUM | CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N |
1.8
|
3.6
|
NIST |
CWE ids for CVE-2018-1000079
-
The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.Assigned by: nvd@nist.gov (Primary)
References for CVE-2018-1000079
-
https://access.redhat.com/errata/RHSA-2020:0542
RHSA-2020:0542 - Security Advisory - Red Hat Customer Portal
-
https://usn.ubuntu.com/3621-1/
USN-3621-1: Ruby vulnerabilities | Ubuntu security notices
-
http://blog.rubygems.org/2018/02/15/2.7.6-released.html
2.7.6 Released - RubyGems BlogVendor Advisory
-
https://www.debian.org/security/2018/dsa-4259
Debian -- Security Information -- DSA-4259-1 ruby2.3
-
https://access.redhat.com/errata/RHSA-2018:3731
RHSA-2018:3731 - Security Advisory - Red Hat Customer Portal
-
https://access.redhat.com/errata/RHSA-2018:3729
RHSA-2018:3729 - Security Advisory - Red Hat Customer Portal
-
https://lists.debian.org/debian-lts-announce/2018/07/msg00012.html
[SECURITY] [DLA 1421-1] ruby2.1 security update
-
https://access.redhat.com/errata/RHSA-2020:0591
RHSA-2020:0591 - Security Advisory - Red Hat Customer Portal
-
https://access.redhat.com/errata/RHSA-2018:3730
RHSA-2018:3730 - Security Advisory - Red Hat Customer Portal
-
https://github.com/rubygems/rubygems/commit/666ef793cad42eed96f7aee1cdf77865db921099
Implement a safe mkdir for package that verifies were inside the dest… · rubygems/rubygems@666ef79 · GitHubPatch;Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00036.html
[security-announce] openSUSE-SU-2019:1771-1: important: Security update
-
https://access.redhat.com/errata/RHSA-2020:0663
RHSA-2020:0663 - Security Advisory - Red Hat Customer Portal
-
https://github.com/rubygems/rubygems/commit/f83f911e19e27cbac1ccce7471d96642241dd759
Add bug fix for #270068 · rubygems/rubygems@f83f911 · GitHubPatch;Third Party Advisory
-
https://www.debian.org/security/2018/dsa-4219
Debian -- Security Information -- DSA-4219-1 jruby
-
https://access.redhat.com/errata/RHSA-2019:2028
RHSA-2019:2028 - Security Advisory - Red Hat Customer Portal
Jump to