CVE-2022-29218 : RubyGems is a package registry used to supply software for the Ruby language eco

RubyGems is a package registry used to supply software for the Ruby language ecosystem. An ordering mistake in the code that accepts gem uploads allowed some gems (with platforms ending in numbers, like `arm64-darwin-21`) to be temporarily replaced in the CDN cache by a malicious package. The bug has been patched, and is believed to have never been exploited, based on an extensive review of logs and existing gems by rubygems. The easiest way to ensure that an application has not been exploited by this vulnerability is to verify all downloaded .gems checksums match the checksum recorded in the RubyGems.org database. RubyGems.org has been patched and is no longer vulnerable to this issue.

Published 2022-05-13 01:15:07

Updated 2022-12-02 23:00:32

Source GitHub, Inc.

View at NVD, CVE.org

Products affected by CVE-2022-29218

Rubygems » Rubygems.org » Version: N/A
cpe:2.3:a:rubygems:rubygems.org:-:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2022-29218

EPSS FAQ

0.24%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 47 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2022-29218

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
5.0	MEDIUM	AV:N/AC:L/Au:N/C:N/I:P/A:N	10.0	2.9	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: None Integrity Impact: Partial Availability Impact: None
7.5	HIGH	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N	3.9	3.6	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: None Integrity: High Availability: None
7.7	HIGH	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N	3.1	4.0	GitHub, Inc.
Attack Vector: Network Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Changed Confidentiality: None Integrity: High Availability: None

CWE ids for CVE-2022-29218

CWE-269 Improper Privilege Management

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

Assigned by: security-advisories@github.com (Primary)
CWE-290 Authentication Bypass by Spoofing

This attack-focused weakness is caused by incorrectly implemented authentication schemes that are subject to spoofing attacks.

Assigned by: security-advisories@github.com (Primary)
CWE-863 Incorrect Authorization

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.

Assigned by: nvd@nist.gov (Secondary)

References for CVE-2022-29218

https://security.netapp.com/advisory/ntap-20220629-0010/

CVE-2022-29218 RubyGems Vulnerability in NetApp Products | NetApp Product Security
Third Party Advisory
https://github.com/rubygems/rubygems.org/security/advisories/GHSA-2jmx-8mh8-pm8w

Unauthorized takeover for new versions of some platform-specific gems · Advisory · rubygems/rubygems.org · GitHub
Exploit;Third Party Advisory

Jump to

Vulnerability Details : CVE-2022-29218

Products affected by CVE-2022-29218

Exploit prediction scoring system (EPSS) score for CVE-2022-29218

CVSS scores for CVE-2022-29218

CWE ids for CVE-2022-29218

References for CVE-2022-29218