Ruby CVE-2017-17405 Multiple Command Execution Vulnerabilities

Bugtraq ID: 102204
Class: Input Validation Error
CVE: CVE-2017-17405
Remote: Yes
Local: No
Published: Dec 14 2017 12:00AM
Updated: Dec 18 2017 06:13PM
Credit: Etienne Stalmans from the Heroku product security team.
Vulnerable: Ruby-Lang Ruby 2.4.2
Ruby-Lang Ruby 2.4.1
Ruby-Lang Ruby 2.3.5
Ruby-Lang Ruby 2.3.4
Ruby-Lang Ruby 2.3
Ruby-Lang Ruby 2.2.8
Ruby-Lang Ruby 2.2.7
Ruby-Lang Ruby 2.4.0
Ruby-Lang Ruby 2.2.2
Redhat Subscription Asset Manager 1.0.0
Not Vulnerable: Ruby-Lang Ruby 2.4.3
Ruby-Lang Ruby 2.3.6
Ruby-Lang Ruby 2.2.9


 

Privacy Statement
Copyright 2010, SecurityFocus