vulnerability
CentOS Linux: CVE-2018-16396: Moderate: ruby security update (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:N/AC:M/Au:N/C:P/I:P/A:P) | Nov 16, 2018 | Aug 28, 2019 | May 25, 2023 |
Severity
7
CVSS
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
Published
Nov 16, 2018
Added
Aug 28, 2019
Modified
May 25, 2023
Description
An issue was discovered in Ruby before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.2, and 2.6.x before 2.6.0-preview3. It does not taint strings that result from unpacking tainted strings with some formats.
Solutions
centos-upgrade-rubycentos-upgrade-ruby-debuginfocentos-upgrade-ruby-develcentos-upgrade-ruby-doccentos-upgrade-ruby-irbcentos-upgrade-ruby-libscentos-upgrade-ruby-tcltkcentos-upgrade-rubygem-bigdecimalcentos-upgrade-rubygem-io-consolecentos-upgrade-rubygem-jsoncentos-upgrade-rubygem-minitestcentos-upgrade-rubygem-psychcentos-upgrade-rubygem-rakecentos-upgrade-rubygem-rdoccentos-upgrade-rubygemscentos-upgrade-rubygems-devel
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.