vulnerability

Ubuntu: USN-3808-1 (CVE-2018-16396): Ruby vulnerabilities

Severity
7
CVSS
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
Published
Oct 17, 2018
Added
Nov 13, 2018
Modified
Nov 27, 2024

Description

An issue was discovered in Ruby before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.2, and 2.6.x before 2.6.0-preview3. It does not taint strings that result from unpacking tainted strings with some formats.

Solution(s)

ubuntu-upgrade-libruby1-9-1ubuntu-upgrade-libruby2-0ubuntu-upgrade-libruby2-3ubuntu-upgrade-libruby2-5ubuntu-upgrade-ruby1-9-1ubuntu-upgrade-ruby1-9-3ubuntu-upgrade-ruby2-0ubuntu-upgrade-ruby2-3ubuntu-upgrade-ruby2-5
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.