Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2019-3881 (GCVE-0-2019-3881)
Vulnerability from cvelistv5 – Published: 2020-09-04 00:00 – Updated: 2024-08-04 19:19
VLAI?
EPSS
Summary
Bundler prior to 2.1.0 uses a predictable path in /tmp/, created with insecure permissions as a storage location for gems, if locations under the user's home directory are not available. If Bundler is used in a scenario where the user does not have a writable home directory, an attacker could place malicious code in this directory that would be later loaded and executed.
Severity ?
No CVSS data available.
CWE
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | rubygem-bundler |
Affected:
bundler versions before 2.1.0
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:19:18.600Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1651826"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "rubygem-bundler",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "bundler versions before 2.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Bundler prior to 2.1.0 uses a predictable path in /tmp/, created with insecure permissions as a storage location for gems, if locations under the user\u0027s home directory are not available. If Bundler is used in a scenario where the user does not have a writable home directory, an attacker could place malicious code in this directory that would be later loaded and executed."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-427",
"description": "CWE-427",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-07T00:00:00.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1651826"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2019-3881",
"datePublished": "2020-09-04T00:00:00.000Z",
"dateReserved": "2019-01-03T00:00:00.000Z",
"dateUpdated": "2024-08-04T19:19:18.600Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
GHSA-G98M-96G9-WFJQ
Vulnerability from github – Published: 2021-05-10 14:53 – Updated: 2023-07-05 20:18
VLAI?
Summary
Insecure path handling in Bundler
Details
Bundler prior to 2.1.0 uses a predictable path in /tmp/, created with insecure permissions as a storage location for gems, if locations under the user's home directory are not available. If Bundler is used in a scenario where the user does not have a writable home directory, an attacker could place malicious code in this directory that would be later loaded and executed.
Severity ?
7.0 (High)
{
"affected": [
{
"package": {
"ecosystem": "RubyGems",
"name": "bundler"
},
"ranges": [
{
"events": [
{
"introduced": "1.14.0"
},
{
"fixed": "2.1.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2019-3881"
],
"database_specific": {
"cwe_ids": [
"CWE-427",
"CWE-552"
],
"github_reviewed": true,
"github_reviewed_at": "2021-05-04T22:52:44Z",
"nvd_published_at": "2020-09-04T12:15:00Z",
"severity": "HIGH"
},
"details": "Bundler prior to 2.1.0 uses a predictable path in `/tmp/`, created with insecure permissions as a storage location for gems, if locations under the user\u0027s home directory are not available. If Bundler is used in a scenario where the user does not have a writable home directory, an attacker could place malicious code in this directory that would be later loaded and executed.",
"id": "GHSA-g98m-96g9-wfjq",
"modified": "2023-07-05T20:18:22Z",
"published": "2021-05-10T14:53:59Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3881"
},
{
"type": "WEB",
"url": "https://github.com/rubygems/bundler/issues/6501"
},
{
"type": "WEB",
"url": "https://github.com/rubygems/bundler/pull/7416/commits/65cfebb041c454c246aaf32a177b0243915a9998"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1651826"
},
{
"type": "ADVISORY",
"url": "https://github.com/advisories/GHSA-g98m-96g9-wfjq"
},
{
"type": "PACKAGE",
"url": "https://github.com/rubygems/bundler"
},
{
"type": "WEB",
"url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/bundler/CVE-2019-3881.yml"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Insecure path handling in Bundler"
}
GSD-2019-3881
Vulnerability from gsd - Updated: 2018-04-23 00:00Details
Bundler prior to 2.1.0 uses a predictable path in /tmp/, created with
insecure permissions as a storage location for gems, if locations under the user's
home directory are not available. If Bundler is used in a scenario where the user
does not have a writable home directory, an attacker could place malicious code
in this directory that would be later loaded and executed.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2019-3881",
"description": "Bundler prior to 2.1.0 uses a predictable path in /tmp/, created with insecure permissions as a storage location for gems, if locations under the user\u0027s home directory are not available. If Bundler is used in a scenario where the user does not have a writable home directory, an attacker could place malicious code in this directory that would be later loaded and executed.",
"id": "GSD-2019-3881",
"references": [
"https://www.suse.com/security/cve/CVE-2019-3881.html",
"https://access.redhat.com/errata/RHSA-2021:2588",
"https://access.redhat.com/errata/RHSA-2021:2230",
"https://linux.oracle.com/cve/CVE-2019-3881.html",
"https://ubuntu.com/security/CVE-2019-3881"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"affected": [
{
"package": {
"ecosystem": "RubyGems",
"name": "bundler",
"purl": "pkg:gem/bundler"
}
}
],
"aliases": [
"CVE-2019-3881",
"GHSA-g98m-96g9-wfjq"
],
"details": "Bundler prior to 2.1.0 uses a predictable path in /tmp/, created with\ninsecure permissions as a storage location for gems, if locations under the user\u0027s\nhome directory are not available. If Bundler is used in a scenario where the user\ndoes not have a writable home directory, an attacker could place malicious code\nin this directory that would be later loaded and executed.\n",
"id": "GSD-2019-3881",
"modified": "2018-04-23T00:00:00.000Z",
"published": "2018-04-23T00:00:00.000Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/advisories/GHSA-g98m-96g9-wfjq"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": 7.0,
"type": "CVSS_V3"
}
],
"summary": "Insecure path handling in Bundler"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2019-3881",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "rubygem-bundler",
"version": {
"version_data": [
{
"version_value": "bundler versions before 2.1.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Bundler prior to 2.1.0 uses a predictable path in /tmp/, created with insecure permissions as a storage location for gems, if locations under the user\u0027s home directory are not available. If Bundler is used in a scenario where the user does not have a writable home directory, an attacker could place malicious code in this directory that would be later loaded and executed."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-427"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1651826",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1651826"
}
]
}
},
"github.com/rubysec/ruby-advisory-db": {
"cve": "2019-3881",
"cvss_v3": 7.0,
"date": "2018-04-23",
"description": "Bundler prior to 2.1.0 uses a predictable path in /tmp/, created with\ninsecure permissions as a storage location for gems, if locations under the user\u0027s\nhome directory are not available. If Bundler is used in a scenario where the user\ndoes not have a writable home directory, an attacker could place malicious code\nin this directory that would be later loaded and executed.\n",
"gem": "bundler",
"ghsa": "g98m-96g9-wfjq",
"patched_versions": [
"\u003e= 2.1.0"
],
"title": "Insecure path handling in Bundler",
"unaffected_versions": [
"\u003c 1.14.0"
],
"url": "https://github.com/advisories/GHSA-g98m-96g9-wfjq"
},
"gitlab.com": {
"advisories": [
{
"affected_range": "\u003c2.1.0",
"affected_versions": "All versions before 2.1.0",
"cvss_v2": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"cvss_v3": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"cwe_ids": [
"CWE-1035",
"CWE-552",
"CWE-937"
],
"date": "2020-09-16",
"description": "Bundler uses a predictable path in /tmp/, created with insecure permissions as a storage location for gems, if locations under the user\u0027s home directory are not available. If Bundler is used in a scenario where the user does not have a writable home directory, an attacker could place malicious code in this directory that would be later loaded and executed.",
"fixed_versions": [
"2.1.0"
],
"identifier": "CVE-2019-3881",
"identifiers": [
"CVE-2019-3881"
],
"not_impacted": "All versions starting from 2.1.0",
"package_slug": "gem/bundler",
"pubdate": "2020-09-04",
"solution": "Upgrade to version 2.1.0 or above.",
"title": "Files or Directories Accessible to External Parties",
"urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2019-3881",
"https://bugzilla.redhat.com/show_bug.cgi?id=1651826"
],
"uuid": "6824d25e-fcf5-47a9-8492-8c2393aec12d"
}
]
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:bundler:bundler:*:*:*:*:*:ruby:*:*",
"cpe_name": [],
"versionEndExcluding": "2.1.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2019-3881"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Bundler prior to 2.1.0 uses a predictable path in /tmp/, created with insecure permissions as a storage location for gems, if locations under the user\u0027s home directory are not available. If Bundler is used in a scenario where the user does not have a writable home directory, an attacker could place malicious code in this directory that would be later loaded and executed."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-427"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1651826",
"refsource": "MISC",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1651826"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": true
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
},
"lastModifiedDate": "2022-11-08T19:50Z",
"publishedDate": "2020-09-04T12:15Z"
}
}
}
cve-2019-3881
Vulnerability from osv_almalinux
Published
2021-06-29 13:58
Modified
2023-09-15 13:41
Summary
Moderate: ruby:2.6 security, bug fix, and enhancement update
Details
Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks.
The following packages have been upgraded to a later upstream version: ruby (2.6.7). (BZ#1952627)
Security Fix(es):
-
rubygem-bundler: Insecure permissions on directory in /tmp/ allows for execution of malicious code (CVE-2019-3881)
-
ruby: NUL injection vulnerability of File.fnmatch and File.fnmatch? (CVE-2019-15845)
-
ruby: Regular expression denial of service vulnerability of WEBrick's Digest authentication (CVE-2019-16201)
-
ruby: Code injection via command argument of Shell#test / Shell#[] (CVE-2019-16255)
-
rubygem-json: Unsafe object creation vulnerability in JSON (CVE-2020-10663)
-
ruby: BasicSocket#read_nonblock method leads to information disclosure (CVE-2020-10933)
-
ruby: Potential HTTP request smuggling in WEBrick (CVE-2020-25613)
-
ruby: XML round-trip vulnerability in REXML (CVE-2021-28965)
-
ruby: HTTP response splitting in WEBrick (CVE-2019-16254)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
- Resolv::DNS: ruby:2.6/ruby: timeouts if multiple IPv6 name servers are given and address contains leading zero [almalinux-8] (BZ#1954968)
{
"affected": [
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "rubygem-abrt"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.3.0-4.module_el8.5.0+259+8cec6917"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "rubygem-abrt"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.3.0-4.module_el8.5.0+2623+08a8ba32"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "rubygem-abrt-doc"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.3.0-4.module_el8.5.0+259+8cec6917"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "rubygem-abrt-doc"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.3.0-4.module_el8.5.0+2623+08a8ba32"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "rubygem-bson"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.5.0-1.module_el8.5.0+2623+08a8ba32"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "rubygem-bson"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.5.0-1.module_el8.5.0+250+ba22dbf7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "rubygem-bson-doc"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.5.0-1.module_el8.5.0+250+ba22dbf7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "rubygem-bson-doc"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.5.0-1.module_el8.5.0+2623+08a8ba32"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "rubygem-mongo"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.8.0-1.module_el8.5.0+250+ba22dbf7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "rubygem-mongo"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.8.0-1.module_el8.5.0+2623+08a8ba32"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "rubygem-mongo-doc"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.8.0-1.module_el8.5.0+250+ba22dbf7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "rubygem-mongo-doc"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.8.0-1.module_el8.5.0+2623+08a8ba32"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "rubygem-mysql2"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.5.2-1.module_el8.5.0+250+ba22dbf7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "rubygem-mysql2"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.5.2-1.module_el8.5.0+2623+08a8ba32"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "rubygem-mysql2-doc"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.5.2-1.module_el8.5.0+250+ba22dbf7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "rubygem-mysql2-doc"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.5.2-1.module_el8.5.0+2623+08a8ba32"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "rubygem-pg"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.1.4-1.module_el8.5.0+250+ba22dbf7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "rubygem-pg"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.1.4-1.module_el8.5.0+2623+08a8ba32"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "rubygem-pg-doc"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.1.4-1.module_el8.5.0+2623+08a8ba32"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "rubygem-pg-doc"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.1.4-1.module_el8.5.0+250+ba22dbf7"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"details": "Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks.\n\nThe following packages have been upgraded to a later upstream version: ruby (2.6.7). (BZ#1952627)\n\nSecurity Fix(es):\n\n* rubygem-bundler: Insecure permissions on directory in /tmp/ allows for execution of malicious code (CVE-2019-3881)\n\n* ruby: NUL injection vulnerability of File.fnmatch and File.fnmatch? (CVE-2019-15845)\n\n* ruby: Regular expression denial of service vulnerability of WEBrick\u0027s Digest authentication (CVE-2019-16201)\n\n* ruby: Code injection via command argument of Shell#test / Shell#[] (CVE-2019-16255)\n\n* rubygem-json: Unsafe object creation vulnerability in JSON (CVE-2020-10663)\n\n* ruby: BasicSocket#read_nonblock method leads to information disclosure (CVE-2020-10933)\n\n* ruby: Potential HTTP request smuggling in WEBrick (CVE-2020-25613)\n\n* ruby: XML round-trip vulnerability in REXML (CVE-2021-28965)\n\n* ruby: HTTP response splitting in WEBrick (CVE-2019-16254)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* Resolv::DNS: ruby:2.6/ruby: timeouts if multiple IPv6 name servers are given and address contains leading zero [almalinux-8] (BZ#1954968)",
"id": "ALSA-2021:2588",
"modified": "2023-09-15T13:41:48Z",
"published": "2021-06-29T13:58:40Z",
"references": [
{
"type": "ADVISORY",
"url": "https://errata.almalinux.org/8/ALSA-2021-2588.html"
},
{
"type": "REPORT",
"url": "https://vulners.com/cve/CVE-2019-15845"
},
{
"type": "REPORT",
"url": "https://vulners.com/cve/CVE-2019-16201"
},
{
"type": "REPORT",
"url": "https://vulners.com/cve/CVE-2019-16254"
},
{
"type": "REPORT",
"url": "https://vulners.com/cve/CVE-2019-16255"
},
{
"type": "REPORT",
"url": "https://vulners.com/cve/CVE-2019-3881"
},
{
"type": "REPORT",
"url": "https://vulners.com/cve/CVE-2020-10663"
},
{
"type": "REPORT",
"url": "https://vulners.com/cve/CVE-2020-10933"
},
{
"type": "REPORT",
"url": "https://vulners.com/cve/CVE-2020-25613"
},
{
"type": "REPORT",
"url": "https://vulners.com/cve/CVE-2021-28965"
}
],
"related": [
"CVE-2019-3881",
"CVE-2019-15845",
"CVE-2019-16201",
"CVE-2019-16255",
"CVE-2020-10663",
"CVE-2020-10933",
"CVE-2020-25613",
"CVE-2021-28965",
"CVE-2019-16254"
],
"summary": "Moderate: ruby:2.6 security, bug fix, and enhancement update"
}
CVE-2019-3881
Vulnerability from fstec - Published: 30.07.2019
VLAI Severity ?
Title
Уязвимость менеджера управления пакетами gems проектов Ruby Bundler, связанная с использованием файлов и каталогов, доступных внешним сторонам, позволяющая нарушителю выполнить произвольный код
Description
Уязвимость менеджера управления пакетами gems проектов Ruby Bundler связана с использованием файлов и каталогов, доступных внешним сторонам. Эксплуатация уязвимости может позволить нарушителю выполнить произвольный код
Severity ?
Vendor
Red Hat Inc., Novell Inc., Сообщество свободного программного обеспечения
Software Name
Red Hat Enterprise Linux, OpenSUSE Leap, Red Hat Software Collections, Bundler
Software Version
8 (Red Hat Enterprise Linux), 15.1 (OpenSUSE Leap), - (Red Hat Software Collections), 15.2 (OpenSUSE Leap), до 1.17.3 (Bundler)
Possible Mitigations
Использование рекомендаций:
Для Bundler:
https://github.com/rubygems/bundler/pull/7416/files
Для программных продуктов Novell Inc.:
https://www.suse.com/security/cve/CVE-2019-3881/
Для программных продуктов Red Hat Inc.:
https://access.redhat.com/security/cve/CVE-2019-3881
Reference
https://bugzilla.suse.com/show_bug.cgi?id=1143436
https://www.suse.com/security/cve/CVE-2019-3881/
https://github.com/rubygems/bundler/pull/7416/files
CWE
CWE-552
{
"CVSS 2.0": "AV:L/AC:H/Au:N/C:C/I:C/A:C",
"CVSS 3.0": "AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Red Hat Inc., Novell Inc., \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "8 (Red Hat Enterprise Linux), 15.1 (OpenSUSE Leap), - (Red Hat Software Collections), 15.2 (OpenSUSE Leap), \u0434\u043e 1.17.3 (Bundler)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\u0414\u043b\u044f Bundler:\nhttps://github.com/rubygems/bundler/pull/7416/files\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Novell Inc.:\nhttps://www.suse.com/security/cve/CVE-2019-3881/\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Red Hat Inc.:\nhttps://access.redhat.com/security/cve/CVE-2019-3881",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "30.07.2019",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "28.08.2020",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "28.08.2020",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2020-04070",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2019-3881",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0430\u0440\u0445\u0438\u0442\u0435\u043a\u0442\u0443\u0440\u044b",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Red Hat Enterprise Linux, OpenSUSE Leap, Red Hat Software Collections, Bundler",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "Red Hat Inc. Red Hat Enterprise Linux 8 , Novell Inc. OpenSUSE Leap 15.1 , Novell Inc. OpenSUSE Leap 15.2 ",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u0435\u043d\u0435\u0434\u0436\u0435\u0440\u0430 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043f\u0430\u043a\u0435\u0442\u0430\u043c\u0438 gems \u043f\u0440\u043e\u0435\u043a\u0442\u043e\u0432 Ruby Bundler, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0444\u0430\u0439\u043b\u043e\u0432 \u0438 \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u043e\u0432, \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 \u0432\u043d\u0435\u0448\u043d\u0438\u043c \u0441\u0442\u043e\u0440\u043e\u043d\u0430\u043c, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u0424\u0430\u0439\u043b\u044b \u0438 \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0438, \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0435 \u0432\u043d\u0435\u0448\u043d\u0438\u043c \u0441\u0442\u043e\u0440\u043e\u043d\u0430\u043c (CWE-552)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u0435\u043d\u0435\u0434\u0436\u0435\u0440\u0430 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043f\u0430\u043a\u0435\u0442\u0430\u043c\u0438 gems \u043f\u0440\u043e\u0435\u043a\u0442\u043e\u0432 Ruby Bundler \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0444\u0430\u0439\u043b\u043e\u0432 \u0438 \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u043e\u0432, \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 \u0432\u043d\u0435\u0448\u043d\u0438\u043c \u0441\u0442\u043e\u0440\u043e\u043d\u0430\u043c. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u0417\u043b\u043e\u0443\u043f\u043e\u0442\u0440\u0435\u0431\u043b\u0435\u043d\u0438\u0435 \u0444\u0443\u043d\u043a\u0446\u0438\u043e\u043d\u0430\u043b\u043e\u043c",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://bugzilla.suse.com/show_bug.cgi?id=1143436\nhttps://www.suse.com/security/cve/CVE-2019-3881/\nhttps://github.com/rubygems/bundler/pull/7416/files",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-552",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 6,2)\n\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 6,7)"
}
CERTFR-2021-AVI-011
Vulnerability from certfr_avis - Published: 2021-01-08 - Updated: 2021-01-08
De multiples vulnérabilités ont été découvertes dans GitLab. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, un déni de service à distance et un contournement de la politique de sécurité.
Certaines vulnérabilités n'ont pas encore d'identifiant CVE.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| GitLab | N/A | GitLab Community Edition et Entreprise Edition versions 13.7.x antérieures à 13.7.2 | ||
| GitLab | N/A | GitLab Community Edition et Entreprise Edition versions 13.5.x antérieures à 13.5.6 | ||
| GitLab | N/A | GitLab Community Edition et Entreprise Edition versions 13.6.x antérieures à 13.6.4 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "GitLab Community Edition et Entreprise Edition versions 13.7.x ant\u00e9rieures \u00e0 13.7.2",
"product": {
"name": "N/A",
"vendor": {
"name": "GitLab",
"scada": false
}
}
},
{
"description": "GitLab Community Edition et Entreprise Edition versions 13.5.x ant\u00e9rieures \u00e0 13.5.6",
"product": {
"name": "N/A",
"vendor": {
"name": "GitLab",
"scada": false
}
}
},
{
"description": "GitLab Community Edition et Entreprise Edition versions 13.6.x ant\u00e9rieures \u00e0 13.6.4",
"product": {
"name": "N/A",
"vendor": {
"name": "GitLab",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2021-22166",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22166"
},
{
"name": "CVE-2019-3881",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3881"
},
{
"name": "CVE-2020-26414",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26414"
}
],
"initial_release_date": "2021-01-08T00:00:00",
"last_revision_date": "2021-01-08T00:00:00",
"links": [],
"reference": "CERTFR-2021-AVI-011",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2021-01-08T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans GitLab. Certaines\nd\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de\ncode arbitraire, un d\u00e9ni de service \u00e0 distance et un contournement de la\npolitique de s\u00e9curit\u00e9.\n\nCertaines vuln\u00e9rabilit\u00e9s n\u0027ont pas encore d\u0027identifiant CVE.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans GitLab",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 GitLab du 07 janvier 2021",
"url": "https://about.gitlab.com/releases/2021/01/07/security-release-gitlab-13-7-2-released/"
}
]
}
CERTFR-2021-AVI-788
Vulnerability from certfr_avis - Published: 2021-10-14 - Updated: 2021-10-14
De multiples vulnérabilités ont été découvertes dans IBM Cloud Foundry Migration Runtime. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "IBM Cloud Foundry Migration Runtime versions ant\u00e9rieures \u00e0 4.1.2",
"product": {
"name": "N/A",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2019-16201",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16201"
},
{
"name": "CVE-2019-16255",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16255"
},
{
"name": "CVE-2020-25613",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25613"
},
{
"name": "CVE-2019-3881",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3881"
},
{
"name": "CVE-2021-28965",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28965"
},
{
"name": "CVE-2021-33910",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33910"
},
{
"name": "CVE-2019-16254",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16254"
},
{
"name": "CVE-2020-10663",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10663"
},
{
"name": "CVE-2019-15845",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-15845"
},
{
"name": "CVE-2021-25217",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25217"
},
{
"name": "CVE-2020-10933",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10933"
}
],
"initial_release_date": "2021-10-14T00:00:00",
"last_revision_date": "2021-10-14T00:00:00",
"links": [],
"reference": "CERTFR-2021-AVI-788",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2021-10-14T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans IBM Cloud Foundry\nMigration Runtime. Certaines d\u0027entre elles permettent \u00e0 un attaquant de\nprovoquer une ex\u00e9cution de code arbitraire, un d\u00e9ni de service \u00e0\ndistance et un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans IBM Cloud Foundry Migration Runtime",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6498497 du 13 octobre 2021",
"url": "https://www.ibm.com/support/pages/node/6498497"
}
]
}
FKIE_CVE-2019-3881
Vulnerability from fkie_nvd - Published: 2020-09-04 12:15 - Updated: 2024-11-21 04:42
Severity ?
Summary
Bundler prior to 2.1.0 uses a predictable path in /tmp/, created with insecure permissions as a storage location for gems, if locations under the user's home directory are not available. If Bundler is used in a scenario where the user does not have a writable home directory, an attacker could place malicious code in this directory that would be later loaded and executed.
References
| URL | Tags | ||
|---|---|---|---|
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=1651826 | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1651826 | Issue Tracking, Patch, Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:bundler:bundler:*:*:*:*:*:ruby:*:*",
"matchCriteriaId": "AA38E451-BFAE-4332-8320-2DFBED02F849",
"versionEndExcluding": "2.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Bundler prior to 2.1.0 uses a predictable path in /tmp/, created with insecure permissions as a storage location for gems, if locations under the user\u0027s home directory are not available. If Bundler is used in a scenario where the user does not have a writable home directory, an attacker could place malicious code in this directory that would be later loaded and executed."
},
{
"lang": "es",
"value": "Bundler versiones anteriores a 2.1.0, usa una ruta predecible en /tmp/, creada con permisos no seguros como una ubicaci\u00f3n de almacenamiento para gemas, si las ubicaciones en el directorio de inicio del usuario no est\u00e1n disponibles.\u0026#xa0;Si Bundler es usado en un escenario donde el usuario no posee un directorio de inicio de escritura, un atacante podr\u00eda colocar un c\u00f3digo malicioso en este directorio que luego podr\u00eda ser cargado y ejecutado"
}
],
"id": "CVE-2019-3881",
"lastModified": "2024-11-21T04:42:47.230",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-09-04T12:15:10.387",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1651826"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1651826"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-427"
}
],
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-427"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…