CVE-2017-0899

critical

Description

RubyGems version 2.6.12 and earlier is vulnerable to maliciously crafted gem specifications that include terminal escape characters. Printing the gem specification would execute terminal escape sequences.

References

http://blog.rubygems.org/2017/08/27/2.6.13-released.html

http://www.securityfocus.com/bid/100576

http://www.securitytracker.com/id/1039249

https://access.redhat.com/errata/RHSA-2017:3485

https://access.redhat.com/errata/RHSA-2018:0378

https://access.redhat.com/errata/RHSA-2018:0583

https://access.redhat.com/errata/RHSA-2018:0585

https://github.com/rubygems/rubygems/commit/1bcbc7fe637b03145401ec9c094066285934a7f1

https://github.com/rubygems/rubygems/commit/ef0aa611effb5f54d40c7fba6e8235eb43c5a491

https://hackerone.com/reports/226335

https://lists.debian.org/debian-lts-announce/2018/07/msg00012.html

https://security.gentoo.org/glsa/201710-01

https://www.debian.org/security/2017/dsa-3966

Details

Source: MITRE

Published: 2017-08-31

Updated: 2019-10-09

Type: CWE-94

Risk Information

CVSS v2

Base Score: 7.5

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 10

Severity: HIGH

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 3.9

Severity: CRITICAL