CVE-2019-8324

MEDIUM

Description

An issue was discovered in RubyGems 2.6 and later through 3.0.2. A crafted gem with a multi-line name is not handled correctly. Therefore, an attacker could inject arbitrary code to the stub line of gemspec, which is eval-ed by code in ensure_loadable_spec during the preinstall check.

References

http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00036.html

https://access.redhat.com/errata/RHSA-2019:1972

https://hackerone.com/reports/328571

https://lists.debian.org/debian-lts-announce/2020/08/msg00027.html

Details

Source: MITRE

Published: 2019-06-17

Updated: 2020-08-24

Type: CWE-94

Risk Information

CVSS v2.0

Base Score: 6.8

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 8.6

Severity: MEDIUM

CVSS v3.0

Base Score: 8.8

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 2.8

Severity: HIGH

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:rubygems:rubygems:*:*:*:*:*:*:*:* versions from 2.6.0 to 3.0.2 (inclusive)

Configuration 2

OR

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

Configuration 3

OR

cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*

cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*

Configuration 4

OR

cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*

Tenable Plugins

View all (25 total)

IDNameProductFamilySeverity
145670CentOS 8 : ruby:2.5 (CESA-2019:1972)NessusCentOS Local Security Checks
medium
139628Debian DLA-2330-1 : jruby security updateNessusDebian Local Security Checks
high
137897RHEL 7 : ruby (RHSA-2020:2769)NessusRed Hat Local Security Checks
medium
137599SUSE SLES12 Security Update : ruby2.1 (SUSE-SU-2020:1570-1)NessusSuSE Local Security Checks
high
127811Amazon Linux AMI : ruby20 / ruby21,ruby24 (ALAS-2019-1255)NessusAmazon Linux Local Security Checks
high
127642RHEL 8 : ruby:2.5 (RHSA-2019:1972)NessusRed Hat Local Security Checks
medium
127610Oracle Linux 8 : ruby:2.5 (ELSA-2019-1972)NessusOracle Linux Local Security Checks
medium
127299NewStart CGSL CORE 5.05 / MAIN 5.05 : ruby Multiple Vulnerabilities (NS-SA-2019-0084)NessusNewStart CGSL Local Security Checks
medium
127292NewStart CGSL CORE 5.04 / MAIN 5.04 : ruby Multiple Vulnerabilities (NS-SA-2019-0080)NessusNewStart CGSL Local Security Checks
medium
126961Amazon Linux 2 : ruby (ALAS-2019-1249)NessusAmazon Linux Local Security Checks
medium
126904openSUSE Security Update : ruby-bundled-gems-rpmhelper / ruby2.5 (openSUSE-2019-1771)NessusSuSE Local Security Checks
high
126846EulerOS 2.0 SP2 : ruby (EulerOS-SA-2019-1718)NessusHuawei Local Security Checks
high
126617SUSE SLED15 / SLES15 Security Update : ruby-bundled-gems-rpmhelper, ruby2.5 (SUSE-SU-2019:1804-1)NessusSuSE Local Security Checks
high
125569EulerOS Virtualization for ARM 64 3.0.2.0 : ruby (EulerOS-SA-2019-1617)NessusHuawei Local Security Checks
high
125524EulerOS 2.0 SP5 : ruby (EulerOS-SA-2019-1597)NessusHuawei Local Security Checks
medium
125316CentOS 7 : ruby (CESA-2019:1235)NessusCentOS Local Security Checks
medium
125297Debian DLA-1796-1 : jruby security updateNessusDebian Local Security Checks
high
125208Scientific Linux Security Update : ruby on SL7.x x86_64 (20190515)NessusScientific Linux Local Security Checks
medium
125201RHEL 7 : ruby (RHSA-2019:1235)NessusRed Hat Local Security Checks
medium
125191Oracle Linux 7 : ruby (ELSA-2019-1235)NessusOracle Linux Local Security Checks
medium
124728Fedora 28 : ruby (2019-feac6674b7)NessusFedora Local Security Checks
high
124574Fedora 29 : ruby (2019-a155364f3c)NessusFedora Local Security Checks
high
124096Debian DSA-4433-1 : ruby2.3 - security updateNessusDebian Local Security Checks
high
123522Debian DLA-1735-1 : ruby2.1 security updateNessusDebian Local Security Checks
high
122883FreeBSD : RubyGems -- multiple vulnerabilities (27b12d04-4722-11e9-8b7c-b5e01141761f)NessusFreeBSD Local Security Checks
high