Max CVSS 6.8 Min CVSS 5.0 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2019-8324 6.8
An issue was discovered in RubyGems 2.6 and later through 3.0.2. A crafted gem with a multi-line name is not handled correctly. Therefore, an attacker could inject arbitrary code to the stub line of gemspec, which is eval-ed by code in ensure_loadabl
24-08-2020 - 17:37 17-06-2019 - 19:15
CVE-2019-8325 5.0
An issue was discovered in RubyGems 2.6 and later through 3.0.2. Since Gem::CommandManager#run calls alert_error without escaping, escape sequence injection is possible. (There are many ways to cause an error.)
19-08-2020 - 19:01 17-06-2019 - 19:15
Back to Top Mark selected
Back to Top