Index: security/vuxml/vuln.xml =================================================================== --- security/vuxml/vuln.xml +++ security/vuxml/vuln.xml @@ -58,6 +58,37 @@ * Do not forget port variants (linux-f10-libxml2, libxml2, etc.) --> + + rubygems -- multiple vulnerabilities + + + ruby22-gems + ruby23-gems + ruby24-gems + 2.6.13 + + + + +

Official blog of RubyGems reports:

+
The following vulnerabilities have been reported: a DNS request + hijacking vulnerability, an ANSI escape sequence vulnerability, a DoS + vulnerability in the query command, a vulnerability in the gem + installer that allowed a malicious gem to overwrite arbitrary + files.
+

+ + + + https://www.ruby-lang.org/en/news/2017/08/29/multiple-vulnerabilities-in-rubygems/ + + + 2017-08-29 + 2017-08-29 + + + kanboard -- multiple privilege escalation vulnerabilities