PT-2018-3136 · Ruby+4 · Rubygems+4

Segiddins

·

Published

2018-02-15

·

Updated

2022-05-14

·

CVE-2018-1000079

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
Name of the Vulnerable Software and Affected Versions RubyGems versions 2.2.9 and earlier RubyGems versions 2.3.6 and earlier RubyGems versions 2.4.3 and earlier RubyGems versions 2.5.0 and earlier RubyGems prior to trunk revision 62422
Description The issue is related to a Directory Traversal vulnerability in gem installation, allowing a gem to write to arbitrary filesystem locations during installation. This can be exploited by installing a malicious gem. The vulnerability appears to be related to errors in restricting the path name to a directory with limited access.
Recommendations For RubyGems versions 2.2.9 and earlier, update to a version newer than 2.7.6. For RubyGems versions 2.3.6 and earlier, update to a version newer than 2.7.6. For RubyGems versions 2.4.3 and earlier, update to a version newer than 2.7.6. For RubyGems versions 2.5.0 and earlier, update to a version newer than 2.7.6. For RubyGems prior to trunk revision 62422, update to a version newer than 2.7.6. As a temporary workaround, consider avoiding the installation of gems from untrusted sources until the issue is resolved.

Exploit

Fix

Path traversal

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-22

Related Identifiers

BDU:2019-04231
CESA-2019_2028
CVE-2018-1000079
DLA-1421-1
DSA-4219-1
DSA-4259-1
GHSA-8QXG-MFF5-J3WC
MGASA-2019-0062
MGASA-2020-0243
OPENSUSE-SU-2019:1771-1
OPENSUSE-SU-2019_1771-1
RHSA-2018:3729
RHSA-2018:3730
RHSA-2018:3731
RHSA-2019:2028
RHSA-2019_2028
RHSA-2020:0542
RHSA-2020:0591
RHSA-2020:0663
SUSE-SU-2019:1804-1
SUSE-SU-2020:1570-1
SUSE-SU-2020_1570-1
USN-3621-1

Affected Products

Centos
Red Hat
Rubygems
Suse
Ubuntu