CVE-2017-0900

Published August 31st, 2017

View on NVD ↗

CVSS v3

N/A

CVSS v2

MEDIUM

Affected

PROJECT

Description

RubyGems version 2.6.12 and earlier is vulnerable to maliciously crafted gem specifications to cause a denial of service attack against RubyGems clients who have issued a `query` command.

ruby/rubygems

Library packaging and distribution for Ruby.

GitHub

3.93K