CVE-2019-17383

Published October 9th, 2019

View on NVD ↗

CVSS v3

9.8

CRITICAL

CVSS v2

7.5

HIGH

Affected

PROJECTS

Description

The netaddr gem before 2.0.4 for Ruby has misconfigured file permissions, such that a gem install may result in 0777 permissions in the target filesystem.

netaddr

A Ruby library for performing calculations on IPv4 and IPv6 subnets.

RubyGems

30.6M

dspinhirne/netaddr-rb

A Ruby library for performing calculations on IPv4 and IPv6 subnets.

GitHub