Search CVE reports

Toggle filters

71 – 71 of 71 results

CVE-2017-17790

Medium priority

Some fixes available 4 of 5

The lazy_initialize function in lib/resolv.rb in Ruby through 2.4.3 uses Kernel#open, which might allow Command Injection attacks, as demonstrated by a Resolv::Hosts::new argument beginning with a '|' character, a different...

3 affected packages

ruby2.5, ruby1.9.1, ruby2.3

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
ruby2.5 Fixed
ruby1.9.1 Not in release
ruby2.3 Not in release
Show less packages
  1. Previous page
  2. 4
  3. 5
  4. 6
  5. 7
  6. 8
  7. Next page
Export to JSON