RubyGems is prone to a security-bypass vulnerability.
Successful exploits may allow attackers to bypass security restrictions and perform unauthorized actions.
RubyGems version 2.6.12 and prior versions are affected.
Information
RubyGems RubyGems 2.4.6
RubyGems RubyGems 2.4.5
RubyGems RubyGems 2.4.4
RubyGems RubyGems 2.4.3
RubyGems RubyGems 2.4.2
RubyGems RubyGems 2.4.1
RubyGems RubyGems 2.4
RubyGems RubyGems 2.2.5
RubyGems RubyGems 2.2.4
RubyGems RubyGems 2.2.3
RubyGems RubyGems 2.2.2
RubyGems RubyGems 2.2.1
RubyGems RubyGems 2.2
RubyGems RubyGems 2.0.17
RubyGems RubyGems 2.0.16
RubyGems RubyGems 2.0.15
RubyGems RubyGems 2.0.14
RubyGems RubyGems 2.0.13
RubyGems RubyGems 2.0.12
RubyGems RubyGems 2.0.11
RubyGems RubyGems 2.0.10
RubyGems RubyGems 2.0.7
RubyGems RubyGems 2.0.6
RubyGems RubyGems 2.0.5
RubyGems RubyGems 2.0.4
RubyGems RubyGems 2.0.3
RubyGems RubyGems 2.0.2
RubyGems RubyGems 2.0.1
RubyGems RubyGems 2.0
RubyGems RubyGems 2.6.12
RubyGems RubyGems 2.1.4
RubyGems RubyGems 2.1.0
RubyGems RubyGems 2.0.9
RubyGems RubyGems 2.0.8
Redhat Enterprise Linux 6
Exploit
The researcher has created a proof-of-concept to demonstrate the issue. Please see the references for more information.
References:
- Rubygems Homepage (Rubygems)
- 226335:Escape sequence injection in "summary" field (HackerOne)
- Bug 1487590 - (CVE-2017-0899) CVE-2017-0899 rubygems: Escape sequence in the "su (Redhat)
- CVE-2017-0899 (Redhat)