CVE-2019-8322
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2019-8322
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-8322.json
- Aliases
- Related
- Published
- 2019-06-17T20:15:10Z
- Modified
- 2023-11-29T07:40:49.623363Z
- Details
-
An issue was discovered in RubyGems 2.6 and later through 3.0.2. The gem owner command outputs the contents of the API response directly to stdout. Therefore, if the response is crafted, escape sequence injection may occur.
- References
Affected packages
Alpine:v3.6 / ruby
Package
- Name
- ruby
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0The exact introduced commit is unknownFixed2.4.6-r0
Affected versions
1.*
1.8.7_p72-r1
1.8.7_p72-r2
1.8.7_p160-r2
1.8.7_p160-r3
1.8.7_p174-r0
1.8.7_p174-r1
1.8.7_p174-r2
1.8.7_p174-r3
1.8.7_p174-r4
1.8.7_p174-r6
1.8.7_p174-r7
1.8.7_p299-r0
1.8.7_p299-r1
1.8.7_p299-r2
1.8.7_p352-r0
1.8.7_p352-r1
1.8.7_p358-r1
1.9.3_p194-r0
1.9.3_p286-r0
1.9.3_p286-r1
1.9.3_p286-r2
1.9.3_p327-r0
1.9.3_p362-r0
1.9.3_p374-r0
1.9.3_p385-r0
1.9.3_p392-r0
2.*
2.0.0_p0-r0
2.0.0_p0-r1
2.0.0_p195-r0
2.0.0_p247-r0
2.0.0_p247-r1
2.0.0_p247-r2
2.0.0_p247-r3
2.0.0_p353-r0
2.0.0_p353-r1
2.0.0_p353-r2
2.0.0_p481-r0
2.1.5-r0
2.1.5-r1
2.2.1-r0
2.2.2-r0
2.2.2-r1
2.2.3-r0
2.2.3-r1
2.2.4-r0
2.3.1-r0
2.3.1-r1
2.3.1-r2
2.3.2-r0
2.3.3-r0
2.3.3-r1
2.3.3-r2
2.3.3-r3
2.4.0-r3
2.4.1-r3
2.4.2-r3
2.4.3-r3
2.4.4-r3
2.4.5-r3
Alpine:v3.7 / ruby
Package
- Name
- ruby
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0The exact introduced commit is unknownFixed2.4.6-r0
Affected versions
1.*
1.8.7_p72-r1
1.8.7_p72-r2
1.8.7_p160-r2
1.8.7_p160-r3
1.8.7_p174-r0
1.8.7_p174-r1
1.8.7_p174-r2
1.8.7_p174-r3
1.8.7_p174-r4
1.8.7_p174-r6
1.8.7_p174-r7
1.8.7_p299-r0
1.8.7_p299-r1
1.8.7_p299-r2
1.8.7_p352-r0
1.8.7_p352-r1
1.8.7_p358-r1
1.9.3_p194-r0
1.9.3_p286-r0
1.9.3_p286-r1
1.9.3_p286-r2
1.9.3_p327-r0
1.9.3_p362-r0
1.9.3_p374-r0
1.9.3_p385-r0
1.9.3_p392-r0
2.*
2.0.0_p0-r0
2.0.0_p0-r1
2.0.0_p195-r0
2.0.0_p247-r0
2.0.0_p247-r1
2.0.0_p247-r2
2.0.0_p247-r3
2.0.0_p353-r0
2.0.0_p353-r1
2.0.0_p353-r2
2.0.0_p481-r0
2.1.5-r0
2.1.5-r1
2.2.1-r0
2.2.2-r0
2.2.2-r1
2.2.3-r0
2.2.3-r1
2.2.4-r0
2.3.1-r0
2.3.1-r1
2.3.1-r2
2.3.2-r0
2.3.3-r0
2.3.3-r1
2.3.3-r2
2.3.3-r3
2.4.0-r3
2.4.1-r3
2.4.2-r3
2.4.3-r3
2.4.4-r3
2.4.5-r3
Alpine:v3.8 / ruby
Package
- Name
- ruby
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0The exact introduced commit is unknownFixed2.5.5-r0
Affected versions
1.*
1.8.7_p72-r1
1.8.7_p72-r2
1.8.7_p160-r2
1.8.7_p160-r3
1.8.7_p174-r0
1.8.7_p174-r1
1.8.7_p174-r2
1.8.7_p174-r3
1.8.7_p174-r4
1.8.7_p174-r6
1.8.7_p174-r7
1.8.7_p299-r0
1.8.7_p299-r1
1.8.7_p299-r2
1.8.7_p352-r0
1.8.7_p352-r1
1.8.7_p358-r1
1.9.3_p194-r0
1.9.3_p286-r0
1.9.3_p286-r1
1.9.3_p286-r2
1.9.3_p327-r0
1.9.3_p362-r0
1.9.3_p374-r0
1.9.3_p385-r0
1.9.3_p392-r0
2.*
2.0.0_p0-r0
2.0.0_p0-r1
2.0.0_p195-r0
2.0.0_p247-r0
2.0.0_p247-r1
2.0.0_p247-r2
2.0.0_p247-r3
2.0.0_p353-r0
2.0.0_p353-r1
2.0.0_p353-r2
2.0.0_p481-r0
2.1.5-r0
2.1.5-r1
2.2.1-r0
2.2.2-r0
2.2.2-r1
2.2.3-r0
2.2.3-r1
2.2.4-r0
2.3.1-r0
2.3.1-r1
2.3.1-r2
2.3.2-r0
2.3.3-r0
2.3.3-r1
2.3.3-r2
2.3.3-r3
2.4.0-r3
2.4.1-r3
2.4.2-r3
2.4.3-r3
2.5.0-r3
2.5.1-r3
2.5.2-r3
Alpine:v3.9 / ruby
Package
- Name
- ruby
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0The exact introduced commit is unknownFixed2.5.5-r0
Affected versions
1.*
1.8.7_p72-r1
1.8.7_p72-r2
1.8.7_p160-r2
1.8.7_p160-r3
1.8.7_p174-r0
1.8.7_p174-r1
1.8.7_p174-r2
1.8.7_p174-r3
1.8.7_p174-r4
1.8.7_p174-r6
1.8.7_p174-r7
1.8.7_p299-r0
1.8.7_p299-r1
1.8.7_p299-r2
1.8.7_p352-r0
1.8.7_p352-r1
1.8.7_p358-r1
1.9.3_p194-r0
1.9.3_p286-r0
1.9.3_p286-r1
1.9.3_p286-r2
1.9.3_p327-r0
1.9.3_p362-r0
1.9.3_p374-r0
1.9.3_p385-r0
1.9.3_p392-r0
2.*
2.0.0_p0-r0
2.0.0_p0-r1
2.0.0_p195-r0
2.0.0_p247-r0
2.0.0_p247-r1
2.0.0_p247-r2
2.0.0_p247-r3
2.0.0_p353-r0
2.0.0_p353-r1
2.0.0_p353-r2
2.0.0_p481-r0
2.1.5-r0
2.1.5-r1
2.2.1-r0
2.2.2-r0
2.2.2-r1
2.2.3-r0
2.2.3-r1
2.2.4-r0
2.3.1-r0
2.3.1-r1
2.3.1-r2
2.3.2-r0
2.3.3-r0
2.3.3-r1
2.3.3-r2
2.3.3-r3
2.4.0-r3
2.4.1-r3
2.4.2-r3
2.4.3-r3
2.5.0-r3
2.5.1-r3
2.5.2-r3
2.5.3-r3