CVE-2012-4522 ruby1.9.1

Metadata

medium
5.0
ruby1.9.1
CVE-2012-4522
2017-12-29 23:00
Moderate CentOS ruby Update
CVE-2012-4522 ruby1.8
CVE-2012-4522
2017-12-29 21:03
2017-06-16 19:00
2017-04-01 19:11
2017-01-05 20:16

Description

The rb_get_path_check function in file.c in Ruby 1.9.3 before patchlevel 286 and Ruby 2.0.0 before r37163 allows context-dependent attackers to create files in unexpected locations or with unexpected names via a NUL byte in a file path.

Am I vulnerable?

The constraints below list the versions that this vulnerability is patched in, and versions that are unaffected. If a patch is ready but unrealeased, then it is pending.

Or, you can just let us figure it out for you! Appcanary continously monitor your installed packages, and tell you if any of them are vulnerable.

Sign up for monitoring

Affected package information

Release Package Patched in
wheezy ruby1.9.1 1.9.3.194-3