cbcvebase.
CVE-2018-8780
published 2018-04-03

CVE-2018-8780: In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1, the Dir.open, Dir.new, Dir.entries and Dir.empty?…

PriorityP351critical9.1CVSS 3.0
AVNACLPRNUINSUCHIHAN
EPSS
10.10%
95.1th percentile
In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1, the Dir.open, Dir.new, Dir.entries and Dir.empty? methods do not check NULL characters. When using the corresponding method, unintentional directory traversal may be performed.

Affected

33 ranges· showing 25
VendorProductVersion rangeFixed in
applemacos_high_sierra_10.13.6_security_update_2018-004_sierra_security_update_2018-0
applemacos_mojave_10.14.1_security_update_2018-002_high_sierra_security_update_2018-0
canonicalubuntu_linux
canonicalubuntu_linux
canonicalubuntu_linux
debiandebian_linux
debiandebian_linux
debiandebian_linux
ruby-langruby< 2.2.102.2.10
ruby-langruby
ruby-langruby>= 0 < 2.5.1-r02.5.1-r0
ruby-langruby>= 0 < 2.5.1-r02.5.1-r0
ruby-langruby>= 0 < 2.5.1-r02.5.1-r0
ruby-langruby>= 0 < 2.5.1-r02.5.1-r0
ruby-langruby>= 0 < 2.5.1-r02.5.1-r0
ruby-langruby>= 0 < 2.5.1-r02.5.1-r0
ruby-langruby>= 0 < 2.5.1-r02.5.1-r0
ruby-langruby>= 0 < 2.5.1-r02.5.1-r0
ruby-langruby>= 0 < 2.5.1-r02.5.1-r0
ruby-langruby>= 0 < 2.5.1-r02.5.1-r0
ruby-langruby>= 0 < 2.5.1-r02.5.1-r0
ruby-langruby>= 0 < 2.5.1-r02.5.1-r0
ruby-langruby>= 0 < 2.5.1-r02.5.1-r0
ruby-langruby>= 0 < 2.5.1-r02.5.1-r0
ruby-langruby>= 0 < 2.3.7-r02.3.7-r0

CVSS provenance

nvdv3.09.1CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv9.1CRITICAL
vendor_redhat9.1CRITICAL
vendor_ubuntu7.5HIGH
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.