FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

rubygems -- multiple vulnerabilities

Affected packages
	ruby22-gems	<	2.6.13
	ruby23-gems	<	2.6.13
	ruby24-gems	<	2.6.13

Details

VuXML ID	3f6de636-8cdb-11e7-9c71-f0def1fd7ea2
Discovery	2017-08-29
Entry	2017-08-29

Official blog of RubyGems reports:

The following vulnerabilities have been reported: a DNS request hijacking vulnerability, an ANSI escape sequence vulnerability, a DoS vulnerability in the query command, and a vulnerability in the gem installer that allowed a malicious gem to overwrite arbitrary files.

[source]

References

URL	https://www.ruby-lang.org/en/news/2017/08/29/multiple-vulnerabilities-in-rubygems/