VYPR
Critical severityNVD Advisory· Published Oct 9, 2019· Updated Aug 5, 2024

CVE-2019-17383

CVE-2019-17383

Description

The netaddr gem before 2.0.4 for Ruby has misconfigured file permissions, such that a gem install may result in 0777 permissions in the target filesystem.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
netaddrRubyGems
>= 2.0.0, < 2.0.42.0.4
netaddrRubyGems
< 1.5.31.5.3

Affected products

2
  • Ruby/netaddr gemdescription
  • ghsa-coords
    Range: >= 2.0.0, < 2.0.4

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.