CVE-2024-27281
Description
An issue was discovered in RDoc 6.3.3 through 6.6.2, as distributed in Ruby 3.x through 3.3.0. When parsing .rdoc_options (used for configuration in RDoc) as a YAML file, object injection and resultant remote code execution are possible because there are no restrictions on the classes that can be restored. (When loading the documentation cache, object injection and resultant remote code execution are also possible if there were a crafted cache.) The main fixed version is 6.6.3.1. For Ruby 3.0 users, a fixed version is rdoc 6.3.4.1. For Ruby 3.1 users, a fixed version is rdoc 6.4.1.1. For Ruby 3.2 users, a fixed version is rdoc 6.5.1.1.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
rdocRubyGems | >= 6.3.3, < 6.3.4.1 | 6.3.4.1 |
rdocRubyGems | >= 6.4.0, < 6.4.1.1 | 6.4.1.1 |
rdocRubyGems | >= 6.5.0, < 6.5.1.1 | 6.5.1.1 |
rdocRubyGems | >= 6.6.0, < 6.6.3.1 | 6.6.3.1 |
Affected products
98- osv-coords97 versionspkg:apk/chainguard/jruby-9.4pkg:apk/chainguard/jruby-9.4-default-rubypkg:apk/chainguard/logstashpkg:apk/chainguard/logstash-compatpkg:apk/chainguard/logstash-env2yamlpkg:apk/chainguard/logstash-jre-bcfipspkg:apk/chainguard/logstash-jre-bcfips-compatpkg:apk/chainguard/logstash-jre-bcfips-env2yamlpkg:apk/chainguard/logstash-jre-bcfips-with-output-opensearchpkg:apk/chainguard/logstash-with-output-opensearchpkg:apk/chainguard/ruby-3.0pkg:apk/chainguard/ruby-3.0-devpkg:apk/chainguard/ruby-3.0-docpkg:apk/chainguard/ruby-3.1pkg:apk/chainguard/ruby-3.1-basepkg:apk/chainguard/ruby-3.1-base-devpkg:apk/chainguard/ruby-3.1-devpkg:apk/chainguard/ruby-3.1-docpkg:apk/chainguard/ruby-3.2pkg:apk/chainguard/ruby-3.2-basepkg:apk/chainguard/ruby-3.2-base-devpkg:apk/chainguard/ruby-3.2-devpkg:apk/chainguard/ruby-3.2-docpkg:apk/chainguard/ruby-3.3pkg:apk/chainguard/ruby-3.3-basepkg:apk/chainguard/ruby-3.3-base-devpkg:apk/chainguard/ruby-3.3-devpkg:apk/chainguard/ruby-3.3-docpkg:apk/wolfi/jruby-9.4pkg:apk/wolfi/jruby-9.4-default-rubypkg:apk/wolfi/logstashpkg:apk/wolfi/logstash-compatpkg:apk/wolfi/logstash-env2yamlpkg:apk/wolfi/logstash-with-output-opensearchpkg:apk/wolfi/ruby-3.0pkg:apk/wolfi/ruby-3.0-devpkg:apk/wolfi/ruby-3.0-docpkg:apk/wolfi/ruby-3.1pkg:apk/wolfi/ruby-3.1-basepkg:apk/wolfi/ruby-3.1-base-devpkg:apk/wolfi/ruby-3.1-devpkg:apk/wolfi/ruby-3.1-docpkg:apk/wolfi/ruby-3.2pkg:apk/wolfi/ruby-3.2-basepkg:apk/wolfi/ruby-3.2-base-devpkg:apk/wolfi/ruby-3.2-devpkg:apk/wolfi/ruby-3.2-docpkg:apk/wolfi/ruby-3.3pkg:apk/wolfi/ruby-3.3-basepkg:apk/wolfi/ruby-3.3-base-devpkg:apk/wolfi/ruby-3.3-devpkg:apk/wolfi/ruby-3.3-docpkg:gem/rdocpkg:rpm/almalinux/rubypkg:rpm/almalinux/ruby-bundled-gemspkg:rpm/almalinux/ruby-default-gemspkg:rpm/almalinux/ruby-develpkg:rpm/almalinux/ruby-docpkg:rpm/almalinux/rubygem-abrtpkg:rpm/almalinux/rubygem-abrt-docpkg:rpm/almalinux/rubygem-bigdecimalpkg:rpm/almalinux/rubygem-bsonpkg:rpm/almalinux/rubygem-bson-docpkg:rpm/almalinux/rubygem-bundlerpkg:rpm/almalinux/rubygem-bundler-docpkg:rpm/almalinux/rubygem-did_you_meanpkg:rpm/almalinux/rubygem-io-consolepkg:rpm/almalinux/rubygem-irbpkg:rpm/almalinux/rubygem-jsonpkg:rpm/almalinux/rubygem-minitestpkg:rpm/almalinux/rubygem-mongopkg:rpm/almalinux/rubygem-mongo-docpkg:rpm/almalinux/rubygem-mysql2pkg:rpm/almalinux/rubygem-mysql2-docpkg:rpm/almalinux/rubygem-net-telnetpkg:rpm/almalinux/rubygem-opensslpkg:rpm/almalinux/rubygem-pgpkg:rpm/almalinux/rubygem-pg-docpkg:rpm/almalinux/rubygem-power_assertpkg:rpm/almalinux/rubygem-psychpkg:rpm/almalinux/rubygem-raccpkg:rpm/almalinux/rubygem-rakepkg:rpm/almalinux/rubygem-rbspkg:rpm/almalinux/rubygem-rdocpkg:rpm/almalinux/rubygem-rexmlpkg:rpm/almalinux/rubygem-rsspkg:rpm/almalinux/rubygemspkg:rpm/almalinux/rubygems-develpkg:rpm/almalinux/rubygem-test-unitpkg:rpm/almalinux/rubygem-typeprofpkg:rpm/almalinux/rubygem-xmlrpcpkg:rpm/almalinux/ruby-irbpkg:rpm/almalinux/ruby-libspkg:rpm/rocky-linux/ruby?distro=rocky-linux-8&epoch=0pkg:rpm/rocky-linux/rubygem-abrt?distro=rocky-linux-8&epoch=0pkg:rpm/rocky-linux/rubygem-mysql2?distro=rocky-linux-8&epoch=0pkg:rpm/rocky-linux/rubygem-pg?distro=rocky-linux-8&epoch=0
< 9.4.7.0-r0+ 96 more
- (no CPE)range: < 9.4.7.0-r0
- (no CPE)range: < 9.4.7.0-r0
- (no CPE)range: < 8.14.0-r0
- (no CPE)range: < 8.14.0-r0
- (no CPE)range: < 8.14.0-r0
- (no CPE)range: < 8.14.2-r0
- (no CPE)range: < 8.14.2-r0
- (no CPE)range: < 8.14.2-r0
- (no CPE)range: < 8.14.2-r0
- (no CPE)range: < 8.14.0-r0
- (no CPE)range: < 3.0.6-r5
- (no CPE)range: < 3.0.6-r5
- (no CPE)range: < 3.0.6-r5
- (no CPE)range: < 3.1.4-r6
- (no CPE)range: < 3.1.4-r6
- (no CPE)range: < 3.1.4-r6
- (no CPE)range: < 3.1.4-r6
- (no CPE)range: < 3.1.4-r6
- (no CPE)range: < 3.2.3-r3
- (no CPE)range: < 3.2.3-r3
- (no CPE)range: < 3.2.3-r3
- (no CPE)range: < 3.2.3-r3
- (no CPE)range: < 3.2.3-r3
- (no CPE)range: < 3.3.0-r3
- (no CPE)range: < 3.3.0-r3
- (no CPE)range: < 3.3.0-r3
- (no CPE)range: < 3.3.0-r3
- (no CPE)range: < 3.3.0-r3
- (no CPE)range: < 9.4.7.0-r0
- (no CPE)range: < 9.4.7.0-r0
- (no CPE)range: < 8.14.0-r0
- (no CPE)range: < 8.14.0-r0
- (no CPE)range: < 8.14.0-r0
- (no CPE)range: < 8.14.0-r0
- (no CPE)range: < 3.0.6-r5
- (no CPE)range: < 3.0.6-r5
- (no CPE)range: < 3.0.6-r5
- (no CPE)range: < 3.1.4-r6
- (no CPE)range: < 3.1.4-r6
- (no CPE)range: < 3.1.4-r6
- (no CPE)range: < 3.1.4-r6
- (no CPE)range: < 3.1.4-r6
- (no CPE)range: < 3.2.3-r3
- (no CPE)range: < 3.2.3-r3
- (no CPE)range: < 3.2.3-r3
- (no CPE)range: < 3.2.3-r3
- (no CPE)range: < 3.2.3-r3
- (no CPE)range: < 3.3.0-r3
- (no CPE)range: < 3.3.0-r3
- (no CPE)range: < 3.3.0-r3
- (no CPE)range: < 3.3.0-r3
- (no CPE)range: < 3.3.0-r3
- (no CPE)range: >= 6.3.3, < 6.3.4.1
- (no CPE)range: < 3.0.7-143.module_el8.10.0+3852+ce828b19
- (no CPE)range: < 3.1.5-143.module_el8.10.0+3854+02eaa59a
- (no CPE)range: < 3.0.7-143.module_el8.10.0+3852+ce828b19
- (no CPE)range: < 3.0.7-143.module_el8.10.0+3852+ce828b19
- (no CPE)range: < 3.0.7-143.module_el8.10.0+3852+ce828b19
- (no CPE)range: < 0.4.0-1.module_el8.10.0+3852+ce828b19
- (no CPE)range: < 0.4.0-1.module_el8.10.0+3852+ce828b19
- (no CPE)range: < 3.0.0-143.module_el8.10.0+3852+ce828b19
- (no CPE)range: < 4.3.0-2.module_el8.5.0+2625+ec418553
- (no CPE)range: < 4.3.0-2.module_el8.5.0+2625+ec418553
- (no CPE)range: < 2.2.33-143.module_el8.10.0+3852+ce828b19
- (no CPE)range: < 1.16.1-4.module_el8.10.0+3871+342e2c2f
- (no CPE)range: < 1.2.0-112.module_el8.10.0+3871+342e2c2f
- (no CPE)range: < 0.5.7-143.module_el8.10.0+3852+ce828b19
- (no CPE)range: < 1.3.5-143.module_el8.10.0+3852+ce828b19
- (no CPE)range: < 2.5.1-143.module_el8.10.0+3852+ce828b19
- (no CPE)range: < 5.14.2-143.module_el8.10.0+3852+ce828b19
- (no CPE)range: < 2.5.1-2.module_el8.5.0+2625+ec418553
- (no CPE)range: < 2.5.1-2.module_el8.5.0+2625+ec418553
- (no CPE)range: < 0.5.3-2.module_el8.10.0+3852+ce828b19
- (no CPE)range: < 0.5.3-2.module_el8.10.0+3852+ce828b19
- (no CPE)range: < 0.1.1-112.module_el8.10.0+3871+342e2c2f
- (no CPE)range: < 2.1.2-112.module_el8.10.0+3871+342e2c2f
- (no CPE)range: < 1.2.3-1.module_el8.5.0+2595+0c654ebc
- (no CPE)range: < 1.2.3-1.module_el8.10.0+3852+ce828b19
- (no CPE)range: < 1.2.1-143.module_el8.10.0+3852+ce828b19
- (no CPE)range: < 3.3.2-143.module_el8.10.0+3852+ce828b19
- (no CPE)range: < 1.7.3-2.module_el8.10.0+3855+767cb125
- (no CPE)range: < 13.0.3-143.module_el8.10.0+3852+ce828b19
- (no CPE)range: < 1.4.0-143.module_el8.10.0+3852+ce828b19
- (no CPE)range: < 6.3.4.1-143.module_el8.10.0+3852+ce828b19
- (no CPE)range: < 3.2.5-143.module_el8.10.0+3852+ce828b19
- (no CPE)range: < 0.2.9-143.module_el8.10.0+3852+ce828b19
- (no CPE)range: < 3.2.33-143.module_el8.10.0+3852+ce828b19
- (no CPE)range: < 3.2.33-143.module_el8.10.0+3852+ce828b19
- (no CPE)range: < 3.3.7-143.module_el8.10.0+3852+ce828b19
- (no CPE)range: < 0.15.2-143.module_el8.10.0+3852+ce828b19
- (no CPE)range: < 0.3.0-112.module_el8.10.0+3871+342e2c2f
- (no CPE)range: < 2.5.9-112.module_el8.10.0+3871+342e2c2f
- (no CPE)range: < 3.0.7-143.module_el8.10.0+3852+ce828b19
- (no CPE)range: < 0:3.1.5-143.module+el8.10.0+1826+b62220b4
- (no CPE)range: < 0:0.4.0-1.module+el8.10.0+1679+61871737
- (no CPE)range: < 0:0.5.3-3.module+el8.10.0+1744+6c504228
- (no CPE)range: < 0:1.3.2-1.module+el8.10.0+1741+bdb5b6ca
Patches
Vulnerability mechanics
References
19- github.com/advisories/GHSA-592j-995h-p23jghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2024-27281ghsaADVISORY
- github.com/ruby/rdoc/commit/1254b0066f312ddbf7fae7a195e66ce5b3bc6656ghsaWEB
- github.com/ruby/rdoc/commit/32ff6ba0bebd8ea26f569da5fd23be2937f6a644ghsaWEB
- github.com/ruby/rdoc/commit/48617985e9fbc2825219d55f04e3e0e98d2923beghsaWEB
- github.com/ruby/rdoc/commit/811f125a4a0cc968e3eb18e16ea6c1a3b49a11bfghsaWEB
- github.com/ruby/rdoc/commit/a5de13bf0f0c26f8e764e82b5bf4bf8bffc7198eghsaWEB
- github.com/ruby/rdoc/commit/d22ba930f1f611dda531dba04cd3d2531bb3f8a5ghsaWEB
- github.com/ruby/rdoc/commit/da7a0c7553ef7250ca665a3fecdc01dbaacbb43dghsaWEB
- github.com/ruby/rdoc/commit/e4a0e71e6f1032f8b4e5e58b4ef60d702c22ce17ghsaWEB
- github.com/rubysec/ruby-advisory-db/blob/master/gems/rdoc/CVE-2024-27281.ymlghsaWEB
- hackerone.com/reports/1187477nvdWEB
- lists.debian.org/debian-lts-announce/2024/09/msg00000.htmlnvdWEB
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/27LUWREIFTP3MQAW7QE4PJM4DPAQJWXFghsaWEB
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XYDHPHEZI7OQXTQKTDZHGZNPIJH7ZV5NghsaWEB
- www.ruby-lang.org/en/news/2024/03/21/rce-rdoc-cve-2024-27281ghsaWEB
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/27LUWREIFTP3MQAW7QE4PJM4DPAQJWXF/nvd
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XYDHPHEZI7OQXTQKTDZHGZNPIJH7ZV5N/nvd
- www.ruby-lang.org/en/news/2024/03/21/rce-rdoc-cve-2024-27281/nvd
News mentions
0No linked articles in our index yet.