RubyGems version 2.6.12 and earlier is vulnerable to maliciously crafted gem specifications that include terminal escape characters. Printing the gem specification would execute terminal escape sequences.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: hackerone
Published: 2017-08-27T00:00:00
Updated: 2018-07-14T09:57:01
Reserved: 2016-11-30T00:00:00
Link: CVE-2017-0899
JSON object: View
NVD Information
Status : Modified
Published: 2017-08-31T20:29:00.417
Modified: 2019-10-09T23:21:09.713
Link: CVE-2017-0899
JSON object: View
Redhat Information
No data.