CVE-2021-31799
Summary
| CVE | CVE-2021-31799 |
|---|
| State | PUBLIC |
|---|
| Assigner | [email protected] |
|---|
| Source Priority | CVE Program / NVD first with legacy fallback |
|---|
| Published | 2021-07-30 14:15:00 UTC |
|---|
| Updated | 2024-01-05 14:15:00 UTC |
|---|
| Description | In RDoc 3.11 through 6.x before 6.3.1, as distributed with Ruby through 3.0.1, it is possible to execute arbitrary code via | and tags in a filename. |
|---|
NVD Known Affected Configurations (CPE 2.3)
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 159326 Oracle Enterprise Linux Security Update for ruby:2.7 (ELSA-2021-3020)
- 159635 Oracle Enterprise Linux Security Update for ruby:2.6 (ELSA-2022-0543)
- 159682 Oracle Enterprise Linux Security Update for ruby:2.5 (ELSA-2022-0672)
- 159692 Oracle Enterprise Linux Security Update for ruby:2.5 (ELSA-2022-0672-1)
- 178838 Debian Security Update for ruby2.3 (DLA 2780-1)
- 179051 Debian Security Update for ruby2.5 (DSA 5066-1)
- 180013 Debian Security Update for ruby2.7 (CVE-2021-31799)
- 198440 Ubuntu Security Notification for Ruby vulnerabilities (USN-5020-1)
- 239536 Red Hat Update for ruby:2.7 (RHSA-2021:3020)
- 239644 Red Hat Update for rh-ruby27-ruby (RHSA-2021:3559)
- 239651 Red Hat Update for rh-ruby27-ruby (RHSA-2021:3559)
- 239736 Red Hat Update for rh-ruby30-ruby (RHSA-2021:3982)
- 240090 Red Hat Update for ruby:2.6 (RHSA-2022:0544)
- 240092 Red Hat Update for ruby:2.6 (RHSA-2022:0543)
- 240108 Red Hat Update for ruby:2.5 (RHSA-2022:0672)
- 240116 Red Hat Update for rh-ruby26-ruby security (RHSA-2022:0708)
- 240156 Red Hat Update for ruby:2.6 (RHSA-2022:0582)
- 281749 Fedora Security Update for ruby (FEDORA-2021-36cdab1f8d)
- 352363 Amazon Linux Security Advisory for ruby24: ALAS-2021-1506
- 352364 Amazon Linux Security Advisory for ruby20: ALAS-2021-1505
- 356212 Amazon Linux Security Advisory for ruby : ALASRUBY2.6-2023-005
- 356221 Amazon Linux Security Advisory for ruby : ALASRUBY3.0-2023-006
- 377094 Alibaba Cloud Linux Security Update for ruby:2.7 (ALINUX3-SA-2021:0054)
- 500616 Alpine Linux Security Update for ruby
- 504376 Alpine Linux Security Update for ruby
- 670728 EulerOS Security Update for ruby (EulerOS-SA-2021-2486)
- 670835 EulerOS Security Update for ruby (EulerOS-SA-2021-2721)
- 670875 EulerOS Security Update for ruby (EulerOS-SA-2021-2696)
- 671024 EulerOS Security Update for ruby (EulerOS-SA-2021-2673)
- 671272 EulerOS Security Update for ruby (EulerOS-SA-2022-1187)
- 690153 Free Berkeley Software Distribution (FreeBSD) Security Update for rdoc (57027417-ab7f-11eb-9596-080027f515ea)
- 710822 Gentoo Linux RDoc Command Injection Vulnerability (GLSA 202401-05)
- 751413 SUSE Enterprise Linux Security Update for ruby2.5 (SUSE-SU-2021:3838-1)
- 751423 SUSE Enterprise Linux Security Update for ruby2.1 (SUSE-SU-2021:3837-1)
- 751432 OpenSUSE Security Update for ruby2.5 (openSUSE-SU-2021:3838-1)
- 751459 OpenSUSE Security Update for ruby2.5 (openSUSE-SU-2021:1535-1)
- 752103 SUSE Enterprise Linux Security Update for ruby2.5 (SUSE-SU-2022:1512-1)
- 940383 AlmaLinux Security Update for ruby:2.7 (ALSA-2021:3020)
- 940455 AlmaLinux Security Update for ruby:2.6 (ALSA-2022:0543)
- 940459 AlmaLinux Security Update for ruby:2.5 (ALSA-2022:0672)
- 960315 Rocky Linux Security Update for ruby:2.7 (RLSA-2021:3020)
- 960814 Rocky Linux Security Update for ruby:2.6 (RLSA-2022:0543)
- 960817 Rocky Linux Security Update for ruby:2.5 (RLSA-2022:0672)
