cpe:/a:rubygems:rubygems:2.0.0 cpe:/a:rubygems:rubygems:2.0.0:preview2 cpe:/a:rubygems:rubygems:2.0.0:preview2.1 cpe:/a:rubygems:rubygems:2.0.0:preview2.2 cpe:/a:rubygems:rubygems:2.0.0:rc1 cpe:/a:rubygems:rubygems:2.0.0:rc2 cpe:/a:rubygems:rubygems:2.0.1 cpe:/a:rubygems:rubygems:2.0.2 cpe:/a:rubygems:rubygems:2.0.3 cpe:/a:rubygems:rubygems:2.0.4 cpe:/a:rubygems:rubygems:2.0.5 cpe:/a:rubygems:rubygems:2.0.6 cpe:/a:rubygems:rubygems:2.0.7 cpe:/a:rubygems:rubygems:2.0.8 cpe:/a:rubygems:rubygems:2.0.9 cpe:/a:rubygems:rubygems:2.0.10 cpe:/a:rubygems:rubygems:2.0.11 cpe:/a:rubygems:rubygems:2.0.12 cpe:/a:rubygems:rubygems:2.0.13 cpe:/a:rubygems:rubygems:2.0.14 cpe:/a:rubygems:rubygems:2.0.15 cpe:/a:rubygems:rubygems:2.0.16 cpe:/a:rubygems:rubygems:2.0.17 cpe:/a:rubygems:rubygems:2.1.0 cpe:/a:rubygems:rubygems:2.1.0.rc.1 cpe:/a:rubygems:rubygems:2.1.0.rc.2 cpe:/a:rubygems:rubygems:2.1.1 cpe:/a:rubygems:rubygems:2.1.2 cpe:/a:rubygems:rubygems:2.1.3 cpe:/a:rubygems:rubygems:2.1.4 cpe:/a:rubygems:rubygems:2.1.5 cpe:/a:rubygems:rubygems:2.1.6 cpe:/a:rubygems:rubygems:2.1.7 cpe:/a:rubygems:rubygems:2.1.8 cpe:/a:rubygems:rubygems:2.1.9 cpe:/a:rubygems:rubygems:2.1.10 cpe:/a:rubygems:rubygems:2.1.11 cpe:/a:rubygems:rubygems:2.2.0 cpe:/a:rubygems:rubygems:2.2.0.preiew.1 cpe:/a:rubygems:rubygems:2.2.0.rc.1 cpe:/a:rubygems:rubygems:2.2.1 cpe:/a:rubygems:rubygems:2.2.2 cpe:/a:rubygems:rubygems:2.2.3 cpe:/a:rubygems:rubygems:2.2.4 cpe:/a:rubygems:rubygems:2.2.5 cpe:/a:rubygems:rubygems:2.3.0 cpe:/a:rubygems:rubygems:2.4.0 cpe:/a:rubygems:rubygems:2.4.1 cpe:/a:rubygems:rubygems:2.4.2 cpe:/a:rubygems:rubygems:2.4.3 cpe:/a:rubygems:rubygems:2.4.4 cpe:/a:rubygems:rubygems:2.4.5 cpe:/a:rubygems:rubygems:2.4.6 cpe:/a:rubygems:rubygems:2.4.7 cpe:/a:rubygems:rubygems:2.4.8 cpe:/a:rubygems:rubygems:2.5.0 cpe:/a:rubygems:rubygems:2.5.1 cpe:/a:rubygems:rubygems:2.5.2 cpe:/a:rubygems:rubygems:2.6.0 cpe:/a:rubygems:rubygems:2.6.1 cpe:/a:rubygems:rubygems:2.6.2 cpe:/a:rubygems:rubygems:2.6.3 cpe:/a:rubygems:rubygems:2.6.4 cpe:/a:rubygems:rubygems:2.6.5 cpe:/a:rubygems:rubygems:2.6.6 cpe:/a:rubygems:rubygems:2.6.7 cpe:/a:rubygems:rubygems:2.6.8 cpe:/a:rubygems:rubygems:2.6.9 cpe:/a:rubygems:rubygems:2.6.10 cpe:/a:rubygems:rubygems:2.6.11 cpe:/a:rubygems:rubygems:2.6.12 cpe:/a:rubygems:rubygems:2.6.13 cpe:/o:canonical:ubuntu_linux:14.04::~~lts~~~ cpe:/o:canonical:ubuntu_linux:16.04::~~lts~~~ cpe:/o:canonical:ubuntu_linux:17.10 cpe:/o:debian:debian_linux:8.0 cpe:/o:debian:debian_linux:9.0 cpe:/o:redhat:enterprise_linux_desktop:7.0 cpe:/o:redhat:enterprise_linux_server:7.0 cpe:/o:redhat:enterprise_linux_server_aus:7.4 cpe:/o:redhat:enterprise_linux_server_aus:7.6 cpe:/o:redhat:enterprise_linux_server_eus:7.4 cpe:/o:redhat:enterprise_linux_server_eus:7.5 cpe:/o:redhat:enterprise_linux_server_eus:7.6 cpe:/o:redhat:enterprise_linux_server_tus:7.4 cpe:/o:redhat:enterprise_linux_server_tus:7.6 cpe:/o:redhat:enterprise_linux_workstation:7.0 CVE-2017-0903 2017-10-11T14:29:00.583-04:00 2019-10-09T19:21:10.290-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov BID 101275 DEBIAN DSA-4031 REDHAT RHSA-2017:3485 REDHAT RHSA-2018:0378 REDHAT RHSA-2018:0583 REDHAT RHSA-2018:0585 UBUNTU USN-3553-1 UBUNTU USN-3685-1 MLIST [debian-lts-announce] 20180714 [SECURITY] [DLA 1421-1] ruby2.1 security update MISC http://blog.rubygems.org/2017/10/09/2.6.14-released.html MISC http://blog.rubygems.org/2017/10/09/unsafe-object-deserialization-vulnerability.html MISC https://github.com/rubygems/rubygems/commit/510b1638ac9bba3ceb7a5d73135dafff9e5bab49 MISC https://hackerone.com/reports/274990 RubyGems versions between 2.0.0 and 2.6.13 are vulnerable to a possible remote code execution vulnerability. YAML deserialization of gem specifications can bypass class white lists. Specially crafted serialized objects can possibly be used to escalate to remote code execution.