CVE-2018-1000077 | Ruby up to 2.2.9/2.3.6/2.4.3/2.5.0 RubyGems URL input validation (RHSA-2018:3729

A vulnerability was found in Ruby up to 2.2.9/2.3.6/2.4.3/2.5.0. It has been classified as critical. Affected is an unknown function of the component RubyGems. The manipulation leads to improper input validation (URL).

This vulnerability is traded as CVE-2018-1000077. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

Source link