CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2019-17383

The netaddr gem before 2.0.4 for Ruby has misconfigured file permissions, such that a gem install may result in 0777 permissions in the target filesystem.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 53.6%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

https://github.com/dspinhirne/netaddr-rb/commit/3aac46c00a36e71905eaa619cb94d45bff6e3b51
https://rubygems.org/gems/netaddr/versions
https://github.com/dspinhirne/netaddr-rb/commit/3aac46c00a36e71905eaa619cb94d45bff6e3b51
https://rubygems.org/gems/netaddr/versions

Products affected by CVE-2019-17383

Netaddr Project » Netaddr » Version: 1.5.0

cpe:2.3:a:netaddr_project:netaddr:1.5.0
Netaddr Project » Netaddr » Version: 1.5.1

cpe:2.3:a:netaddr_project:netaddr:1.5.1
Netaddr Project » Netaddr » Version: 2.0

cpe:2.3:a:netaddr_project:netaddr:2.0
Netaddr Project » Netaddr » Version: 2.0.1

cpe:2.3:a:netaddr_project:netaddr:2.0.1
Netaddr Project » Netaddr » Version: 2.0.2

cpe:2.3:a:netaddr_project:netaddr:2.0.2
Netaddr Project » Netaddr » Version: 2.0.3

cpe:2.3:a:netaddr_project:netaddr:2.0.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-17383

Products

Pricing

Contact Us