Mageia: 2019-0062 Moderate: Jruby Critical Security Advisory
mageia
February 13, 2019
Several vulnerabilities were discovered in jruby
Summary
Several vulnerabilities were discovered in jruby. They would allow an
attacker to use specially crafted gem files to mount cross-site scripting
attacks, cause denial of service through an infinite loop, write arbitrary
files, or run malicious code (CVE-2018-1000073, CVE-2018-1000074,
CVE-2018-1000075, CVE-2018-1000076, CVE-2018-1000077, CVE-2018-1000078,
CVE-2018-1000079).
References
- https://bugs.mageia.org/show_bug.cgi?id=23158
- https://lists.debian.org/debian-security-announce/2018/msg00148.html
- https://www.cve.org/CVERecord?id=CVE-2018-1000073
- https://www.cve.org/CVERecord?id=CVE-2018-1000074
- https://www.cve.org/CVERecord?id=CVE-2018-1000075
- https://www.cve.org/CVERecord?id=CVE-2018-1000076
- https://www.cve.org/CVERecord?id=CVE-2018-1000077
- https://www.cve.org/CVERecord?id=CVE-2018-1000078
- https://www.cve.org/CVERecord?id=CVE-2018-1000079
Topics Covered
Resolution
SRPMS
- 6/core/jruby-1.7.22-5.1.mga6
PREVIOUS
NEXT
Publication date: 13 Feb 2019
URL: https://advisories.mageia.org/MGASA-2019-0062.html
Type: security
CVE: CVE-2018-1000073,
CVE-2018-1000074,
CVE-2018-1000075,
CVE-2018-1000076,
CVE-2018-1000077,
CVE-2018-1000078,
CVE-2018-1000079
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!