Vulnerability CVE-2021-31799

Vulnerability Name:

CVE-2021-31799 (CCN-206487)

Assigned:

2021-05-02

Published:

2021-05-02

Updated:

2022-06-28

Summary:

In RDoc 3.11 through 6.x before 6.3.1, as distributed with Ruby through 3.0.1, it is possible to execute arbitrary code via | and tags in a filename.

CVSS v3 Severity:

7.0 High (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H)
6.1 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): High Privileges Required (PR): Low User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

9.8 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
8.5 High (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

7.0 High (REDHAT CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H)
6.1 Medium (REDHAT Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): High Privileges Required (PR): Low User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

CVSS v2 Severity:

4.4 Medium (CVSS v2 Vector: AV:L/AC:M/Au:N/C:P/I:P/A:P)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

10.0 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

Vulnerability Type:

CWE-78
CWE-77

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2021-31799

Source: XF
Type: UNKNOWN
rubygem-cve202131799-cmd-exec(206487)

Source: MLIST
Type: Third Party Advisory
[debian-lts-announce] 20211013 [SECURITY] [DLA 2780-1] ruby2.3 security update

Source: MISC
Type: Third Party Advisory
https://security-tracker.debian.org/tracker/CVE-2021-31799

Source: CONFIRM
Type: Third Party Advisory
https://security.netapp.com/advisory/ntap-20210902-0004/

Source: MISC
Type: Patch, Third Party Advisory
https://www.oracle.com/security-alerts/cpuapr2022.html

Source: CCN
Type: Ruby Web site
CVE-2021-31799: A command injection vulnerability in RDoc

Source: MISC
Type: Patch, Vendor Advisory
https://www.ruby-lang.org/en/news/2021/05/02/os-command-injection-in-rdoc/

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2021-31799

Vulnerable Configuration:

Configuration 1:

cpe:/o:debian:debian_linux:9.0:*:*:*:*:*:*:*

OR cpe:/o:debian:debian_linux:10.0:*:*:*:*:*:*:*

Configuration 2:

cpe:/a:ruby-lang:rdoc:*:*:*:*:*:ruby:*:* (Version >= 3.11 and < 6.3.1)

AND

cpe:/a:ruby-lang:ruby:*:*:*:*:*:*:*:* (Version <= 3.0.1)

Configuration 3:

cpe:/a:oracle:jd_edwards_enterpriseone_tools:*:*:*:*:*:*:*:* (Version < 9.2.6.1)

Configuration RedHat 1:

cpe:/a:redhat:enterprise_linux:8:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/a:redhat:enterprise_linux:8::appstream:*:*:*:*:*

Configuration CCN 1:

cpe:/a:ruby-lang:rdoc:3.11:*:*:*:*:ruby:*:*

OR cpe:/a:ruby-lang:rdoc:6.3.0:*:*:*:*:ruby:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:7660	P	libruby2_5-2_5-2.5.9-150000.4.26.1 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:51988	P	Security update for python-py (Moderate)	2023-01-26
oval:org.opensuse.security:def:3070	P	freeradius-server-3.0.19-1.48 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3532	P	java-1_7_0-openjdk-1.7.0.231-43.27.2 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3715	P	libzypp-16.20.0-2.39.4 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:94644	P	libinput-devel-1.19.4-150400.1.8 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:94700	P	libruby2_5-2_5-2.5.9-150000.4.23.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:94018	P	(Important)	2022-05-03
oval:org.opensuse.security:def:119196	P	Security update for ruby2.5 (Important)	2022-05-03
oval:org.opensuse.security:def:94439	P	(Important)	2022-05-03
oval:org.opensuse.security:def:93132	P	(Important)	2022-05-03
oval:org.opensuse.security:def:118699	P	Security update for ruby2.5 (Important)	2022-05-03
oval:org.opensuse.security:def:93450	P	(Important)	2022-05-03
oval:org.opensuse.security:def:119386	P	Security update for ruby2.5 (Important)	2022-05-03
oval:org.opensuse.security:def:93804	P	(Important)	2022-05-03
oval:org.opensuse.security:def:118889	P	Security update for ruby2.5 (Important)	2022-05-03
oval:org.opensuse.security:def:94230	P	(Important)	2022-05-03
oval:org.opensuse.security:def:42180	P	Security update for ruby2.5 (Important)	2022-05-03
oval:org.opensuse.security:def:119571	P	Security update for ruby2.5 (Important)	2022-05-03
oval:org.opensuse.security:def:93292	P	(Important)	2022-05-03
oval:org.opensuse.security:def:878	P	Security update for ruby2.5 (Important)	2022-05-03
oval:org.opensuse.security:def:467	P	Security update for ruby2.5 (Important)	2022-05-03
oval:org.opensuse.security:def:119086	P	Security update for ruby2.5 (Important)	2022-05-03
oval:org.opensuse.security:def:93604	P	(Important)	2022-05-03
oval:org.opensuse.security:def:101624	P	Security update for ruby2.5 (Important) (in QA)	2022-04-21
oval:org.opensuse.security:def:99766	P	(Moderate)	2022-03-24
oval:com.redhat.rhsa:def:20220672	P	RHSA-2022:0672: ruby:2.5 security update (Moderate)	2022-02-24
oval:com.redhat.rhsa:def:20220543	P	RHSA-2022:0543: ruby:2.6 security update (Important)	2022-02-16
oval:org.opensuse.security:def:112818	P	libruby3_0-3_0-3.0.2-1.1 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:112815	P	libruby2_7-2_7-2.7.4-1.1 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:100077	P	(Moderate)	2022-01-11
oval:org.opensuse.security:def:99173	P	(Moderate)	2021-12-16
oval:org.opensuse.security:def:111147	P	Security update for ruby2.5 (Important)	2021-12-06
oval:org.opensuse.security:def:32229	P	Security update for ruby2.1 (Important)	2021-12-01
oval:org.opensuse.security:def:60422	P	Security update for ruby2.1 (Important)	2021-12-01
oval:org.opensuse.security:def:99368	P	Security update for ruby2.5 (Important)	2021-12-01
oval:org.opensuse.security:def:24000	P	Security update for ruby2.1 (Important)	2021-12-01
oval:org.opensuse.security:def:56098	P	Security update for ruby2.1 (Important)	2021-12-01
oval:org.opensuse.security:def:87515	P	Security update for ruby2.1 (Important)	2021-12-01
oval:org.opensuse.security:def:93430	P	(Important)	2021-12-01
oval:org.opensuse.security:def:106058	P	Security update for ruby2.5 (Important)	2021-12-01
oval:org.opensuse.security:def:73926	P	Security update for ruby2.5 (Important)	2021-12-01
oval:org.opensuse.security:def:83362	P	Security update for ruby2.1 (Important)	2021-12-01
oval:org.opensuse.security:def:9062	P	Security update for ruby2.5 (Important)	2021-12-01
oval:org.opensuse.security:def:92223	P	Security update for ruby2.5 (Important)	2021-12-01
oval:org.opensuse.security:def:100020	P	(Important)	2021-12-01
oval:org.opensuse.security:def:34599	P	Security update for ruby2.1 (Important)	2021-12-01
oval:org.opensuse.security:def:67332	P	Security update for ruby2.5 (Important)	2021-12-01
oval:org.opensuse.security:def:101357	P	Security update for ruby2.5 (Important)	2021-12-01
oval:org.opensuse.security:def:30275	P	Security update for ruby2.1 (Important)	2021-12-01
oval:org.opensuse.security:def:58874	P	Security update for ruby2.1 (Important)	2021-12-01
oval:org.opensuse.security:def:89482	P	Security update for ruby2.1 (Important)	2021-12-01
oval:org.opensuse.security:def:93774	P	(Important)	2021-12-01
oval:org.opensuse.security:def:108023	P	Security update for ruby2.5 (Important)	2021-12-01
oval:org.opensuse.security:def:85777	P	Security update for ruby2.1 (Important)	2021-12-01
oval:org.opensuse.security:def:10177	P	Security update for ruby2.5 (Important)	2021-12-01
oval:org.opensuse.security:def:126800	P	Security update for ruby2.1 (Important)	2021-12-01
oval:org.opensuse.security:def:6243	P	Security update for ruby2.5 (Important)	2021-12-01
oval:org.opensuse.security:def:70317	P	Security update for ruby2.5 (Important)	2021-12-01
oval:org.opensuse.security:def:99162	P	(Important)	2021-12-01
oval:org.opensuse.security:def:33051	P	Security update for ruby2.1 (Important)	2021-12-01
oval:org.opensuse.security:def:64621	P	Security update for ruby2.5 (Important)	2021-12-01
oval:org.opensuse.security:def:99567	P	Security update for ruby2.5 (Important)	2021-12-01
oval:org.opensuse.security:def:94200	P	(Important)	2021-12-01
oval:org.opensuse.security:def:26173	P	Security update for ruby2.1 (Important)	2021-12-01
oval:org.opensuse.security:def:57136	P	Security update for ruby2.1 (Important)	2021-12-01
oval:org.opensuse.security:def:88224	P	Security update for ruby2.1 (Important)	2021-12-01
oval:org.opensuse.security:def:106257	P	Security update for ruby2.5 (Important)	2021-12-01
oval:org.opensuse.security:def:76060	P	Security update for ruby2.5 (Important)	2021-12-01
oval:org.opensuse.security:def:83482	P	Security update for ruby2.1 (Important)	2021-12-01
oval:org.opensuse.security:def:42142	P	Security update for ruby2.5 (Important)	2021-12-01
oval:org.opensuse.security:def:9423	P	Security update for ruby2.5 (Important)	2021-12-01
oval:org.opensuse.security:def:92418	P	Security update for ruby2.5 (Important)	2021-12-01
oval:org.opensuse.security:def:100356	P	(Important)	2021-12-01
oval:org.opensuse.security:def:69563	P	Security update for ruby2.5 (Important)	2021-12-01
oval:org.opensuse.security:def:102164	P	Security update for ruby2.5 (Important)	2021-12-01
oval:org.opensuse.security:def:31313	P	Security update for ruby2.1 (Important)	2021-12-01
oval:org.opensuse.security:def:59569	P	Security update for ruby2.1 (Important)	2021-12-01
oval:org.opensuse.security:def:98978	P	Security update for ruby2.5 (Important)	2021-12-01
oval:org.opensuse.security:def:108830	P	Security update for ruby2.5 (Important)	2021-12-01
oval:org.opensuse.security:def:55276	P	Security update for ruby2.1 (Important)	2021-12-01
oval:org.opensuse.security:def:86175	P	Security update for ruby2.1 (Important)	2021-12-01
oval:org.opensuse.security:def:93272	P	(Important)	2021-12-01
oval:org.opensuse.security:def:105668	P	Security update for ruby2.5 (Important)	2021-12-01
oval:org.opensuse.security:def:10368	P	Security update for ruby2.5 (Important)	2021-12-01
oval:org.opensuse.security:def:95451	P	Security update for ruby2.5 (Important)	2021-12-01
oval:org.opensuse.security:def:814	P	Security update for ruby2.5 (Important)	2021-12-01
oval:org.opensuse.security:def:127197	P	Security update for ruby2.1 (Important)	2021-12-01
oval:org.opensuse.security:def:8676	P	Security update for ruby2.5 (Important)	2021-12-01
oval:org.opensuse.security:def:70508	P	Security update for ruby2.5 (Important)	2021-12-01
oval:org.opensuse.security:def:99434	P	(Important)	2021-12-01
oval:org.opensuse.security:def:33746	P	Security update for ruby2.1 (Important)	2021-12-01
oval:org.opensuse.security:def:64804	P	Security update for ruby2.5 (Important)	2021-12-01
oval:org.opensuse.security:def:29453	P	Security update for ruby2.1 (Important)	2021-12-01
oval:org.opensuse.security:def:57534	P	Security update for ruby2.1 (Important)	2021-12-01
oval:org.opensuse.security:def:88541	P	Security update for ruby2.1 (Important)	2021-12-01
oval:org.opensuse.security:def:93586	P	(Important)	2021-12-01
oval:org.opensuse.security:def:106456	P	Security update for ruby2.5 (Important)	2021-12-01
oval:org.opensuse.security:def:76400	P	Security update for ruby2.5 (Important)	2021-12-01
oval:org.opensuse.security:def:84243	P	Security update for ruby2.1 (Important)	2021-12-01
oval:org.opensuse.security:def:111804	P	Security update for ruby2.5 (Important)	2021-12-01
oval:org.opensuse.security:def:9618	P	Security update for ruby2.5 (Important)	2021-12-01
oval:org.opensuse.security:def:92617	P	Security update for ruby2.5 (Important)	2021-12-01
oval:org.opensuse.security:def:100685	P	(Important)	2021-12-01
oval:org.opensuse.security:def:69758	P	Security update for ruby2.5 (Important)	2021-12-01
oval:org.opensuse.security:def:5160	P	Security update for ruby2.1 (Important)	2021-12-01
oval:org.opensuse.security:def:31711	P	Security update for ruby2.1 (Important)	2021-12-01
oval:org.opensuse.security:def:59827	P	Security update for ruby2.1 (Important)	2021-12-01
oval:org.opensuse.security:def:93988	P	(Important)	2021-12-01
oval:org.opensuse.security:def:23715	P	Security update for ruby2.1 (Important)	2021-12-01
oval:org.opensuse.security:def:55978	P	Security update for ruby2.1 (Important)	2021-12-01
oval:org.opensuse.security:def:86693	P	Security update for ruby2.1 (Important)	2021-12-01
oval:org.opensuse.security:def:105863	P	Security update for ruby2.5 (Important)	2021-12-01
oval:org.opensuse.security:def:73743	P	Security update for ruby2.5 (Important)	2021-12-01
oval:org.opensuse.security:def:82660	P	Security update for ruby2.1 (Important)	2021-12-01
oval:org.opensuse.security:def:8867	P	Security update for ruby2.5 (Important)	2021-12-01
oval:org.opensuse.security:def:92028	P	Security update for ruby2.5 (Important)	2021-12-01
oval:org.opensuse.security:def:99697	P	(Important)	2021-12-01
oval:org.opensuse.security:def:34004	P	Security update for ruby2.1 (Important)	2021-12-01
oval:org.opensuse.security:def:66992	P	Security update for ruby2.5 (Important)	2021-12-01
oval:org.opensuse.security:def:94411	P	(Important)	2021-12-01
oval:org.opensuse.security:def:30155	P	Security update for ruby2.1 (Important)	2021-12-01
oval:org.opensuse.security:def:58052	P	Security update for ruby2.1 (Important)	2021-12-01
oval:org.opensuse.security:def:89224	P	Security update for ruby2.1 (Important)	2021-12-01
oval:org.opensuse.security:def:106743	P	Security update for ruby2.5 (Important)	2021-12-01
oval:org.opensuse.security:def:51703	P	Security update for ruby2.1 (Important)	2021-12-01
oval:org.opensuse.security:def:84701	P	Security update for ruby2.1 (Important)	2021-12-01
oval:org.opensuse.security:def:93112	P	(Important)	2021-12-01
oval:org.opensuse.security:def:9817	P	Security update for ruby2.5 (Important)	2021-12-01
oval:org.opensuse.security:def:92816	P	Security update for ruby2.5 (Important)	2021-12-01
oval:org.opensuse.security:def:101545	P	Security update for ruby2.5 (Important)	2021-12-01
oval:org.opensuse.security:def:125633	P	Security update for ruby2.1 (Important)	2021-12-01
oval:org.opensuse.security:def:5903	P	Security update for ruby2.5 (Important)	2021-12-01
oval:org.opensuse.security:def:69957	P	Security update for ruby2.5 (Important)	2021-12-01
oval:org.opensuse.security:def:117537	P	Security update for ruby2.5 (Important)	2021-12-01
oval:com.redhat.rhsa:def:20213020	P	RHSA-2021:3020: ruby:2.7 security update (Important)	2021-08-05

BACK