|Description||In RDoc 3.11 through 6.x before 6.3.1, as distributed with Ruby through 3.0.1, it is possible to execute arbitrary code via | and tags in a filename.|
|Source||CVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub advisories/code/issues, web search, more)|
Vulnerable and fixed packages
The table below lists information on source packages.
|ruby2.5 (PTS)||buster, buster (security)||2.5.5-3+deb10u4||fixed|
|ruby2.7 (PTS)||bullseye (security), bullseye||2.7.4-1+deb11u1||fixed|
The information below is based on the following data on fixed versions.
Introduced in (rdoc): https://github.com/ruby/rdoc/commit/4a8b7bed7cd5647db92c620bc6f33e4c309d2212 (v3.11)
Fixed in (rdoc): https://github.com/ruby/rdoc/commit/a7f5d6ab88632b3b482fe10611382ff73d14eed7 (v6.3.1)