Description
The Basic authentication code in WEBrick library in Ruby before 2.2.8,
2.3.x before 2.3.5, and 2.4.x through 2.4.1 allows remote attackers to
inject terminal emulator escape sequences into its log and possibly execute
arbitrary commands via a crafted user name.
Package
Upstream: | needs-triage
|
Ubuntu 18.04 LTS: | DNE
|
Ubuntu 14.04 ESM: | DNE
(trusty was released [1.9.3.484-2ubuntu1.5])
|
Patches:
Package
Upstream: | needs-triage
|
Ubuntu 18.04 LTS: | DNE
|
Ubuntu 14.04 ESM: | DNE
(trusty was released [2.0.0.484-1ubuntu2.10])
|
Patches:
Package
Upstream: | needs-triage
|
Ubuntu 18.04 LTS: | DNE
|
Ubuntu 16.04 ESM: | released
(2.3.1-2~16.04.5)
|
Ubuntu 14.04 ESM: | DNE
|
Patches:
Updated: 2022-04-13 12:52:05 UTC (commit f411bd370d482ef4385c4e751d121a4055fbc009)