GHSA-6x46-7rrv-m4h8

Suggest an improvement
Source
https://github.com/advisories/GHSA-6x46-7rrv-m4h8
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2017/10/GHSA-6x46-7rrv-m4h8/GHSA-6x46-7rrv-m4h8.json
JSON Data
https://api.test.osv.dev/v1/vulns/GHSA-6x46-7rrv-m4h8
Aliases
  • CVE-2011-0995
Published
2017-10-24T18:33:38Z
Modified
2024-11-29T05:40:17.173722Z
Summary
sqlite3-ruby uses weak permissions for unspecified files, which allows local users to gain privileges
Details

The sqlite3-ruby gem in the rubygem-sqlite3 package before 1.2.4-0.5.1 in SUSE Linux Enterprise (SLE) 11 SP1 uses weak permissions for unspecified files, which allows local users to gain privileges via unknown vectors.

Database specific
{
    "nvd_published_at": "2011-05-13T17:05:41Z",
    "cwe_ids": [],
    "severity": "LOW",
    "github_reviewed": true,
    "github_reviewed_at": "2020-06-16T21:20:29Z"
}
References

Affected packages

RubyGems / sqlite3-ruby

Package

Name
sqlite3-ruby
Purl
pkg:gem/sqlite3-ruby

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.2.4

Affected versions

0.*

0.5.0
0.6.0
0.9.0

1.*

1.0.0
1.0.1
1.1.0
1.2.0
1.2.1
1.2.2
1.2.3