Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5
CVSSv2

CVE-2011-2686

Published: 05/08/2011 Updated: 07/11/2023
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Subscribe to Ruby-lang

Vulnerability Summary

Ruby prior to 1.8.7-p352 does not reset the random seed upon forking, which makes it easier for context-dependent malicious users to predict the values of random numbers by leveraging knowledge of the number sequence obtained in a different child process, a related issue to CVE-2003-0900. NOTE: this issue exists because of a regression during Ruby 1.8.6 development.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

ruby-lang ruby 1.8.7-302

ruby-lang ruby 1.8.7-249

ruby-lang ruby 1.8.7-299

ruby-lang ruby

ruby-lang ruby 1.8.7

ruby-lang ruby 1.8.7-330

ruby-lang ruby 1.8.7-160

ruby-lang ruby 1.8.7-173

ruby-lang ruby 1.8.7-p21

ruby-lang ruby 1.8.7-248

Vendor Advisories

Ubuntu Security Notice: ruby1.8 vulnerabilities
Several security issues were fixed in ruby18 ...
Red Hat: Low: ruby security, bug fix, and enhancement update
Synopsis Low: ruby security, bug fix, and enhancement update Type/Severity Security Advisory: Low Topic Updated ruby packages that fix two security issues, various bugs, and addone enhancement are now available for Red Hat Enterprise Linux 6The Red Hat Security Response Team has rated this update as having ...
Red Hat: Moderate: ruby security update
Synopsis Moderate: ruby security update Type/Severity Security Advisory: Moderate Topic Updated ruby packages that fix two security issues are now available forRed Hat Enterprise Linux 4 and 5The Red Hat Security Response Team has rated this update as having moderatesecurity impact Common Vulnerability Sc ...

References

CWE-310https://bugzilla.redhat.com/show_bug.cgi?id=722415http://lists.fedoraproject.org/pipermail/package-announce/2011-July/063062.htmlhttp://www.openwall.com/lists/oss-security/2011/07/11/1http://svn.ruby-lang.org/repos/ruby/tags/v1_8_7_352/ChangeLoghttp://www.openwall.com/lists/oss-security/2011/07/20/16http://www.openwall.com/lists/oss-security/2011/07/12/14http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=31713http://www.ruby-lang.org/en/news/2011/07/02/ruby-1-8-7-p352-released/http://www.securityfocus.com/bid/49015http://www.openwall.com/lists/oss-security/2011/07/20/1http://redmine.ruby-lang.org/issues/show/4338http://lists.fedoraproject.org/pipermail/package-announce/2011-July/063071.htmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/69032https://usn.ubuntu.com/1377-1/https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671unauthorizedCVE-2024-4776CVE-2024-3407CVE-2024-26026CVE-2024-32888wirelessCVE-2024-4656template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook