Rubygem Safemode
Approved changes feed: RSS · Atom
cpe:2.3:a:red_hat,_inc.:rubygem-safemode:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Red Hat, Inc. (955c0640-1cfb-5fef-a58d-675724883b3d) |
|---|---|
| Product | Rubygem Safemode (b495cb7b-e9f3-57e7-95f5-4e9afb3286a2) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2017-7540 |
vulnerable | 2026-06-03 14:37:32.440190 |
Details available
rubygem-safemode, as used in Foreman, versions 1.3.2 and earlier are vulnerable to bypassing safe mode limitations via special Ruby syntax. This can lead to deletion of objects for which the user does not have delete permissions or possibly to privilege escalation.
Published: 2017-07-21T22:00:00.000Z
Updated: 2024-08-05T16:04:11.899Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.