{"id":"CVE-2018-1000074","details":"RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 series: 2.4.3 and earlier, Ruby 2.5 series: 2.5.0 and earlier, prior to trunk revision 62422 contains a Deserialization of Untrusted Data vulnerability in owner command that can result in code execution. This attack appear to be exploitable via victim must run the `gem owner` command on a gem with a specially crafted YAML file. This vulnerability appears to have been fixed in 2.7.6.","aliases":["GHSA-qj2w-mw2r-pv39"],"modified":"2026-04-10T04:03:18.150441Z","published":"2018-03-13T15:29:00.487Z","related":["MGASA-2019-0062","MGASA-2020-0243","SUSE-SU-2019:1804-1","SUSE-SU-2020:1570-1","openSUSE-SU-2019:1771-1"],"references":[{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2018/08/msg00028.html"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2019/05/msg00028.html"},{"type":"WEB","url":"https://usn.ubuntu.com/3685-1/"},{"type":"WEB","url":"http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00036.html"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2018/04/msg00017.html"},{"type":"WEB","url":"https://usn.ubuntu.com/3621-2/"},{"type":"WEB","url":"https://usn.ubuntu.com/3621-1/"},{"type":"ADVISORY","url":"https://www.debian.org/security/2018/dsa-4219"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2018:3729"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2018:3731"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2020:0542"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2020:0591"},{"type":"ADVISORY","url":"https://www.debian.org/security/2018/dsa-4259"},{"type":"ADVISORY","url":"http://blog.rubygems.org/2018/02/15/2.7.6-released.html"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2018:3730"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2019:2028"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2020:0663"},{"type":"FIX","url":"https://github.com/rubygems/rubygems/commit/254e3d0ee873c008c0b74e8b8abcbdab4caa0a6d"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/ruby/rubygems","events":[{"introduced":"0"},{"fixed":"254e3d0ee873c008c0b74e8b8abcbdab4caa0a6d"}]},{"type":"GIT","repo":"https://github.com/rubygems/rubygems","events":[{"introduced":"0"},{"last_affected":"30e740c073e954474b08aa05aaa951e9bb74791c"},{"introduced":"0"},{"last_affected":"056f64c33a4f3783290b7c9c09d387213caf3c3d"},{"introduced":"0"},{"last_affected":"744e413f556ead46aabc659408a99a4c318b6549"},{"introduced":"0"},{"last_affected":"b6f3b5fac7ec01e5dcc57d6768a7e9b456feaea8"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"2.2.9"},{"introduced":"0"},{"last_affected":"2.3.6"},{"introduced":"0"},{"last_affected":"2.4.3"},{"introduced":"0"},{"last_affected":"2.5.0"}]}}],"versions":["bundler-v2.2.0","bundler-v2.2.0.rc.1","bundler-v2.2.0.rc.2","bundler-v2.2.1","bundler-v2.2.2","bundler-v2.2.3","bundler-v2.2.4","bundler-v2.2.5","bundler-v2.2.6","bundler-v2.2.7","bundler-v2.2.8","bundler-v2.2.9","bundler-v2.3.0","bundler-v2.3.1","bundler-v2.3.2","bundler-v2.3.3","bundler-v2.3.4","bundler-v2.3.5","bundler-v2.3.6","v1.5.0","v1.5.1","v1.5.2","v1.6.0","v1.6.1","v1.6.2","v1.7.0","v1.7.1","v1.8.0","v1.8.1","v1.8.2","v2.0.0","v2.0.0.preview2","v2.0.0.preview2.1","v2.0.0.preview2.2","v2.0.0.rc.1","v2.0.0.rc.2","v2.0.1","v2.0.2","v2.0.3","v2.1.0","v2.1.0.rc.1","v2.1.0.rc.2","v2.1.1","v2.1.2","v2.1.3","v2.2.0.preview.1","v2.2.0.rc.1","v2.2.1","v2.3.0","v2.4.0","v2.4.1","v2.4.2","v2.4.3","v2.4.4","v2.4.5","v2.4.6","v2.5.0","v2.5.1","v2.5.2","v2.6.0","v2.6.1","v2.6.2","v2.6.3","v2.6.4","v2.6.5","v2.6.6","v2.7.0","v2.7.1","v2.7.2","v2.7.3","v2.7.4","v2.7.5","v3.0.0","v3.0.0.beta1","v3.0.0.beta3","v3.1.0.pre1","v3.2.0","v3.2.0.rc.1","v3.2.1","v3.2.2","v3.2.3","v3.2.4","v3.2.5","v3.2.6","v3.2.7","v3.2.8","v3.2.9","v3.3.0","v3.3.1","v3.3.2","v3.3.3","v3.3.4","v3.3.5","v3.3.6"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-1000074.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}]}