CVE-2021-31799

In RDoc 3.11 through 6.x before 6.3.1, as distributed with Ruby through 3.0.1, it is possible to execute arbitrary code via | and tags in a filename.
OS Command Injection
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7 HIGH
LOCAL
HIGH
LOW
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 71%
Affected Products (NVD)
VendorProductVersion
debiandebian_linux
9.0
debiandebian_linux
10.0
ruby-langrdoc
3.11 ≤
𝑥
< 6.3.1
oraclejd_edwards_enterpriseone_tools
𝑥
< 9.2.6.1
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
ruby2.7
bullseye
2.7.4-1+deb11u1
fixed
bullseye (security)
2.7.4-1+deb11u2
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
ruby1.9.1
bionic
dne
focal
dne
groovy
dne
hirsute
dne
impish
dne
jammy
dne
trusty
dne
xenial
dne
ruby2.0
bionic
dne
focal
dne
groovy
dne
hirsute
dne
impish
dne
jammy
dne
trusty
dne
xenial
dne
ruby2.3
bionic
dne
focal
dne
groovy
dne
hirsute
dne
impish
dne
jammy
dne
trusty
dne
xenial
Fixed 2.3.1-2~ubuntu16.04.16+esm1
released
ruby2.5
bionic
Fixed 2.5.1-1ubuntu1.10
released
focal
dne
groovy
dne
hirsute
dne
impish
dne
jammy
dne
trusty
dne
xenial
dne
ruby2.7
bionic
dne
focal
Fixed 2.7.0-5ubuntu1.5
released
groovy
Fixed 2.7.1-3ubuntu1.4
released
hirsute
Fixed 2.7.2-4ubuntu1.2
released
impish
Fixed 2.7.4-1ubuntu1
released
trusty
dne
xenial
dne
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
libruby2_1-2_1
suse enterprise sap 12 SP3
2.1.9-19.6.1
fixed
suse enterprise sap 12 SP4
2.1.9-19.6.1
fixed
suse enterprise sap 12 SP5
2.1.9-19.6.1
fixed
suse enterprise server 12 SP2
2.1.9-19.6.1
fixed
suse enterprise server 12 SP3
2.1.9-19.6.1
fixed
suse enterprise server 12 SP4
2.1.9-19.6.1
fixed
suse enterprise server 12 SP5
2.1.9-19.6.1
fixed
libruby2_5-2_5
suse enterprise desktop 15 SP2
2.5.9-4.20.1
fixed
suse enterprise desktop 15 SP3
2.5.9-150000.4.23.1
fixed
suse enterprise desktop 15 SP4
2.5.9-4.20.1
fixed
suse enterprise desktop 15 SP5
2.5.9-4.20.1
fixed
suse enterprise desktop 15 SP6
2.5.9-4.20.1
fixed
suse enterprise desktop 15 SP7
2.5.9-150700.22.16
fixed
suse enterprise sap 15
2.5.9-150000.4.23.1
fixed
suse enterprise sap 15 SP1
2.5.9-150000.4.23.1
fixed
suse enterprise sap 15 SP2
2.5.9-150000.4.23.1
fixed
suse enterprise sap 15 SP3
2.5.9-150000.4.23.1
fixed
suse enterprise sap 15 SP4
2.5.9-4.20.1
fixed
suse enterprise sap 15 SP5
2.5.9-4.20.1
fixed
suse enterprise sap 15 SP6
2.5.9-4.20.1
fixed
suse enterprise sap 15 SP7
2.5.9-150700.22.16
fixed
suse enterprise server 15
2.5.9-150000.4.23.1
fixed
suse enterprise server 15 SP1
2.5.9-150000.4.23.1
fixed
suse enterprise server 15 SP2
2.5.9-150000.4.23.1
fixed
suse enterprise server 15 SP3
2.5.9-150000.4.23.1
fixed
suse enterprise server 15 SP4
2.5.9-4.20.1
fixed
suse enterprise server 15 SP5
2.5.9-4.20.1
fixed
suse enterprise server 15 SP6
2.5.9-4.20.1
fixed
suse enterprise server 15 SP7
2.5.9-150700.22.16
fixed
libruby3_4-3_4
suse enterprise desktop 15 SP7
3.4.1-150700.1.11
fixed
suse enterprise sap 15 SP7
3.4.1-150700.1.11
fixed
suse enterprise server 15 SP7
3.4.1-150700.1.11
fixed
Amazon Linux logo
Amazon Linux Releases
Amazon Package
Release
ruby
Amazon Linux 2
0:2.0.0.648-36.amzn2.0.2
fixed
ruby-debuginfo
Amazon Linux 2
0:2.0.0.648-36.amzn2.0.2
fixed
ruby-devel
Amazon Linux 2
0:2.0.0.648-36.amzn2.0.2
fixed
ruby-doc
Amazon Linux 2
0:2.0.0.648-36.amzn2.0.2
fixed
ruby-irb
Amazon Linux 2
0:2.0.0.648-36.amzn2.0.2
fixed
ruby-libs
Amazon Linux 2
0:2.0.0.648-36.amzn2.0.2
fixed
ruby-tcltk
Amazon Linux 2
0:2.0.0.648-36.amzn2.0.2
fixed
ruby20
Amazon Linux 1
0:2.0.0.648-2.40.amzn1
fixed
ruby20-debuginfo
Amazon Linux 1
0:2.0.0.648-2.40.amzn1
fixed
ruby20-devel
Amazon Linux 1
0:2.0.0.648-2.40.amzn1
fixed
ruby20-doc
Amazon Linux 1
0:2.0.0.648-2.40.amzn1
fixed
ruby20-irb
Amazon Linux 1
0:2.0.0.648-2.40.amzn1
fixed
ruby20-libs
Amazon Linux 1
0:2.0.0.648-2.40.amzn1
fixed
ruby24
Amazon Linux 1
0:2.4.10-2.15.amzn1
fixed
ruby24-debuginfo
Amazon Linux 1
0:2.4.10-2.15.amzn1
fixed
ruby24-devel
Amazon Linux 1
0:2.4.10-2.15.amzn1
fixed
ruby24-doc
Amazon Linux 1
0:2.4.10-2.15.amzn1
fixed
ruby24-irb
Amazon Linux 1
0:2.4.10-2.15.amzn1
fixed
ruby24-libs
Amazon Linux 1
0:2.4.10-2.15.amzn1
fixed
rubygem-bigdecimal
Amazon Linux 2
0:1.2.0-36.amzn2.0.2
fixed
rubygem-io-console
Amazon Linux 2
0:0.4.2-36.amzn2.0.2
fixed
rubygem-json
Amazon Linux 2
0:1.7.7-36.amzn2.0.2
fixed
rubygem-minitest
Amazon Linux 2
0:4.3.2-36.amzn2.0.2
fixed
rubygem-psych
Amazon Linux 2
0:2.0.0-36.amzn2.0.2
fixed
rubygem-rake
Amazon Linux 2
0:0.9.6-36.amzn2.0.2
fixed
rubygem-rdoc
Amazon Linux 2
0:4.0.0-36.amzn2.0.2
fixed
rubygem20-bigdecimal
Amazon Linux 1
0:1.2.0-2.40.amzn1
fixed
rubygem20-io-console
Amazon Linux 1
0:0.4.2-2.40.amzn1
fixed
rubygem20-psych
Amazon Linux 1
0:2.0.0-2.40.amzn1
fixed
rubygem24-bigdecimal
Amazon Linux 1
0:1.3.2-2.15.amzn1
fixed
rubygem24-did_you_mean
Amazon Linux 1
0:1.1.0-2.15.amzn1
fixed
rubygem24-io-console
Amazon Linux 1
0:0.4.6-2.15.amzn1
fixed
rubygem24-json
Amazon Linux 1
0:2.0.4-2.15.amzn1
fixed
rubygem24-minitest5
Amazon Linux 1
0:5.10.1-2.15.amzn1
fixed
rubygem24-net-telnet
Amazon Linux 1
0:0.1.1-2.15.amzn1
fixed
rubygem24-power_assert
Amazon Linux 1
0:0.4.1-2.15.amzn1
fixed
rubygem24-psych
Amazon Linux 1
0:2.2.2-2.15.amzn1
fixed
rubygem24-rdoc
Amazon Linux 1
0:5.0.1-2.15.amzn1
fixed
rubygem24-test-unit
Amazon Linux 1
0:3.2.3-2.15.amzn1
fixed
rubygem24-xmlrpc
Amazon Linux 1
0:0.2.1-2.15.amzn1
fixed
rubygems
Amazon Linux 2
0:2.0.14.1-36.amzn2.0.2
fixed
rubygems-devel
Amazon Linux 2
0:2.0.14.1-36.amzn2.0.2
fixed
rubygems20
Amazon Linux 1
0:2.0.14.1-2.40.amzn1
fixed
rubygems20-devel
Amazon Linux 1
0:2.0.14.1-2.40.amzn1
fixed
rubygems24
Amazon Linux 1
0:2.6.14.4-2.15.amzn1
fixed
rubygems24-devel
Amazon Linux 1
0:2.6.14.4-2.15.amzn1
fixed