Ruby – CVE-2018-3740,CVE-2018-3741 & CVE-2018-8048


There are total 2,149,836 web sites deployed Ruby On Rails framework.Ruby on Rails, or Rails, is a server-side web application framework written in Ruby under the MIT License. RubyGems is a package manager for the Ruby programming language that provides a standard format for distributing Ruby programs and libraries. There are 3 items of vulnerabilities found on Ruby. Per my investigation, if hacker combining those 3 items of vulnerabilities can transform as a powerful hacking strategy. System administrator must check your environment see whether it requires for update.

Technical references shown as below:

CVE-2018-3740 –

CVE-2018-3741 –

CVE-2018-8048 –