Ruby before 1.8.6-p114 does not reset the random seed upon forking, which makes it easier for context-dependent attackers to predict the values of random numbers by leveraging knowledge of the number sequence obtained in a different child process, a related issue to CVE-2003-0900.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Ruby | Ruby-lang | * | 1.8.6 (including) |
Ruby | Ruby-lang | 1.8.6-p110 (including) | 1.8.6-p110 (including) |
Ruby | Ruby-lang | 1.8.6-p36 (including) | 1.8.6-p36 (including) |