Description
Ruby before 1.8.7-p352 does not reset the random seed upon forking, which makes it easier for context-dependent attackers to predict the values of random numbers by leveraging knowledge of the number sequence obtained in a different child process, a related issue to CVE-2003-0900. NOTE: this issue exists because of a regression during Ruby 1.8.6 development.
Remediation
References
Related Vulnerabilities
Oracle Database Server CVE-2015-4921 Vulnerability (CVE-2015-4921)
IBM WebSEAL Improper Restriction of Rendered UI Layers or Frames Vulnerability (CVE-2018-1803)
WordPress Plugin iframe Cross-Site Scripting (4.4)
MySQL CVE-2019-2819 Vulnerability (CVE-2019-2819)
Python Inefficient Regular Expression Complexity Vulnerability (CVE-2024-7592)