Ruby before 1.8.7-p352 does not reset the random seed upon forking, which makes it easier for context-dependent attackers to predict the values of random numbers by leveraging knowledge of the number sequence obtained in a different child process, a related issue to CVE-2003-0900. NOTE: this issue exists because of a regression during Ruby 1.8.6 development.
| Product | Vendor | Version |
|---|---|---|
| n/a | n/a | ArubaOS 10.3.x.x: 10.3.1.0 and below |