CVE-2022-31163: Arbitrary file execution through TZinfo (Ruby)

This page summarizes the projects mentioned and recommended in the original post on news.ycombinator.com
Date and Time Processing

WorkOS
Our great sponsors
  • WorkOS - The modern identity platform for B2B SaaS
  • InfluxDB - Power Real-Time Data Analytics at Scale
  • SaaSHub - Software Alternatives and Reviews
Our great sponsors

  • TZinfo

    TZInfo - Ruby Timezone Library

    • For everyone who is panicking about this - to be affected, you either need to use a really old version of tzinfo (0.3.60 and earlier), have the tzinfo-data gem installed, or explicitly set TZInfo::DataSource to DataSources::RubyDataSource.

    Otherwise, by default, tzinfo will use TZInfo::ZoneinfoDataSource, which does not seem to be affected.

    https://github.com/tzinfo/tzinfo/blob/d9b289e1be30d29a2cb23b...

    https://github.com/tzinfo/tzinfo/commit/b98c32efd61289fe6f00...

  • WorkOS

    The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.

    WorkOS logo
NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts