Filtered by vendor Ruby-lang Subscriptions
Total 119 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2013-1821 2 Redhat, Ruby-lang 5 Enterprise Linux, Fuse Esb Enterprise, Jboss Enterprise Soa Platform and 2 more 2024-08-06 N/A
lib/rexml/text.rb in the REXML parser in Ruby before 1.9.3-p392 allows remote attackers to cause a denial of service (memory consumption and crash) via crafted text nodes in an XML document, aka an XML Entity Expansion (XEE) attack.
CVE-2013-1655 3 Puppet, Puppetlabs, Ruby-lang 4 Puppet, Puppet Enterprise, Puppet and 1 more 2024-08-06 N/A
Puppet 2.7.x before 2.7.21 and 3.1.x before 3.1.1, when running Ruby 1.9.3 or later, allows remote attackers to execute arbitrary code via vectors related to "serialized attributes."
CVE-2013-0256 5 Canonical, Cloudforms Cloudengine, Redhat and 2 more 6 Ubuntu Linux, 1, Openshift and 3 more 2024-08-06 N/A
darkfish.js in RDoc 2.3.0 through 3.12 and 4.x before 4.0.0.preview2.1, as used in Ruby, does not properly generate documents, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted URL.
CVE-2013-0175 3 Erik Michaels-ober, Grape Project, Ruby-lang 3 Multi Xml, Grape, Ruby 2024-08-06 N/A
multi_xml gem 0.5.2 for Ruby, as used in Grape before 0.2.6 and possibly other products, does not properly restrict casts of string values, which allows remote attackers to conduct object-injection attacks and execute arbitrary code, or cause a denial of service (memory and CPU consumption) involving nested XML entity references, by leveraging support for (1) YAML type conversion or (2) Symbol type conversion, a similar vulnerability to CVE-2013-0156.
CVE-2014-8080 4 Canonical, Opensuse, Redhat and 1 more 5 Ubuntu Linux, Opensuse, Enterprise Linux and 2 more 2024-08-06 N/A
The REXML parser in Ruby 1.9.x before 1.9.3-p550, 2.0.x before 2.0.0-p594, and 2.1.x before 2.1.4 allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document, aka an XML Entity Expansion (XEE) attack.
CVE-2014-8090 2 Redhat, Ruby-lang 3 Enterprise Linux, Rhel Software Collections, Ruby 2024-08-06 N/A
The REXML parser in Ruby 1.9.x before 1.9.3 patchlevel 551, 2.0.x before 2.0.0 patchlevel 598, and 2.1.x before 2.1.5 allows remote attackers to cause a denial of service (CPU and memory consumption) a crafted XML document containing an empty string in an entity that is used in a large number of nested entity references, aka an XML Entity Expansion (XEE) attack. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-1821 and CVE-2014-8080.
CVE-2014-6438 1 Ruby-lang 1 Ruby 2024-08-06 N/A
The URI.decode_www_form_component method in Ruby before 1.9.2-p330 allows remote attackers to cause a denial of service (catastrophic regular expression backtracking, resource consumption, or application crash) via a crafted string.
CVE-2014-4975 4 Canonical, Debian, Redhat and 1 more 9 Ubuntu Linux, Debian Linux, Enterprise Linux and 6 more 2024-08-06 N/A
Off-by-one error in the encodes function in pack.c in Ruby 1.9.3 and earlier, and 2.x through 2.1.2, when using certain format string specifiers, allows context-dependent attackers to cause a denial of service (segmentation fault) via vectors that trigger a stack-based buffer overflow.
CVE-2014-2734 1 Ruby-lang 1 Ruby 2024-08-06 N/A
The openssl extension in Ruby 2.x does not properly maintain the state of process memory after a file is reopened, which allows remote attackers to spoof signatures within the context of a Ruby script that attempts signature verification after performing a certain sequence of filesystem operations. NOTE: this issue has been disputed by the Ruby OpenSSL team and third parties, who state that the original demonstration PoC contains errors and redundant or unnecessarily-complex code that does not appear to be related to a demonstration of the issue. As of 20140502, CVE is not aware of any public comment by the original researcher
CVE-2015-9096 1 Ruby-lang 1 Ruby 2024-08-06 N/A
Net::SMTP in Ruby before 2.4.0 is vulnerable to SMTP command injection via CRLF sequences in a RCPT TO or MAIL FROM command, as demonstrated by CRLF sequences immediately before and after a DATA substring.
CVE-2015-7551 3 Apple, Redhat, Ruby-lang 3 Mac Os X, Rhel Software Collections, Ruby 2024-08-06 N/A
The Fiddle::Handle implementation in ext/fiddle/handle.c in Ruby before 2.0.0-p648, 2.1 before 2.1.8, and 2.2 before 2.2.4, as distributed in Apple OS X before 10.11.4 and other products, mishandles tainting, which allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted string, related to the DL module and the libffi library. NOTE: this vulnerability exists because of a CVE-2009-5147 regression.
CVE-2015-3900 4 Oracle, Redhat, Ruby-lang and 1 more 5 Solaris, Enterprise Linux, Rhel Software Collections and 2 more 2024-08-06 N/A
RubyGems 2.0.x before 2.0.16, 2.2.x before 2.2.4, and 2.4.x before 2.4.7 does not validate the hostname when fetching gems or making API requests, which allows remote attackers to redirect requests to arbitrary domains via a crafted DNS SRV record, aka a "DNS hijack attack."
CVE-2015-1855 3 Debian, Puppet, Ruby-lang 5 Debian Linux, Puppet Agent, Puppet Enterprise and 2 more 2024-08-06 5.9 Medium
verify_certificate_identity in the OpenSSL extension in Ruby before 2.0.0 patchlevel 645, 2.1.x before 2.1.6, and 2.2.x before 2.2.2 does not properly validate hostnames, which allows remote attackers to spoof servers via vectors related to (1) multiple wildcards, (1) wildcards in IDNA names, (3) case sensitivity, and (4) non-ASCII characters.
CVE-2016-7798 2 Debian, Ruby-lang 2 Debian Linux, Openssl 2024-08-06 7.5 High
The openssl gem for Ruby uses the same initialization vector (IV) in GCM Mode (aes-*-gcm) when the IV is set before the key, which makes it easier for context-dependent attackers to bypass the encryption protection mechanism.
CVE-2016-2337 1 Ruby-lang 1 Ruby 2024-08-05 N/A
Type confusion exists in _cancel_eval Ruby's TclTkIp class method. Attacker passing different type of object than String as "retval" argument can cause arbitrary code execution.
CVE-2016-2338 2 Debian, Ruby-lang 2 Debian Linux, Ruby 2024-08-05 9.8 Critical
An exploitable heap overflow vulnerability exists in the Psych::Emitter start_document function of Ruby. In Psych::Emitter start_document function heap buffer "head" allocation is made based on tags array length. Specially constructed object passed as element of tags array can increase this array size after mentioned allocation and cause heap overflow.
CVE-2016-2339 1 Ruby-lang 1 Ruby 2024-08-05 N/A
An exploitable heap overflow vulnerability exists in the Fiddle::Function.new "initialize" function functionality of Ruby. In Fiddle::Function.new "initialize" heap buffer "arg_types" allocation is made based on args array length. Specially constructed object passed as element of args array can increase this array size after mentioned allocation and cause heap overflow.
CVE-2016-2336 1 Ruby-lang 1 Ruby 2024-08-05 N/A
Type confusion exists in two methods of Ruby's WIN32OLE class, ole_invoke and ole_query_interface. Attacker passing different type of object than this assumed by developers can cause arbitrary code execution.
CVE-2017-17790 2 Redhat, Ruby-lang 3 Enterprise Linux, Rhel Software Collections, Ruby 2024-08-05 N/A
The lazy_initialize function in lib/resolv.rb in Ruby through 2.4.3 uses Kernel#open, which might allow Command Injection attacks, as demonstrated by a Resolv::Hosts::new argument beginning with a '|' character, a different vulnerability than CVE-2017-17405. NOTE: situations with untrusted input may be highly unlikely.
CVE-2017-17742 3 Debian, Redhat, Ruby-lang 8 Debian Linux, Enterprise Linux, Rhel Aus and 5 more 2024-08-05 N/A
Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1 allows an HTTP Response Splitting attack. An attacker can inject a crafted key and value into an HTTP response for the HTTP server of WEBrick.