Filtered by vendor Ruby-lang
Subscriptions
Filtered by product Ruby
Subscriptions
Total
108 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2023-28756 | 4 Debian, Fedoraproject, Redhat and 1 more | 6 Debian Linux, Fedora, Enterprise Linux and 3 more | 2024-11-21 | 5.3 Medium |
A ReDoS issue was discovered in the Time component through 0.2.1 in Ruby through 3.2.1. The Time parser mishandles invalid URLs that have specific characters. It causes an increase in execution time for parsing strings to Time objects. The fixed versions are 0.1.1 and 0.2.2. | ||||
CVE-2023-22795 | 4 Debian, Redhat, Ruby-lang and 1 more | 4 Debian Linux, Satellite, Ruby and 1 more | 2024-11-21 | 7.5 High |
A regular expression based DoS vulnerability in Action Dispatch <6.1.7.1 and <7.0.4.1 related to the If-None-Match header. A specially crafted HTTP If-None-Match header can cause the regular expression engine to enter a state of catastrophic backtracking, when on a version of Ruby below 3.2.0. This can cause the process to use large amounts of CPU and memory, leading to a possible DoS vulnerability All users running an affected release should either upgrade or use one of the workarounds immediately. | ||||
CVE-2022-28739 | 4 Apple, Debian, Redhat and 1 more | 5 Macos, Debian Linux, Enterprise Linux and 2 more | 2024-11-21 | 7.5 High |
There is a buffer over-read in Ruby before 2.6.10, 2.7.x before 2.7.6, 3.x before 3.0.4, and 3.1.x before 3.1.2. It occurs in String-to-Float conversion, including Kernel#Float and String#to_f. | ||||
CVE-2022-28738 | 2 Redhat, Ruby-lang | 3 Enterprise Linux, Rhel Software Collections, Ruby | 2024-11-21 | 9.8 Critical |
A double free was found in the Regexp compiler in Ruby 3.x before 3.0.4 and 3.1.x before 3.1.2. If a victim attempts to create a Regexp from untrusted user input, an attacker may be able to write to unexpected memory locations. | ||||
CVE-2021-41819 | 6 Debian, Fedoraproject, Opensuse and 3 more | 12 Debian Linux, Fedora, Factory and 9 more | 2024-11-21 | 7.5 High |
CGI::Cookie.parse in Ruby through 2.6.8 mishandles security prefixes in cookie names. This also affects the CGI gem through 0.3.0 for Ruby. | ||||
CVE-2021-41817 | 6 Debian, Fedoraproject, Opensuse and 3 more | 12 Debian Linux, Fedora, Factory and 9 more | 2024-11-21 | 7.5 High |
Date.parse in the date gem through 3.2.0 for Ruby allows ReDoS (regular expression Denial of Service) via a long string. The fixed versions are 3.2.1, 3.1.2, 3.0.2, and 2.0.1. | ||||
CVE-2021-41816 | 3 Fedoraproject, Redhat, Ruby-lang | 4 Fedora, Rhel Software Collections, Cgi and 1 more | 2024-11-21 | 9.8 Critical |
CGI.escape_html in Ruby before 2.7.5 and 3.x before 3.0.3 has an integer overflow and resultant buffer overflow via a long string on platforms (such as Windows) where size_t and long have different numbers of bytes. This also affects the CGI gem before 0.3.1 for Ruby. | ||||
CVE-2021-33621 | 3 Fedoraproject, Redhat, Ruby-lang | 6 Fedora, Enterprise Linux, Rhel Eus and 3 more | 2024-11-21 | 8.8 High |
The cgi gem before 0.1.0.2, 0.2.x before 0.2.2, and 0.3.x before 0.3.5 for Ruby allows HTTP response splitting. This is relevant to applications that use untrusted user input either to generate an HTTP response or to create a CGI::Cookie object. | ||||
CVE-2021-32066 | 3 Oracle, Redhat, Ruby-lang | 6 Jd Edwards Enterpriseone Tools, Enterprise Linux, Rhel E4s and 3 more | 2024-11-21 | 7.4 High |
An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. Net::IMAP does not raise an exception when StartTLS fails with an an unknown response, which might allow man-in-the-middle attackers to bypass the TLS protections by leveraging a network position between the client and the registry to block the StartTLS command, aka a "StartTLS stripping attack." | ||||
CVE-2021-31810 | 5 Debian, Fedoraproject, Oracle and 2 more | 8 Debian Linux, Fedora, Jd Edwards Enterpriseone Tools and 5 more | 2024-11-21 | 5.8 Medium |
An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. A malicious FTP server can use the PASV response to trick Net::FTP into connecting back to a given IP address and port. This potentially makes curl extract information about services that are otherwise private and not disclosed (e.g., the attacker can conduct port scans and service banner extractions). | ||||
CVE-2021-31799 | 4 Debian, Oracle, Redhat and 1 more | 8 Debian Linux, Jd Edwards Enterpriseone Tools, Enterprise Linux and 5 more | 2024-11-21 | 7 High |
In RDoc 3.11 through 6.x before 6.3.1, as distributed with Ruby through 3.0.1, it is possible to execute arbitrary code via | and tags in a filename. | ||||
CVE-2021-28966 | 2 Microsoft, Ruby-lang | 2 Windows, Ruby | 2024-11-21 | 7.5 High |
In Ruby through 3.0 on Windows, a remote attacker can submit a crafted path when a Web application handles a parameter with TmpDir. | ||||
CVE-2021-28965 | 3 Fedoraproject, Redhat, Ruby-lang | 7 Fedora, Enterprise Linux, Rhel E4s and 4 more | 2024-11-21 | 7.5 High |
The REXML gem before 3.2.5 in Ruby before 2.6.7, 2.7.x before 2.7.3, and 3.x before 3.0.1 does not properly address XML round-trip issues. An incorrect document can be produced after parsing and serializing. | ||||
CVE-2020-5247 | 4 Debian, Fedoraproject, Puma and 1 more | 4 Debian Linux, Fedora, Puma and 1 more | 2024-11-21 | 6.5 Medium |
In Puma (RubyGem) before 4.3.2 and before 3.12.3, if an application using Puma allows untrusted input in a response header, an attacker can use newline characters (i.e. `CR`, `LF` or`/r`, `/n`) to end the header and inject malicious content, such as additional headers or an entirely new response body. This vulnerability is known as HTTP Response Splitting. While not an attack in itself, response splitting is a vector for several other attacks, such as cross-site scripting (XSS). This is related to CVE-2019-16254, which fixed this vulnerability for the WEBrick Ruby web server. This has been fixed in versions 4.3.2 and 3.12.3 by checking all headers for line endings and rejecting headers with those characters. | ||||
CVE-2020-25613 | 3 Fedoraproject, Redhat, Ruby-lang | 7 Fedora, Enterprise Linux, Rhel E4s and 4 more | 2024-11-21 | 7.5 High |
An issue was discovered in Ruby through 2.5.8, 2.6.x through 2.6.6, and 2.7.x through 2.7.1. WEBrick, a simple HTTP server bundled with Ruby, had not checked the transfer-encoding header value rigorously. An attacker may potentially exploit this issue to bypass a reverse proxy (which also has a poor header check), which may lead to an HTTP Request Smuggling attack. | ||||
CVE-2020-10933 | 5 Debian, Fedoraproject, Linux and 2 more | 8 Debian Linux, Fedora, Linux Kernel and 5 more | 2024-11-21 | 5.3 Medium |
An issue was discovered in Ruby 2.5.x through 2.5.7, 2.6.x through 2.6.5, and 2.7.0. If a victim calls BasicSocket#read_nonblock(requested_size, buffer, exception: false), the method resizes the buffer to fit the requested size, but no data is copied. Thus, the buffer string provides the previous value of the heap. This may expose possibly sensitive data from the interpreter. | ||||
CVE-2020-10663 | 7 Apple, Debian, Fedoraproject and 4 more | 10 Macos, Debian Linux, Fedora and 7 more | 2024-11-21 | 7.5 High |
The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through 2.6.5, has an Unsafe Object Creation Vulnerability. This is quite similar to CVE-2013-0269, but does not rely on poor garbage-collection behavior within Ruby. Specifically, use of JSON parsing methods can lead to creation of a malicious object within the interpreter, with adverse effects that are application-dependent. | ||||
CVE-2019-16255 | 5 Debian, Opensuse, Oracle and 2 more | 8 Debian Linux, Leap, Graalvm and 5 more | 2024-11-21 | 8.1 High |
Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 allows code injection if the first argument (aka the "command" argument) to Shell#[] or Shell#test in lib/shell.rb is untrusted data. An attacker can exploit this to call an arbitrary Ruby method. | ||||
CVE-2019-16254 | 3 Debian, Redhat, Ruby-lang | 6 Debian Linux, Enterprise Linux, Rhel E4s and 3 more | 2024-11-21 | 5.3 Medium |
Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 allows HTTP Response Splitting. If a program using WEBrick inserts untrusted input into the response header, an attacker can exploit it to insert a newline character to split a header, and inject malicious content to deceive clients. NOTE: this issue exists because of an incomplete fix for CVE-2017-17742, which addressed the CRLF vector, but did not address an isolated CR or an isolated LF. | ||||
CVE-2019-16201 | 3 Debian, Redhat, Ruby-lang | 6 Debian Linux, Enterprise Linux, Rhel E4s and 3 more | 2024-11-21 | 7.5 High |
WEBrick::HTTPAuth::DigestAuth in Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 has a regular expression Denial of Service cause by looping/backtracking. A victim must expose a WEBrick server that uses DigestAuth to the Internet or a untrusted network. |