Total
108 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2013-2065 | 2 Opensuse, Ruby-lang | 2 Opensuse, Ruby | 2024-11-21 | 6.4 MEDIUM | N/A |
(1) DL and (2) Fiddle in Ruby 1.9 before 1.9.3 patchlevel 426, and 2.0 before 2.0.0 patchlevel 195, do not perform taint checking for native functions, which allows context-dependent attackers to bypass intended $SAFE level restrictions. | |||||
CVE-2013-1948 | 2 Rob Westgeest, Ruby-lang | 2 Md2pdf, Ruby | 2024-11-21 | 10.0 HIGH | N/A |
converter.rb in the md2pdf gem 0.0.1 for Ruby allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a filename. | |||||
CVE-2013-1947 | 2 Kelly D. Redding, Ruby-lang | 2 Kelredd-pruview, Ruby | 2024-11-21 | 9.3 HIGH | N/A |
kelredd-pruview gem 0.3.8 for Ruby allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a filename argument to (1) document.rb, (2) video.rb, or (3) video_image.rb. | |||||
CVE-2013-1933 | 2 Documentcloud, Ruby-lang | 2 Karteek-docsplit, Ruby | 2024-11-21 | 9.3 HIGH | N/A |
The extract_from_ocr function in lib/docsplit/text_extractor.rb in the Karteek Docsplit (karteek-docsplit) gem 0.5.4 for Ruby allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a PDF filename. | |||||
CVE-2013-1911 | 2 Mark Burns, Ruby-lang | 2 Ldoce, Ruby | 2024-11-21 | 6.8 MEDIUM | N/A |
lib/ldoce/word.rb in the ldoce 0.0.2 gem for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in (1) an mp3 URL or (2) file name. | |||||
CVE-2013-1821 | 1 Ruby-lang | 1 Ruby | 2024-11-21 | 5.0 MEDIUM | N/A |
lib/rexml/text.rb in the REXML parser in Ruby before 1.9.3-p392 allows remote attackers to cause a denial of service (memory consumption and crash) via crafted text nodes in an XML document, aka an XML Entity Expansion (XEE) attack. | |||||
CVE-2013-1655 | 3 Puppet, Puppetlabs, Ruby-lang | 4 Puppet, Puppet Enterprise, Puppet and 1 more | 2024-11-21 | 7.5 HIGH | N/A |
Puppet 2.7.x before 2.7.21 and 3.1.x before 3.1.1, when running Ruby 1.9.3 or later, allows remote attackers to execute arbitrary code via vectors related to "serialized attributes." | |||||
CVE-2013-0256 | 2 Canonical, Ruby-lang | 3 Ubuntu Linux, Rdoc, Ruby | 2024-11-21 | 4.3 MEDIUM | N/A |
darkfish.js in RDoc 2.3.0 through 3.12 and 4.x before 4.0.0.preview2.1, as used in Ruby, does not properly generate documents, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted URL. | |||||
CVE-2013-0233 | 3 Opensuse, Plataformatec, Ruby-lang | 3 Opensuse, Devise, Ruby | 2024-11-21 | 6.8 MEDIUM | N/A |
Devise gem 2.2.x before 2.2.3, 2.1.x before 2.1.3, 2.0.x before 2.0.5, and 1.5.x before 1.5.4 for Ruby, when using certain databases, does not properly perform type conversion when performing database queries, which might allow remote attackers to cause incorrect results to be returned and bypass security checks via unknown vectors, as demonstrated by resetting passwords of arbitrary accounts. | |||||
CVE-2013-0175 | 3 Erik Michaels-ober, Grape Project, Ruby-lang | 3 Multi Xml, Grape, Ruby | 2024-11-21 | 7.5 HIGH | N/A |
multi_xml gem 0.5.2 for Ruby, as used in Grape before 0.2.6 and possibly other products, does not properly restrict casts of string values, which allows remote attackers to conduct object-injection attacks and execute arbitrary code, or cause a denial of service (memory and CPU consumption) involving nested XML entity references, by leveraging support for (1) YAML type conversion or (2) Symbol type conversion, a similar vulnerability to CVE-2013-0156. | |||||
CVE-2012-5380 | 1 Ruby-lang | 1 Ruby | 2024-11-21 | 6.0 MEDIUM | 6.7 MEDIUM |
Untrusted search path vulnerability in the installation functionality in Ruby 1.9.3-p194, when installed in the top-level C:\ directory, might allow local users to gain privileges via a Trojan horse DLL in the C:\Ruby193\bin directory, which may be added to the PATH system environment variable by an administrator, as demonstrated by a Trojan horse wlbsctrl.dll file used by the "IKE and AuthIP IPsec Keying Modules" system service in Windows Vista SP1, Windows Server 2008 SP2, Windows 7 SP1, and Windows 8 Release Preview. NOTE: CVE disputes this issue because the unsafe PATH is established only by a separate administrative action that is not a default part of the Ruby installation | |||||
CVE-2012-5371 | 1 Ruby-lang | 1 Ruby | 2024-11-21 | 5.0 MEDIUM | N/A |
Ruby (aka CRuby) 1.9 before 1.9.3-p327 and 2.0 before r37575 computes hash values without properly restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table, as demonstrated by a universal multicollision attack against a variant of the MurmurHash2 algorithm, a different vulnerability than CVE-2011-4815. | |||||
CVE-2012-4522 | 1 Ruby-lang | 1 Ruby | 2024-11-21 | 5.0 MEDIUM | N/A |
The rb_get_path_check function in file.c in Ruby 1.9.3 before patchlevel 286 and Ruby 2.0.0 before r37163 allows context-dependent attackers to create files in unexpected locations or with unexpected names via a NUL byte in a file path. | |||||
CVE-2012-4481 | 1 Ruby-lang | 1 Ruby | 2024-11-21 | 4.3 MEDIUM | N/A |
The safe-level feature in Ruby 1.8.7 allows context-dependent attackers to modify strings via the NameError#to_s method when operating on Ruby objects. NOTE: this issue is due to an incomplete fix for CVE-2011-1005. | |||||
CVE-2012-4466 | 1 Ruby-lang | 1 Ruby | 2024-11-21 | 5.0 MEDIUM | N/A |
Ruby 1.8.7 before patchlevel 371, 1.9.3 before patchlevel 286, and 2.0 before revision r37068 allows context-dependent attackers to bypass safe-level restrictions and modify untainted strings via the name_err_mesg_to_str API function, which marks the string as tainted, a different vulnerability than CVE-2011-1005. | |||||
CVE-2012-4464 | 1 Ruby-lang | 1 Ruby | 2024-11-21 | 5.0 MEDIUM | N/A |
Ruby 1.9.3 before patchlevel 286 and 2.0 before revision r37068 allows context-dependent attackers to bypass safe-level restrictions and modify untainted strings via the (1) exc_to_s or (2) name_err_to_s API function, which marks the string as tainted, a different vulnerability than CVE-2012-4466. NOTE: this issue might exist because of a CVE-2011-1005 regression. | |||||
CVE-2011-4815 | 1 Ruby-lang | 1 Ruby | 2024-11-21 | 7.8 HIGH | N/A |
Ruby (aka CRuby) before 1.8.7-p357 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table. | |||||
CVE-2011-4121 | 1 Ruby-lang | 1 Ruby | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
The OpenSSL extension of Ruby (Git trunk) versions after 2011-09-01 up to 2011-11-03 always generated an exponent value of '1' to be used for private RSA key generation. A remote attacker could use this flaw to bypass or corrupt integrity of services, depending on strong private RSA keys generation mechanism. | |||||
CVE-2011-3624 | 1 Ruby-lang | 1 Ruby | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
Various methods in WEBrick::HTTPRequest in Ruby 1.9.2 and 1.8.7 and earlier do not validate the X-Forwarded-For, X-Forwarded-Host and X-Forwarded-Server headers in requests, which might allow remote attackers to inject arbitrary text into log files or bypass intended address parsing via a crafted header. | |||||
CVE-2011-3009 | 1 Ruby-lang | 1 Ruby | 2024-11-21 | 5.0 MEDIUM | N/A |
Ruby before 1.8.6-p114 does not reset the random seed upon forking, which makes it easier for context-dependent attackers to predict the values of random numbers by leveraging knowledge of the number sequence obtained in a different child process, a related issue to CVE-2003-0900. |