Vulnerabilities (CVE)

Filtered by vendor Ruby-lang Subscribe
Filtered by product Rdoc
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-31799 3 Debian, Oracle, Ruby-lang 4 Debian Linux, Jd Edwards Enterpriseone Tools, Rdoc and 1 more 2024-11-21 4.4 MEDIUM 7.0 HIGH
In RDoc 3.11 through 6.x before 6.3.1, as distributed with Ruby through 3.0.1, it is possible to execute arbitrary code via | and tags in a filename.
CVE-2013-0256 2 Canonical, Ruby-lang 3 Ubuntu Linux, Rdoc, Ruby 2024-11-21 4.3 MEDIUM N/A
darkfish.js in RDoc 2.3.0 through 3.12 and 4.x before 4.0.0.preview2.1, as used in Ruby, does not properly generate documents, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted URL.