National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • Keyword (text search): Ruby
There are 417 matching records.
Displaying matches 21 through 40.
Vuln ID Summary CVSS Severity
CVE-2019-5420

A remote code execution vulnerability in development mode Rails <5.2.2.1, <6.0.0.beta3 can allow an attacker to guess the automatically generated development mode secret token. This secret token can be used in combination with other Rails internals to escalate to a remote code execution exploit.

Published: March 27, 2019; 10:29:01 AM -04:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2019-5419

There is a possible denial of service vulnerability in Action View (Rails) <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.11.1 where specially crafted accept headers can cause action view to consume 100% cpu and make the server unresponsive.

Published: March 27, 2019; 10:29:01 AM -04:00
V3: 7.5 HIGH
V2: 7.8 HIGH
CVE-2019-5418

There is a File Content Disclosure vulnerability in Action View (Rails) <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.11.1 where specially crafted accept headers can cause contents of arbitrary files on the target system's filesystem to be exposed.

Published: March 27, 2019; 10:29:01 AM -04:00
V3: 7.5 HIGH
V2: 5.0 MEDIUM
CVE-2013-2516

Vulnerability in FileUtils v0.7, Ruby Gem Fileutils <= v0.7 Command Injection vulnerability in user supplied url variable that is passed to the shell.

Published: February 15, 2019; 04:29:00 PM -05:00
V3: 8.8 HIGH
V2: 9.3 HIGH
CVE-2018-1000997

A path traversal vulnerability exists in the Stapler web framework used by Jenkins 2.145 and earlier, LTS 2.138.1 and earlier in core/src/main/java/org/kohsuke/stapler/Facet.java, groovy/src/main/java/org/kohsuke/stapler/jelly/groovy/GroovyFacet.java, jelly/src/main/java/org/kohsuke/stapler/jelly/JellyFacet.java, jruby/src/main/java/org/kohsuke/stapler/jelly/jruby/JRubyFacet.java, jsp/src/main/java/org/kohsuke/stapler/jsp/JSPFacet.java that allows attackers to render routable objects using any view in Jenkins, exposing internal information about those objects not intended to be viewed, such as their toString() representation.

Published: January 23, 2019; 05:29:00 PM -05:00
V3: 6.5 MEDIUM
V2: 4.0 MEDIUM
CVE-2018-16477

A bypass vulnerability in Active Storage >= 5.2.0 for Google Cloud Storage and Disk services allow an attacker to modify the `content-disposition` and `content-type` parameters which can be used in with HTML files and have them executed inline. Additionally, if combined with other techniques such as cookie bombing and specially crafted AppCache manifests, an attacker can gain access to private signed URLs within a specific storage path. This vulnerability has been fixed in version 5.2.1.1.

Published: November 30, 2018; 02:29:00 PM -05:00
V3: 6.5 MEDIUM
V2: 4.3 MEDIUM
CVE-2018-16476

A Broken Access Control vulnerability in Active Job versions >= 4.2.0 allows an attacker to craft user input which can cause Active Job to deserialize it using GlobalId and give them access to information that they should not have. This vulnerability has been fixed in versions 4.2.11, 5.0.7.1, 5.1.6.1, and 5.2.1.1.

Published: November 30, 2018; 02:29:00 PM -05:00
V3: 7.5 HIGH
V2: 5.0 MEDIUM
CVE-2018-16396

An issue was discovered in Ruby before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.2, and 2.6.x before 2.6.0-preview3. It does not taint strings that result from unpacking tainted strings with some formats.

Published: November 16, 2018; 01:29:01 PM -05:00
V3: 8.1 HIGH
V2: 6.8 MEDIUM
CVE-2018-16395

An issue was discovered in the OpenSSL library in Ruby before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.2, and 2.6.x before 2.6.0-preview3. When two OpenSSL::X509::Name objects are compared using ==, depending on the ordering, non-equal objects may return true. When the first argument is one character longer than the second, or the second argument contains a character that is one less than a character in the same position of the first argument, the result of == will be true. This could be leveraged to create an illegitimate certificate that may be accepted as legitimate and then used in signing or encryption operations.

Published: November 16, 2018; 01:29:00 PM -05:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2018-16471

There is a possible XSS vulnerability in Rack before 2.0.6 and 1.6.11. Carefully crafted requests can impact the data returned by the `scheme` method on `Rack::Request`. Applications that expect the scheme to be limited to 'http' or 'https' and do not escape the return value could be vulnerable to an XSS attack. Note that applications using the normal escaping mechanisms provided by Rails may not impacted, but applications that bypass the escaping mechanisms, or do not use them may be vulnerable.

Published: November 13, 2018; 06:29:00 PM -05:00
V3: 6.1 MEDIUM
V2: 4.3 MEDIUM
CVE-2018-16470

There is a possible DoS vulnerability in the multipart parser in Rack before 2.0.6. Specially crafted requests can cause the multipart parser to enter a pathological state, causing the parser to use CPU resources disproportionate to the request size.

Published: November 13, 2018; 06:29:00 PM -05:00
V3: 7.5 HIGH
V2: 5.0 MEDIUM
CVE-2014-10077

Hash#slice in lib/i18n/core_ext/hash.rb in the i18n gem before 0.8.0 for Ruby allows remote attackers to cause a denial of service (application crash) via a call in a situation where :some_key is present in keep_keys but not present in the hash.

Published: November 06, 2018; 10:29:00 AM -05:00
V3: 7.5 HIGH
V2: 5.0 MEDIUM
CVE-2018-16468

In the Loofah gem for Ruby, through v2.2.2, unsanitized JavaScript may occur in sanitized output when a crafted SVG element is republished.

Published: October 30, 2018; 05:29:00 PM -04:00
V3: 5.4 MEDIUM
V2: 3.5 LOW
CVE-2014-10075

The karo gem 2.3.8 for Ruby allows Remote command injection via the host field.

Published: October 05, 2018; 02:29:00 AM -04:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2018-3779

active-support ruby gem 5.2.0 could allow a remote attacker to execute arbitrary code on the system, caused by containing a malicious backdoor. An attacker could exploit this vulnerability to execute arbitrary code on the system.

Published: August 10, 2018; 05:29:00 PM -04:00
V3: 9.8 CRITICAL
V2: 10.0 HIGH
CVE-2018-10905

CloudForms Management Engine (cfme) is vulnerable to an improper security setting in the dRuby component of CloudForms. An attacker with access to an unprivileged local shell could use this flaw to execute commands as a high privileged user.

Published: July 24, 2018; 09:29:00 AM -04:00
V3: 7.8 HIGH
V2: 7.2 HIGH
CVE-2018-14337

The CHECK macro in mrbgems/mruby-sprintf/src/sprintf.c in mruby 1.4.1 contains a signed integer overflow, possibly leading to out-of-bounds memory access because the mrb_str_resize function in string.c does not check for a negative length.

Published: July 16, 2018; 11:29:00 PM -04:00
V3: 7.5 HIGH
V2: 5.0 MEDIUM
CVE-2018-3769

ruby-grape ruby gem suffers from a cross-site scripting (XSS) vulnerability via "format" parameter.

Published: July 05, 2018; 12:29:00 PM -04:00
V3: 6.1 MEDIUM
V2: 4.3 MEDIUM
CVE-2016-10522

rails_admin ruby gem <v1.1.1 is vulnerable to cross-site request forgery (CSRF) attacks. Non-GET methods were not validating CSRF tokens and, as a result, an attacker could hypothetically gain access to the application administrative endpoints exposed by the gem.

Published: July 05, 2018; 12:29:00 PM -04:00
V3: 8.8 HIGH
V2: 6.8 MEDIUM
CVE-2018-3760

There is an information leak vulnerability in Sprockets. Versions Affected: 4.0.0.beta7 and lower, 3.7.1 and lower, 2.12.4 and lower. Specially crafted requests can be used to access files that exists on the filesystem that is outside an application's root directory, when the Sprockets server is used in production. All users running an affected release should either upgrade or use one of the work arounds immediately.

Published: June 26, 2018; 03:29:00 PM -04:00
V3: 7.5 HIGH
V2: 5.0 MEDIUM