National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • Keyword (text search): Ruby
There are 479 matching records.
Displaying matches 21 through 40.
Vuln ID Summary CVSS Severity
CVE-2019-10780

BibTeX-ruby before 5.1.0 allows shell command injection due to unsanitized user input being passed directly to the built-in Ruby Kernel.open method through BibTeX.open.

Published: January 22, 2020; 09:15:11 AM -05:00
V3.1: 9.8 CRITICAL
    V2: 10.0 HIGH
CVE-2015-2784

The papercrop gem before 0.3.0 for Ruby on Rails does not properly handle crop input.

Published: January 21, 2020; 01:15:12 PM -05:00
V3.1: 9.8 CRITICAL
    V2: 7.5 HIGH
CVE-2020-6840

In mruby 2.1.0, there is a use-after-free in hash_slice in mrbgems/mruby-hash-ext/src/hash-ext.c.

Published: January 10, 2020; 10:15:11 PM -05:00
V3.1: 9.8 CRITICAL
    V2: 7.5 HIGH
CVE-2020-6839

In mruby 2.1.0, there is a stack-based buffer overflow in mrb_str_len_to_dbl in string.c.

Published: January 10, 2020; 10:15:11 PM -05:00
V3.1: 9.8 CRITICAL
    V2: 7.5 HIGH
CVE-2020-6838

In mruby 2.1.0, there is a use-after-free in hash_values_at in mrbgems/mruby-hash-ext/src/hash-ext.c.

Published: January 10, 2020; 10:15:10 PM -05:00
V3.1: 9.8 CRITICAL
    V2: 7.5 HIGH
CVE-2013-4318

File injection vulnerability in Ruby gem Features 0.3.0 allows remote attackers to inject malicious html in the /tmp directory.

Published: December 26, 2019; 04:15:11 PM -05:00
V3.1: 5.4 MEDIUM
    V2: 3.5 LOW
CVE-2019-16782

There's a possible information leak / session hijack vulnerability in Rack (RubyGem rack). This vulnerability is patched in versions 1.6.12 and 2.0.8. Attackers may be able to find and hijack sessions by using timing attacks targeting the session id. Session ids are usually stored and indexed in a database that uses some kind of scheme for speeding up lookups of that session id. By carefully measuring the amount of time it takes to look up a session, an attacker may be able to find a valid session id and hijack the session. The session id itself may be generated randomly, but the way the session is indexed by the backing store does not use a secure comparison.

Published: December 18, 2019; 03:15:16 PM -05:00
V3.1: 5.9 MEDIUM
    V2: 4.3 MEDIUM
CVE-2019-16779

In RubyGem excon before 0.71.0, there was a race condition around persistent connections, where a connection which is interrupted (such as by a timeout) would leave data on the socket. Subsequent requests would then read this data, returning content from the previous response. The race condition window appears to be short, and it would be difficult to purposefully exploit this.

Published: December 16, 2019; 03:15:15 PM -05:00
V3.1: 5.9 MEDIUM
    V2: 4.3 MEDIUM
CVE-2014-0241

rubygem-hammer_cli_foreman: File /etc/hammer/cli.modules.d/foreman.yml world readable

Published: December 13, 2019; 08:15:11 AM -05:00
V3.1: 5.5 MEDIUM
    V2: 2.1 LOW
CVE-2013-4593

RubyGem omniauth-facebook has an access token security vulnerability

Published: December 11, 2019; 09:15:09 AM -05:00
V3.1: 7.5 HIGH
    V2: 5.0 MEDIUM
CVE-2013-2095

rubygem-openshift-origin-controller: API can be used to create applications via cartridge_cache.rb URI.prase() to perform command injection

Published: December 10, 2019; 09:15:10 AM -05:00
V3.1: 9.8 CRITICAL
    V2: 7.5 HIGH
CVE-2015-1855

verify_certificate_identity in the OpenSSL extension in Ruby before 2.0.0 patchlevel 645, 2.1.x before 2.1.6, and 2.2.x before 2.2.2 does not properly validate hostnames, which allows remote attackers to spoof servers via vectors related to (1) multiple wildcards, (1) wildcards in IDNA names, (3) case sensitivity, and (4) non-ASCII characters.

Published: November 29, 2019; 04:15:10 PM -05:00
V3.1: 5.9 MEDIUM
    V2: 4.3 MEDIUM
CVE-2019-16255

Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 allows code injection if the first argument (aka the "command" argument) to Shell#[] or Shell#test in lib/shell.rb is untrusted data. An attacker can exploit this to call an arbitrary Ruby method.

Published: November 26, 2019; 01:15:15 PM -05:00
V3.1: 9.8 CRITICAL
    V2: 7.5 HIGH
CVE-2019-16254

Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 allows HTTP Response Splitting. If a program using WEBrick inserts untrusted input into the response header, an attacker can exploit it to insert a newline character to split a header, and inject malicious content to deceive clients. NOTE: this issue exists because of an incomplete fix for CVE-2017-17742, which addressed the CRLF vector, but did not address an isolated CR or an isolated LF.

Published: November 26, 2019; 01:15:15 PM -05:00
V3.1: 5.3 MEDIUM
    V2: 5.0 MEDIUM
CVE-2019-16201

WEBrick::HTTPAuth::DigestAuth in Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 has a regular expression Denial of Service cause by looping/backtracking. A victim must expose a WEBrick server that uses DigestAuth to the Internet or a untrusted network.

Published: November 26, 2019; 01:15:15 PM -05:00
V3.1: 7.5 HIGH
    V2: 7.8 HIGH
CVE-2019-15845

Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 mishandles path checking within File.fnmatch functions.

Published: November 26, 2019; 12:15:11 PM -05:00
V3.1: 6.5 MEDIUM
    V2: 6.4 MEDIUM
CVE-2011-4121

The OpenSSL extension of Ruby (Git trunk) versions after 2011-09-01 up to 2011-11-03 always generated an exponent value of '1' to be used for private RSA key generation. A remote attacker could use this flaw to bypass or corrupt integrity of services, depending on strong private RSA keys generation mechanism.

Published: November 26, 2019; 12:15:13 AM -05:00
V3.1: 9.8 CRITICAL
    V2: 7.5 HIGH
CVE-2011-3624

Various methods in WEBrick::HTTPRequest in Ruby 1.9.2 and 1.8.7 and earlier do not validate the X-Forwarded-For, X-Forwarded-Host and X-Forwarded-Server headers in requests, which might allow remote attackers to inject arbitrary text into log files or bypass intended address parsing via a crafted header.

Published: November 25, 2019; 10:15:10 PM -05:00
V3.1: 5.3 MEDIUM
    V2: 5.0 MEDIUM
CVE-2014-0084

Ruby gem openshift-origin-node before 2014-02-14 does not contain a cronjob timeout which could result in a denial of service in cron.daily and cron.weekly.

Published: November 21, 2019; 10:15:11 AM -05:00
V3.1: 5.5 MEDIUM
    V2: 2.1 LOW
CVE-2014-0083

The Ruby net-ldap gem before 0.11 uses a weak salt when generating SSHA passwords.

Published: November 21, 2019; 09:15:13 AM -05:00
V3.1: 5.5 MEDIUM
    V2: 2.1 LOW