National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • Keyword (text search): Ruby
There are 436 matching records.
Displaying matches 361 through 380.
Vuln ID Summary CVSS Severity
CVE-2011-2929

The template selection functionality in actionpack/lib/action_view/template/resolver.rb in Ruby on Rails 3.0.x before 3.0.10 and 3.1.x before 3.1.0.rc6 does not properly handle glob characters, which allows remote attackers to render arbitrary views via a crafted URL, related to a "filter skipping vulnerability."

Published: August 29, 2011; 02:55:01 PM -04:00
    V2: 5.0 MEDIUM
CVE-2011-3009

Ruby before 1.8.6-p114 does not reset the random seed upon forking, which makes it easier for context-dependent attackers to predict the values of random numbers by leveraging knowledge of the number sequence obtained in a different child process, a related issue to CVE-2003-0900.

Published: August 05, 2011; 06:55:01 PM -04:00
    V2: 5.0 MEDIUM
CVE-2011-2705

The SecureRandom.random_bytes function in lib/securerandom.rb in Ruby before 1.8.7-p352 and 1.9.x before 1.9.2-p290 relies on PID values for initialization, which makes it easier for context-dependent attackers to predict the result string by leveraging knowledge of random strings obtained in an earlier process with the same PID.

Published: August 05, 2011; 05:55:04 PM -04:00
    V2: 5.0 MEDIUM
CVE-2011-2686

Ruby before 1.8.7-p352 does not reset the random seed upon forking, which makes it easier for context-dependent attackers to predict the values of random numbers by leveraging knowledge of the number sequence obtained in a different child process, a related issue to CVE-2003-0900. NOTE: this issue exists because of a regression during Ruby 1.8.6 development.

Published: August 05, 2011; 05:55:04 PM -04:00
    V2: 5.0 MEDIUM
CVE-2011-2197

The cross-site scripting (XSS) prevention feature in Ruby on Rails 2.x before 2.3.12, 3.0.x before 3.0.8, and 3.1.x before 3.1.0.rc2 does not properly handle mutation of safe buffers, which makes it easier for remote attackers to conduct XSS attacks via crafted strings to an application that uses a problematic string method, as demonstrated by the sub method.

Published: June 30, 2011; 11:55:01 AM -04:00
    V2: 4.3 MEDIUM
CVE-2011-0995

The sqlite3-ruby gem in the rubygem-sqlite3 package before 1.2.4-0.5.1 in SUSE Linux Enterprise (SLE) 11 SP1 uses weak permissions for unspecified files, which allows local users to gain privileges via unknown vectors.

Published: May 13, 2011; 01:05:41 PM -04:00
    V2: 2.1 LOW
CVE-2011-1440

Use-after-free vulnerability in Google Chrome before 11.0.696.57 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the ruby element and Cascading Style Sheets (CSS) token sequences.

Published: May 03, 2011; 06:55:01 PM -04:00
    V2: 7.5 HIGH
CVE-2011-0188

The VpMemAlloc function in bigdecimal.c in the BigDecimal class in Ruby 1.9.2-p136 and earlier, as used on Apple Mac OS X before 10.6.7 and other platforms, does not properly allocate memory, which allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving creation of a large BigDecimal value within a 64-bit process, related to an "integer truncation issue."

Published: March 22, 2011; 10:00:06 PM -04:00
    V2: 6.8 MEDIUM
CVE-2011-1005

The safe-level feature in Ruby 1.8.6 through 1.8.6-420, 1.8.7 through 1.8.7-330, and 1.8.8dev allows context-dependent attackers to modify strings via the Exception#to_s method, as demonstrated by changing an intended pathname.

Published: March 02, 2011; 03:00:01 PM -05:00
    V2: 5.0 MEDIUM
CVE-2011-1004

The FileUtils.remove_entry_secure method in Ruby 1.8.6 through 1.8.6-420, 1.8.7 through 1.8.7-330, 1.8.8dev, 1.9.1 through 1.9.1-430, 1.9.2 through 1.9.2-136, and 1.9.3dev allows local users to delete arbitrary files via a symlink attack.

Published: March 02, 2011; 03:00:01 PM -05:00
    V2: 6.3 MEDIUM
CVE-2011-0449

actionpack/lib/action_view/template/resolver.rb in Ruby on Rails 3.0.x before 3.0.4, when a case-insensitive filesystem is used, does not properly implement filters associated with the list of available templates, which allows remote attackers to bypass intended access restrictions via an action name that uses an unintended case for alphabetic characters.

Published: February 21, 2011; 01:00:01 PM -05:00
    V2: 7.5 HIGH
CVE-2011-0448

Ruby on Rails 3.0.x before 3.0.4 does not ensure that arguments to the limit function specify integer values, which makes it easier for remote attackers to conduct SQL injection attacks via a non-numeric argument.

Published: February 21, 2011; 01:00:01 PM -05:00
    V2: 7.5 HIGH
CVE-2011-0447

Ruby on Rails 2.1.x, 2.2.x, and 2.3.x before 2.3.11, and 3.x before 3.0.4, does not properly validate HTTP requests that contain an X-Requested-With header, which makes it easier for remote attackers to conduct cross-site request forgery (CSRF) attacks via forged (1) AJAX or (2) API requests that leverage "combinations of browser plugins and HTTP redirects," a related issue to CVE-2011-0696.

Published: February 14, 2011; 04:00:03 PM -05:00
    V2: 6.8 MEDIUM
CVE-2011-0446

Multiple cross-site scripting (XSS) vulnerabilities in the mail_to helper in Ruby on Rails before 2.3.11, and 3.x before 3.0.4, when javascript encoding is used, allow remote attackers to inject arbitrary web script or HTML via a crafted (1) name or (2) email value.

Published: February 14, 2011; 04:00:03 PM -05:00
    V2: 4.3 MEDIUM
CVE-2011-0739

The deliver function in the sendmail delivery agent (lib/mail/network/delivery_methods/sendmail.rb) in Ruby Mail gem 2.2.14 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in an e-mail address.

Published: February 01, 2011; 08:00:07 PM -05:00
    V2: 6.8 MEDIUM
CVE-2010-3928

Ruby Version Manager (RVM) before 1.2.1 writes file contents to a terminal without sanitizing non-printable characters, which might allow remote attackers to execute arbitrary commands via a crafted file, related to an "escape sequence injection vulnerability." NOTE: some of these details are obtained from third party information.

Published: January 20, 2011; 02:00:04 PM -05:00
    V2: 6.8 MEDIUM
CVE-2010-3933

Ruby on Rails 2.3.9 and 3.0.0 does not properly handle nested attributes, which allows remote attackers to modify arbitrary records by changing the names of parameters for form inputs.

Published: October 27, 2010; 08:00:05 PM -04:00
    V2: 6.4 MEDIUM
CVE-2010-3119

Google Chrome before 5.0.375.127 and webkitgtk before 1.2.6 do not properly support the Ruby language, which allows attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.

Published: August 24, 2010; 04:00:02 PM -04:00
    V2: 10.0 HIGH
CVE-2010-2489

Buffer overflow in Ruby 1.9.x before 1.9.1-p429 on Windows might allow local users to gain privileges via a crafted ARGF.inplace_mode value that is not properly handled when constructing the filenames of the backup files.

Published: July 12, 2010; 09:27:27 AM -04:00
    V2: 7.2 HIGH
CVE-2010-0541

Cross-site scripting (XSS) vulnerability in the WEBrick HTTP server in Ruby in Apple Mac OS X 10.5.8, and 10.6 before 10.6.4, allows remote attackers to inject arbitrary web script or HTML via a crafted URI that triggers a UTF-7 error page.

Published: June 17, 2010; 12:30:01 PM -04:00
    V2: 4.3 MEDIUM