Lucene search
+L

185 matches found

osv
osv
added 2026/07/06 5:55 a.m.3 views

BIT-MASTODON-2026-47389 Mastodon: SSRF protection bypass on older Ruby versions

Mastodon is a free, open-source social network server based on ActivityPub. Prior to 4.5.10, 4.4.17, and 4.3.23, when using Ruby versions older than 3.4, PrivateAddressCheck.privateaddress? returns false for IPv4-mapped IPv6 addresses ::ffff:a.b.c.d corresponding to some private IPv4 addresses,...

8.6CVSS6AI score0.00232EPSS
Exploits0References2
cgr
cgr
added 2026/06/26 8:23 p.m.10 views

GHSA-35W3-PJM6-WJ95 vulnerabilities

Vulnerabilities for packages: ruby3.4-fluentd-kubernetes-daemonset, ruby3.3-fluentd-kubernetes-daemonset, ruby4.0-fluentd-kubernetes-daemonset, kube-logging-operator, ruby3.2-fluentd-kubernetes-daemonset...

6.1AI score
Exploits0
cve
cve
added 2026/06/24 7:41 p.m.9 views

CVE-2026-47389

Mastodon vulnerability CVE-2026-47389 affects older Ruby runtimes (

8.6CVSS5.9AI score0.00232EPSS
Exploits0References1
cvelist
cvelist
added 2026/06/24 7:41 p.m.21 views

CVE-2026-47389 Mastodon: SSRF protection bypass on older Ruby versions

Mastodon is a free, open-source social network server based on ActivityPub. Prior to 4.5.10, 4.4.17, and 4.3.23, when using Ruby versions older than 3.4, PrivateAddressCheck.privateaddress? returns false for IPv4-mapped IPv6 addresses ::ffff:a.b.c.d corresponding to some private IPv4 addresses,...

8.6CVSS0.00232EPSS
Exploits0References1
cgr
cgr
added 2026/06/23 8:17 a.m.9 views

CVE-2026-54905 vulnerabilities

Vulnerabilities for packages: kube-fluentd-operator, ruby3.4-fluentd-kubernetes-daemonset, ruby3.3-fluentd-kubernetes-daemonset, ruby4.0-rails, ruby3.2-rails, ruby4.0-fluentd-kubernetes-daemonset, ruby3.3-rails, kube-logging-operator, ruby3.4-rails, ruby3.2-fluentd-kubernetes-daemonset...

5.5CVSS6.1AI score0.00106EPSS
Exploits0
astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Ruby 2.5, JRuby

A issue was discovered in Ruby between versions 2.6.7, 2.7.x up to 2.7.3, and 3.x up to 3.0.1. A malicious FTP server can use the PASV response to trick Net::FTP into connecting back to a specified IP address and port. This potentially allows curl to extract information about services that would...

5.8CVSS6.6AI score0.0305EPSS
Exploits1References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Ruby 2.5

There is a buffer over-read issue in Ruby before version 2.6.10, 2.7.x before 2.7.6, 3.x before 3.0.4, and 3.1.x before 3.1.2. This issue occurs during the conversion from strings to floats, including in methods like KernelFloat and Stringtof...

7.5CVSS7AI score0.04127EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Ruby 2.5

A buffer-overread issue was discovered in StringIO 3.0.1, which is available in Ruby 3.0.x through 3.0.6, and in Ruby 3.1.x through 3.1.4. The ungetbyte and ungetc methods on a StringIO can read past the end of a string, and a subsequent call to StringIO.gets may return the memory value. 3.0.3 is...

9.8CVSS6.7AI score0.02364EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Ruby2.5, JRuby

A issue was discovered in Ruby between versions 2.6.7, 2.7.x up to 2.7.3, and 3.x up to 3.0.1. The Net::IMAP library does not raise an exception when the StartTLS command fails with an unknown response. This may allow man-in-the-middle attackers to bypass TLS protections by leveraging the network...

7.4CVSS6.6AI score0.02909EPSS
Exploits1References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Ruby 2.5

In RDoc 3.11 through 6.x, as distributed with Ruby up to 3.0.1, it was possible to execute arbitrary code using | and tags within a filename...

7CVSS7AI score0.0148EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Ruby 2.5

A issue was discovered in RDoc versions 6.3.3 through 6.6.2, as distributed in Ruby 3.x through 3.3.0. When parsing .rdocoptions used for configuration in RDoc as a YAML file, object injection and resulting remote code execution are possible because there are no restrictions on the classes that c...

4.5CVSS7.3AI score0.01571EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in JRuby

Before Ruby 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1, an HTTP Response Splitting attack was possible. An attacker could inject a crafted key and value into an HTTP response for the WEBrick HTTP server...

5.3CVSS6.8AI score0.0576EPSS
Exploits0References1
nessus
nessus
added 2026/05/11 12:0 a.m.9 views

Unity Linux 20.1060e / 20.1070e Security Update: ruby (UTSA-2026-017613)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017613 advisory. The REXML gem before 3.2.5 in Ruby before 2.6.7, 2.7.x before 2.7.3, and 3.x before 3.0.1 does not properly address XML round-trip issues. An incorrect document can ...

7.5CVSS7.3AI score0.05061EPSS
Exploits0References4
redhat
redhat
added 2026/04/17 11:15 p.m.2 views

ruby: dlopen could open a library with tainted library name

DL::dlopen in Ruby 1.8, 1.9.0, 1.9.2, 1.9.3, 2.0.0 before patchlevel 648, and 2.1 before 2.1.8 opens libraries with tainted names...

7.5CVSS6.7AI score0.07766EPSS
Exploits0References4
redhat
redhat
added 2026/04/17 11:15 p.m.2 views

ruby: HTTP response splitting in WEBrick

Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 allows HTTP Response Splitting. If a program using WEBrick inserts untrusted input into the response header, an attacker can exploit it to insert a newline character to split a header, and inject malicious content to deceive clients...

5.3CVSS6.6AI score0.04569EPSS
Exploits0References4
cgr
cgr
added 2026/04/11 2:19 a.m.4 views

GHSA-33QG-7WPP-89CQ vulnerabilities

Vulnerabilities for packages: pact-broker-docker-fips, ruby4.0-rails, ruby3.2-rails, ruby3.4-rails, ruby3.3-rails, pact-broker-docker, logstash...

6.1AI score
Exploits0
redhat
redhat
added 2026/04/09 12:37 p.m.4 views

ruby: missing "taintness" checks in dl module

The dl module in Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 does not check "taintness" of inputs, which allows context-dependent attackers to bypass safe levels and execute dangerous functions by accessing a library using DL.dlopen...

7.5CVSS7AI score0.13666EPSS
Exploits1References4
redhat
redhat
added 2026/04/09 12:37 p.m.2 views

ruby: Properly initialize the random number generator when forking new process

The SecureRandom.randombytes function in lib/securerandom.rb in Ruby before 1.8.7-p352 and 1.9.x before 1.9.2-p290 relies on PID values for initialization, which makes it easier for context-dependent attackers to predict the result string by leveraging knowledge of random strings obtained in an...

5CVSS7AI score0.0195EPSS
Exploits0References3
redhat
redhat
added 2026/04/09 12:37 p.m.2 views

ruby: WEBrick CGI source disclosure

Directory traversal vulnerability in WEBrick in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2, when using NTFS or FAT filesystems, allows remote attackers to read arbitrary CGI files via a trailing 1 + plus, 2 %2b encode...

5CVSS7.1AI score0.02813EPSS
Exploits1References4
redhat
redhat
added 2026/04/09 12:37 p.m.2 views

ruby: Integer overflows in rb_ary_store()

Multiple integer overflows in the rbarystore function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, and 1.8.7 before 1.8.7-p22 allow context-dependent attackers to execute arbitrary code or cause a denial of service via unknown vectors, a different issue than...

10CVSS7.2AI score0.04456EPSS
Exploits1References4
Rows per page
Query Builder