Lucene search
K

104 matches found

Cvelist
Cvelist
added 2025/08/29 12:0 a.m.8 views

CVE-2025-55763

Buffer Overflow in the URI parser of CivetWeb 1.14 through 1.16 latest allows a remote attacker to achieve remote code execution via a crafted HTTP request. This vulnerability is triggered during request processing and may allow an attacker to corrupt heap memory, potentially leading to denial of...

0.01116EPSS
Exploits2References2
Debian CVE
Debian CVE
added 2025/08/29 12:0 a.m.3 views

CVE-2025-55763

Buffer Overflow in the URI parser of CivetWeb 1.14 through 1.16 latest allows a remote attacker to achieve remote code execution via a crafted HTTP request. This vulnerability is triggered during request processing and may allow an attacker to corrupt heap memory, potentially leading to denial of...

7.5CVSS6.7AI score0.01116EPSS
Exploits2
OSV
OSV
added 2025/08/19 4:51 p.m.6 views

CLSA-2025-1755617966 ruby: Fix of CVE-2023-36617

CVE-2023-36617: fix mishandling invalid URLs that have specific characters in URI parser to prevent ReDoS issue...

5.3CVSS6.5AI score0.01698EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.14 views

Linux Distros Unpatched Vulnerability : CVE-2023-28755

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A ReDoS issue was discovered in the URI component through 0.12.0 in Ruby through 3.2.1. The URI parser mishandles invalid URLs that have specific characters. It...

5.3CVSS6.9AI score0.02637EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/02/05 12:0 a.m.9 views

Amazon Linux 2023 : ruby3.2, ruby3.2-bundled-gems, ruby3.2-default-gems (ALAS2023-2025-839)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-839 advisory. A ReDoS issue was discovered in the URI component before 0.12.2 for Ruby. The URI parser mishandles invalid URLs that have specific characters. There is an increase in execution time for parsing strings...

5.3CVSS7.9AI score0.02637EPSS
Exploits0References4
Amazon
Amazon
added 2025/02/05 12:0 a.m.5 views

Medium: ruby3.2

Issue Overview: A ReDoS issue was discovered in the URI component before 0.12.2 for Ruby. The URI parser mishandles invalid URLs that have specific characters. There is an increase in execution time for parsing strings to URI objects with rfc2396parser.rb and rfc3986parser.rb. NOTE: this issue...

5.3CVSS7.1AI score0.02637EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/01/01 12:0 a.m.4 views

PT-2025-35250

Name of the Vulnerable Software and Affected Versions CivetWeb versions 1.14 through 1.16 Description A buffer overflow in the URI parser of CivetWeb may allow a remote attacker to achieve remote code execution via a crafted HTTP request. This issue is triggered during request processing and may...

7.5CVSS6.7AI score0.01116EPSS
Exploits2References16
SUSE CVE
SUSE CVE
added 2024/05/04 2:22 a.m.4 views

SUSE CVE-2024-34402

An issue was discovered in uriparser through 0.9.7. ComposeQueryEngine in UriQuery.c has an integer overflow via long keys or values, with a resultant buffer overflow...

8.6CVSS7.7AI score0.01233EPSS
Exploits0References4
OSV
OSV
added 2024/05/03 1:15 a.m.1 views

DEBIAN-CVE-2024-34402

An issue was discovered in uriparser through 0.9.7. ComposeQueryEngine in UriQuery.c has an integer overflow via long keys or values, with a resultant buffer overflow...

8.6CVSS7.2AI score0.01233EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2023/09/27 12:0 a.m.70 views

Amazon Linux 2 : ruby (ALASRUBY3.0-2023-001)

The version of ruby installed on the remote host is prior to 3.0.6-156. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2RUBY3.0-2023-001 advisory. A ReDoS issue was discovered in the URI component through 0.12.0 in Ruby through 3.2.1. The URI parser mishandles...

5.3CVSS8AI score0.02637EPSS
Exploits0References6
Amazon
Amazon
added 2023/09/25 12:0 a.m.5 views

Important: ruby

Issue Overview: A ReDoS issue was discovered in the URI component through 0.12.0 in Ruby through 3.2.1. The URI parser mishandles invalid URLs that have specific characters. It causes an increase in execution time for parsing strings to URI objects. The fixed versions are 0.12.1, 0.11.1, 0.10.2 a...

5.3CVSS7.3AI score0.02637EPSS
Exploits0
OpenVAS
OpenVAS
added 2023/09/05 12:0 a.m.23 views

Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2023-2666)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.3CVSS6.2AI score0.02637EPSS
Exploits0References2
OSV
OSV
added 2023/07/15 11:5 a.m.2 views

OESA-2023-1427 ruby security update

Ruby is a fast and easy interpreted scripting language for object-oriented programming. It has many functions for processing text Files and perform system management tasks such as Perl. Security Fixes: A ReDoS issue was discovered in the URI component before 0.12.2 for Ruby. The URI parser...

5.3CVSS7AI score0.01698EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2023/07/13 11:36 a.m.45 views

CVE-2023-36617

A flaw was found in the rubygem URI. The URI parser mishandles invalid URLs that have specific characters, which causes an increase in execution time parsing strings to URI objects. This issue may result in a regular expression denial of service ReDoS...

5.3CVSS6.8AI score0.02637EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/07/13 12:0 a.m.32 views

Oracle Linux 8 : ruby:2.7 (ELSA-2023-3821)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-3821 advisory. - Fix HTTP response splitting in CGI. Resolves: CVE-2021-33621 - Fix ReDoS vulnerability in URI. Resolves: CVE-2023-28755 - Fix ReDoS vulnerability in...

8.8CVSS7.8AI score0.02637EPSS
Exploits1References4
Microsoft CVE
Microsoft CVE
added 2023/07/04 7:0 a.m.5 views

A ReDoS issue was discovered in the URI component before 0.12.2 for Ruby. The URI parser mishandles invalid URLs that have specific characters. There is an increase in execution time for parsing strings to URI objects with rfc2396_parser.rb and rfc3986_parser.rb. NOTE: this issue exists becuse of an incomplete fix for CVE-2023-28755. Version 0.10.3 is also a fixed version.

...

5.3CVSS6.4AI score0.02637EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2023/07/01 1:27 a.m.2 views

SUSE CVE-2023-36617

A ReDoS issue was discovered in the URI component before 0.12.2 for Ruby. The URI parser mishandles invalid URLs that have specific characters. There is an increase in execution time for parsing strings to URI objects with rfc2396parser.rb and rfc3986parser.rb. NOTE: this issue exists becuse of a...

7.5CVSS6.9AI score0.01698EPSS
Exploits0References3
NVD
NVD
added 2023/06/29 1:15 p.m.30 views

CVE-2023-36617

A ReDoS issue was discovered in the URI component before 0.12.2 for Ruby. The URI parser mishandles invalid URLs that have specific characters. There is an increase in execution time for parsing strings to URI objects with rfc2396parser.rb and rfc3986parser.rb. NOTE: this issue exists becuse of a...

5.3CVSS7.1AI score0.01698EPSS
Exploits0References6
OSV
OSV
added 2023/06/29 1:15 p.m.3 views

AZL-27310 CVE-2023-36617 affecting package ruby for versions less than 3.1.4-2

A ReDoS issue was discovered in the URI component before 0.12.2 for Ruby. The URI parser mishandles invalid URLs that have specific characters. There is an increase in execution time for parsing strings to URI objects with rfc2396parser.rb and rfc3986parser.rb. NOTE: this issue exists becuse of a...

5.3CVSS6.9AI score0.01698EPSS
Exploits0References1
OSV
OSV
added 2023/06/29 1:15 p.m.1 views

DEBIAN-CVE-2023-36617

A ReDoS issue was discovered in the URI component before 0.12.2 for Ruby. The URI parser mishandles invalid URLs that have specific characters. There is an increase in execution time for parsing strings to URI objects with rfc2396parser.rb and rfc3986parser.rb. NOTE: this issue exists becuse of a...

5.3CVSS7.2AI score0.01698EPSS
Exploits0References1
Rows per page
Query Builder