Lucene search
K

7 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-24081

Malicious code in bioql PyPI...

7.5CVSS5.5AI score0.00671EPSS
Exploits1References9
SUSE CVE
SUSE CVE
added 2023/02/15 4:20 a.m.5 views

SUSE CVE-2018-1000079

RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 series: 2.4.3 and earlier, Ruby 2.5 series: 2.5.0 and earlier, prior to trunk revision 62422 contains a Directory Traversal vulnerability in gem installation that can result in the gem could write to...

5.5CVSS7AI score0.02876EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2020/02/25 12:14 p.m.5 views

rubygems: Path traversal issue during gem installation allows to write to arbitrary filesystem locations

RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 series: 2.4.3 and earlier, Ruby 2.5 series: 2.5.0 and earlier, prior to trunk revision 62422 contains a Directory Traversal vulnerability in gem installation that can result in the gem could write to...

5.5CVSS7.2AI score0.02876EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2019/08/06 12:40 p.m.5 views

rubygems: Infinite loop vulnerability due to negative size in tar header causes Denial of Service

RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 series: 2.4.3 and earlier, Ruby 2.5 series: 2.5.0 and earlier, prior to trunk revision 62422 contains a infinite loop caused by negative size vulnerability in ruby gem package tar header that can...

7.5CVSS7.3AI score0.04809EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2018/11/29 10:23 a.m.6 views

rubygems: Missing URL validation on spec home attribute allows malicious gem to set an invalid homepage URL

RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 series: 2.4.3 and earlier, Ruby 2.5 series: 2.5.0 and earlier, prior to trunk revision 62422 contains a Improper Input Validation vulnerability in ruby gems specification homepage attribute that can...

5.3CVSS7.2AI score0.03825EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2018/11/29 9:56 a.m.6 views

rubygems: Improper verification of signatures in tarball allows to install mis-signed gem

RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 series: 2.4.3 and earlier, Ruby 2.5 series: 2.5.0 and earlier, prior to trunk revision 62422 contains a Improper Verification of Cryptographic Signature vulnerability in package.rb that can result in...

9.8CVSS7.3AI score0.03037EPSS
Exploits0References5
OSV
OSV
added 2018/03/13 12:0 a.m.3 views

UBUNTU-CVE-2018-1000074

RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 series: 2.4.3 and earlier, Ruby 2.5 series: 2.5.0 and earlier, prior to trunk revision 62422 contains a Deserialization of Untrusted Data vulnerability in owner command that can result in code...

7.8CVSS7.2AI score0.02982EPSS
Exploits0References7
Rows per page
Query Builder