Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Tenable Nessus
Tenable Nessusadded 2026/01/20 12:0 a.m.4 views

MiracleLinux 8 : ruby:2.5 (AXSA:2022-3087:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3087:01 advisory. rubygem-rdoc: Command injection vulnerability in RDoc CVE-2021-31799 ruby: FTP PASV command response can cause Net::FTP to connect to arbitrary host...

7.4CVSS8.7AI score0.00668EPSS
Exploits2References4
Tenable Nessus
Tenable Nessusadded 2026/01/20 12:0 a.m.6 views

MiracleLinux 8 : ruby:2.6 (AXSA:2022-3073:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3073:01 advisory. rubygem-bundler: Dependencies of gems with explicit source may be installed from a different source CVE-2020-36327 rubygem-rdoc: Command injection...

9.3CVSS8.6AI score0.25071EPSS
Exploits5References7
Tenable Nessus
Tenable Nessusadded 2026/01/19 12:0 a.m.7 views

MiracleLinux 7 : rh-ruby26-ruby-2.6.9-120.el7 (AXSA:2022-3091:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3091:01 advisory. rubygem-bundler: Dependencies of gems with explicit source may be installed from a different source CVE-2020-36327 rubygem-rdoc: Command injection...

9.3CVSS7.4AI score0.25071EPSS
Exploits5References7
Amazon
Amazonadded 2023/09/25 12:0 a.m.1 views

Medium: ruby

Issue Overview: An operating system command injection flaw was found in RDoc. Using the rdoc command to generate documentation for a malicious Ruby source code could lead to execution of arbitrary commands with the privileges of the user running rdoc. CVE-2021-31799 Affected Packages: ruby Note:...

7CVSS7.9AI score0.00351EPSS
Exploits0
Oracle linux
Oracle linuxadded 2022/03/08 12:0 a.m.52 views

ruby:2.5 security update

ruby 2.5.9-109.0.1 - Rebuild with a dependency containing fix for Orabug: 33921593 2.5.9-109 - Properly fix command injection vulnerability in Rdoc. Related: CVE-2021-31799 2.5.9-108 - Fix command injection vulnerability in RDoc. Resolves: CVE-2021-31799 - Fix StartTLS stripping vulnerability in...

7.4CVSS1.2AI score0.00668EPSS
Exploits2
Oracle linux
Oracle linuxadded 2021/08/06 12:0 a.m.190 views

ruby:2.7 security update

ruby 2.7.4-137 - Upgrade to Ruby 2.7.4. - Fix command injection vulnerability in RDoc. Resolves: rhbz1986768 - Fix FTP PASV command response can cause Net::FTP to connect to arbitrary host. Resolves: rhbz1986812 - Fix StartTLS stripping vulnerability in Net::IMAP. Resolves: rhbz1986813 - Upgrade ...

9.3CVSS0.9AI score0.25071EPSS
Exploits3
ATTACKERKB
ATTACKERKBadded 2021/07/30 12:0 a.m.118 views

CVE-2021-31799

In RDoc 3.11 through 6.x before 6.3.1, as distributed with Ruby through 3.0.1, it is possible to execute arbitrary code via | and tags in a filename. Recent assessments: wvu-r7 at May 03, 2021 1:43am UTC reported: CVE-2021-31799 Perlisms strike again in this RDoc command injection. Kernelopen is...

4.4CVSS1.3AI score0.00351EPSS
Exploits0References4
Rows per page
Query Builder