GHSA-9QVM-2VHF-Q649 RubyGems Regular Expression Denial of Service

Algorithmic complexity vulnerability in Gem::Version::ANCHOREDVERSIONPATTERN in lib/rubygems/version.rb in RubyGems before 1.8.23.2, 1.8.24 through 1.8.26, 2.0.x before 2.0.10, and 2.1.x before 2.1.5, as used in Ruby 1.9.0 through 2.0.0p247, allows remote attackers to cause a denial of service CP...

CVE-2009-5147

DL::dlopen in Ruby 1.8, 1.9.0, 1.9.2, 1.9.3, 2.0.0 before patchlevel 648, and 2.1 before 2.1.8 opens libraries with tainted names...

Mandriva Update for ruby MDVSA-2008:140 (ruby)

Check for the Version of ruby OpenVAS Vulnerability Test Mandriva Update for ruby MDVSA-2008:140 ruby Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...

CVE-2008-2726

CVE-2008-2726 is described in connected docs as an integer overflow in rb_ary_splice on Ruby 1.8.4 and earlier (and related 1.8.x lines) that allows context-dependent memory corruption. MiracleLinux AXSA-2008-86:01 explicitly includes CVE-2008-2726 among ruby issues and references the Real Alloc_...

CVE-2008-2664 ruby: Unsafe use of alloca in rb_str_format()

The rbstrformat function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2 allows context-dependent attackers to trigger memory corruption via unspecified vectors related to alloca, a different issue than CVE-2008-2662,...

CVE-2008-1891

Directory traversal vulnerability in WEBrick in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2, when using NTFS or FAT filesystems, allows remote attackers to read arbitrary CGI files via a trailing 1 + plus, 2 %2b encode...