451 matches found
CVE-2017-0909
The CVE-2017-0909 issue affects the private_address_check Ruby gem (versions before 0.4.1). It enables a bypass of its server-side request forgery (SSRF) protections by an incomplete blacklist of private/local addresses, notably missing 0.0.0.0. Affected behavior: attackers can bypass the blackli...
CVE-2017-0909
The privateaddresscheck ruby gem before 0.4.1 is vulnerable to a bypass due to an incomplete blacklist of common private/local network addresses used to prevent server-side request forgery...
GHSA-Q97V-764G-R2RP gollum and gollum-lib allow remote authenticated users to execute arbitrary code
The gollum-gritadapter Ruby gem dependency in gollum before 3.1.1 and the gollum-lib gem dependency in gollum-lib before 4.0.1 when the string master is in any of the wiki documents, allows remote authenticated users to execute arbitrary code via the -O or --open-files-in-pager flags...
gollum and gollum-lib allow remote authenticated users to execute arbitrary code
The gollum-gritadapter Ruby gem dependency in gollum before 3.1.1 and the gollum-lib gem dependency in gollum-lib before 4.0.1 when the string master is in any of the wiki documents, allows remote authenticated users to execute arbitrary code via the -O or --open-files-in-pager flags...
gollum and gollum-lib allow remote authenticated users to execute arbitrary code
The gollum-gritadapter Ruby gem dependency in gollum before 3.1.1 and the gollum-lib gem dependency in gollum-lib before 4.0.1 when the string master is in any of the wiki documents, allows remote authenticated users to execute arbitrary code via the -O or --open-files-in-pager flags...
gollum and gollum-lib allow remote authenticated users to execute arbitrary code
The gollum-gritadapter Ruby gem dependency in gollum before 3.1.1 and the gollum-lib gem dependency in gollum-lib before 4.0.1 when the string master is in any of the wiki documents, allows remote authenticated users to execute arbitrary code via the -O or --open-files-in-pager flags...
CVE-2017-0904
The privateaddresscheck ruby gem before 0.4.0 is vulnerable to a bypass due to use of Ruby's Resolv.getaddresses method, which is OS-dependent and should not be relied upon for security measures, such as when used to blacklist private network addresses to prevent server-side request forgery...
Server side request forgery (ssrf)
Paperclip ruby gem version 3.1.4 and later suffers from a Server-SIde Request Forgery SSRF vulnerability in the Paperclip::UriAdapter class. Attackers may be able to access information about internal network resources...
Server side request forgery (ssrf)
The privateaddresscheck ruby gem before 0.4.0 is vulnerable to a bypass due to use of Ruby's Resolv.getaddresses method, which is OS-dependent and should not be relied upon for security measures, such as when used to blacklist private network addresses to prevent server-side request forgery...
CVE-2017-0904
The privateaddresscheck ruby gem before 0.4.0 is vulnerable to a bypass due to use of Ruby's Resolv.getaddresses method, which is OS-dependent and should not be relied upon for security measures, such as when used to blacklist private network addresses to prevent server-side request forgery...
CVE-2017-0889
Paperclip ruby gem version 3.1.4 and later suffers from a Server-SIde Request Forgery SSRF vulnerability in the Paperclip::UriAdapter class. Attackers may be able to access information about internal network resources...
CVE-2017-0889
CVE-2017-0889 affects Paperclip Ruby gem 3.1.4+ (Paperclip::UriAdapter, Paperclip::HttpUrlProxyAdapter) with a Server-Side Request Forgery (SSRF) vulnerability that may allow an attacker to access internal network resources. The connected documents corroborate the vulnerability and impact, but do...
CVE-2017-0904
The private_address_check Ruby gem (versions before 0.4.0) is affected by a bypass of its own privacy filter due to using Ruby’s Resolv.getaddresses, which is OS-dependent and cannot be trusted for security checks. This can undermine server-side request forgery protections that rely on blacklisti...
private_address_check Ruby Gem Blacklist Bypass privilege escalation
The privateaddresscheck ruby gem before 0.4.1 is vulnerable to a bypass due to an incomplete blacklist of common private/local network addresses used to prevent server-side request forgery...
GHSA-67J6-XV27-W6WW Web Console (Ruby gem) contains whitelisted_ips bypass
request.rb in Web Console before 2.1.3, as used with Ruby on Rails 3.x and 4.x, does not properly restrict the use of X-Forwarded-For headers in determining a client's IP address, which allows remote attackers to bypass the whitelistedips protection mechanism via a crafted request...
rack-ssl Cross-site Scripting vulnerability
Cross-site scripting XSS vulnerability in lib/rack/ssl.rb in the rack-ssl gem before 1.4.0 for Ruby allows remote attackers to inject arbitrary web script or HTML via a URI, which might not be properly handled by third-party adapters such as JRuby-Rack...
Web Console (Ruby gem) contains whitelisted_ips bypass
request.rb in Web Console before 2.1.3, as used with Ruby on Rails 3.x and 4.x, does not properly restrict the use of X-Forwarded-For headers in determining a client's IP address, which allows remote attackers to bypass the whitelistedips protection mechanism via a crafted request...
Code injection
The gollum-gritadapter Ruby gem dependency in gollum before 3.1.1 and the gollum-lib gem dependency in gollum-lib before 4.0.1 when the string "master" is in any of the wiki documents, allows remote authenticated users to execute arbitrary code via the -O or --open-files-in-pager flags...
CVE-2014-9489
The gollum-gritadapter Ruby gem dependency in gollum before 3.1.1 and the gollum-lib gem dependency in gollum-lib before 4.0.1 when the string "master" is in any of the wiki documents, allows remote authenticated users to execute arbitrary code via the -O or --open-files-in-pager flags...
CVE-2014-9489
The CVE-2014-9489 issue affects the gollum-grit_adapter (part of Gollum) and the gollum-lib gem, where if any wiki document contains the string "master", remote authenticated users can execute arbitrary code through the -O/--open-files-in-pager flags. Root cause is the grit_adapter’s search funct...