Ruby: Uncontrolled Resource Consumption when parsing maliciously crafted XML with REXML

The REXML library in Ruby was found to be vulnerable to an issue where parsing a maliciously crafted XML file could lead to uncontrolled resource consumption, resulting in a denial of service. The vulnerability was caused by a flaw in the namespace handling functionality of the REXML library...

USN-6960-1 ruby-rmagick vulnerability

Nick Browning discovered that RMagick incorrectly handled memory under certain operations. An attacker could possibly use this issue to cause a denial of service through memory exhaustion...

USN-6748-1 ruby-sanitize vulnerabilities

It was discovered that Sanitize incorrectly handled noscript elements under certain circumstances. An attacker could possibly use this issue to execute a cross-site scripting XSS attack. This issue only affected Ubuntu 22.04 LTS. CVE-2023-23627 It was discovered that Sanitize incorrectly handled...

PT-2024-22612

Name of the Vulnerable Software and Affected Versions ROTP versions prior to 6.3.0 Description The Ruby One Time Password library ROTP is an open source library for generating and validating one time passwords. Affected versions had overly permissive default permissions. Recommendations For...

UBUNTU-CVE-2024-27285

YARD is a Ruby Documentation tool. The "frames.html" file within the Yard Doc's generated documentation is vulnerable to Cross-Site Scripting XSS attacks due to inadequate sanitization of user input within the JavaScript segment of the "frames.erb" template file. This vulnerability is fixed in...

CVE-2023-50725

Resque is a Redis-backed Ruby library for creating background jobs, placing them on multiple queues, and processing them later. The following paths in resque-web have been found to be vulnerable to reflected XSS: "/failed/?class=alertdocument.cookie" and "/queues/". This issue has been patched in...

Fedora 36 : rubygem-redcarpet (2023-597f13ffb9)

The remote Fedora 36 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-597f13ffb9 advisory. A security flow was found on redcarpet that escaping html was not properly done even if requested on some cases which may cause XSS vulnerability. This issue...

Fedora 37 : rubygem-redcarpet (2023-8682a0e17d)

The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-8682a0e17d advisory. A security flow was found on redcarpet that escaping html was not properly done even if requested on some cases which may cause XSS vulnerability. This issue...

UBUNTU-CVE-2023-28756

A ReDoS issue was discovered in the Time component through 0.2.1 in Ruby through 3.2.1. The Time parser mishandles invalid URLs that have specific characters. It causes an increase in execution time for parsing strings to Time objects. The fixed versions are 0.1.1 and 0.2.2...

CVE-2023-28102 Command injection in discordrb

discordrb is an implementation of the Discord API using Ruby. In discordrb before commit 91e13043ffa the encoder.rb file unsafely constructs a shell string using the file parameter, which can potentially leave clients of discordrb vulnerable to command injection. The library is not directly...

GNU Emacs 命令注入漏洞

GNU Emacs is a family of text editors in the American GNU community. A security vulnerability exists in GNU Emacs version 28.2 and earlier, which stems from the discovery of a local command injection vulnerability contained in the ruby-find-library-file function of ruby-mode.el. An attacker can...

SUSE CVE-2005-1992

The XMLRPC server in utils.rb for the ruby library libruby 1.8 sets an invalid default value that prevents "security protection" using handlers, which allows remote attackers to execute arbitrary commands...

SUSE CVE-2018-16468

In the Loofah gem for Ruby, through v2.2.2, unsanitized JavaScript may occur in sanitized output when a crafted SVG element is republished...

SUSE CVE-2018-1000201

ruby-ffi version 1.9.23 and earlier has a DLL loading issue which can be hijacked on Windows OS, when a Symbol is used as DLL name instead of a String This vulnerability appears to have been fixed in v1.9.24 and later...

SUSE CVE-2021-41819

CGI::Cookie.parse in Ruby through 2.6.8 mishandles security prefixes in cookie names. This also affects the CGI gem through 0.3.0 for Ruby...

SUSE CVE-2022-29181

Nokogiri is an open source XML and HTML library for Ruby. Nokogiri prior to version 1.13.6 does not type-check all inputs into the XML and HTML4 SAX parsers, allowing specially crafted untrusted inputs to cause illegal memory access errors segfault or reads from unrelated memory. Version 1.13.6...

SUSE CVE-2022-31163

TZInfo is a Ruby library that provides access to time zone data and allows times to be converted using time zone rules. Versions prior to 0.36.1, as well as those prior to 1.2.10 when used with the Ruby data source tzinfo-data, are vulnerable to relative path traversal. With the Ruby data source,...

Regular Expression Denial of Service (ReDoS)

Overview sisimai is a Ruby library for analyzing RFC5322 bounce emails and generating structured data from parsed results. Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS due to the usage of insecure regular expressions in the function toplain of the...

CVE-2022-39224 Arbitrary shell execution when extracting or listing files contained in a malicious rpm.

Arr-pm is an RPM reader/writer library written in Ruby. Versions prior to 0.0.12 are subject to OS command injection resulting in shell execution if the RPM contains a malicious "payload compressor" field. This vulnerability impacts the extract and files methods of the RPM::File class of this...

Debian DLA-3077-1 : ruby-tzinfo - LTS security update

The remote Debian 10 host has a package installed that is affected by a vulnerability as referenced in the dla-3077 advisory. - TZInfo is a Ruby library that provides access to time zone data and allows times to be converted using time zone rules. Versions prior to 0.36.1, as well as those prior ...