13977 matches found
EUVD-2026-28554
YARD is a Ruby Documentation tool. Prior to version 0.9.42, a path traversal vulnerability was discovered in YARD when using yard server to serve documentation. This bug would allow unsanitized HTTP requests to access arbitrary files on the machine of a yard server host under certain conditions...
YARD 路径遍历漏洞
YARD is a Ruby documentation generation tool developed by Loren Segal. Versions of YARD prior to 0.9.42 contained a path traversal vulnerability. This vulnerability stemmed from the use of the yard server’s path traversal feature, which could allow uncleaned HTTP requests to access arbitrary file...
Avo 访问控制错误漏洞
Avo is an open-source Ruby on Rails management panel framework developed by Avo itself. Versions of Avo prior to 3.31.2 contained a security vulnerability related to access control. This vulnerability stemmed from insecure operation search logic in the ActionsController, allowing authenticated...
Ruby net-imap 0.4.x < 0.4.24 / 0.5.x < 0.5.14 / 0.6.x < 0.6.4 vulnerability
The version of the net-imap Ruby library installed on the remote host is prior to 0.4.x prior to 0.4.24, 0.5.x prior to 0.5.14, or 0.6.x prior to 0.6.4. It is, therefore, affected by a computational denial-of-service vulnerability. A denial of service vulnerability exists when authenticating a...
Ruby net-imap < 0.3.10 / 0.4.x < 0.4.24 / 0.5.x < 0.5.14 / 0.6.x < 0.6.4 vulnerability
The version of the net-imap Ruby library installed on the remote host is prior to 0.3.10, 0.4.x prior to 0.4.24, 0.5.x prior to 0.5.14, or 0.6.x prior to 0.6.4. It is, therefore, affected by a man-in-the-middle vulnerability. A flaw in the Net::IMAPstarttls function allows a man-in-the-middle...
Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in addressable-2.5.2.gem
Summary IBM Watson Discovery Cartridge affected by vulnerability in addressable-2.5.2.gem Vulnerability Details CVEID:CVE-2026-35611 DESCRIPTION: Addressable is an alternative implementation to the URI implementation that is part of Ruby's standard library. From 2.3.0 to before 2.9.0, within the...
Rails: Active Support: Active Support: Denial of Service via large scientific notation strings
A flaw was found in Active Support, a toolkit of support libraries for Ruby on Rails. A remote attacker can exploit this vulnerability by providing specially crafted strings containing scientific notation e.g., "1e10000" to number helpers. This input causes the BigDecimal component to expand into...
Unity Linux 20.1060e / 20.1070e Security Update: ruby (UTSA-2026-016521)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016521 advisory. An issue was discovered in Ruby 3.x through 3.3.0. If attacker-supplied data is provided to the Ruby regex compiler, it is possible to extract arbitrary heap data...
GHSA-VCGP-9326-PQCP vulnerabilities
Vulnerabilities for packages: kube-logging-operator, logstash, ruby3.2-rails, ruby3.4-net-imap, ruby4.0-rails, kube-fluentd-operator, ruby3.2-net-imap, ruby4.0-net-imap, ruby3.3-rails, ruby3.3-net-imap, ruby3.4-rails...
GHSA-HM49-WCQC-G2XG vulnerabilities
Vulnerabilities for packages: kube-logging-operator, logstash, ruby3.2-rails, ruby3.4-net-imap, ruby4.0-rails, ruby3.2-net-imap, ruby4.0-net-imap, ruby3.3-rails, ruby3.3-net-imap, ruby3.4-rails...
GHSA-75XQ-5H9V-W6PX vulnerabilities
Vulnerabilities for packages: kube-logging-operator, logstash, ruby3.2-rails, ruby3.4-net-imap, ruby4.0-rails, ruby3.2-net-imap, ruby4.0-net-imap, ruby3.3-rails, ruby3.3-net-imap, ruby3.4-rails...
CVE-2026-42257 vulnerabilities
Vulnerabilities for packages: kube-logging-operator, logstash, ruby3.2-rails, ruby3.4-net-imap, ruby4.0-rails, ruby3.2-net-imap, ruby4.0-net-imap, ruby3.3-rails, ruby3.3-net-imap, ruby3.4-rails...
GHSA-Q2MW-FVJ9-VVCW vulnerabilities
Vulnerabilities for packages: logstash, ruby3.4-rails, kube-logging-operator, gitlab-rails-ce-fips, gitlab-rails-ce, ruby4.0-net-imap, ruby4.0-rails, ruby3.3-net-imap, logstash-fips, ruby3.2-net-imap, ruby3.4-net-imap, ruby3.2-rails, ruby3.3-rails...
GHSA-75XQ-5H9V-W6PX vulnerabilities
Vulnerabilities for packages: logstash, ruby3.4-rails, kube-logging-operator, gitlab-rails-ce-fips, gitlab-rails-ce, ruby4.0-net-imap, ruby4.0-rails, ruby3.3-net-imap, logstash-fips, ruby3.2-net-imap, ruby3.4-net-imap, ruby3.2-rails, ruby3.3-rails...
CVE-2026-42256 vulnerabilities
Vulnerabilities for packages: logstash, ruby3.4-rails, kube-logging-operator, gitlab-rails-ce-fips, gitlab-rails-ce, ruby4.0-net-imap, ruby4.0-rails, ruby3.3-net-imap, logstash-fips, ruby3.2-net-imap, ruby3.4-net-imap, ruby3.2-rails, ruby3.3-rails...
CVE-2026-42258 vulnerabilities
Vulnerabilities for packages: logstash, ruby3.4-rails, kube-logging-operator, gitlab-rails-ce-fips, gitlab-rails-ce, ruby4.0-net-imap, ruby4.0-rails, ruby3.3-net-imap, logstash-fips, ruby3.2-net-imap, ruby3.4-net-imap, ruby3.2-rails, ruby3.3-rails...
CVE-2026-42257 vulnerabilities
Vulnerabilities for packages: logstash, ruby3.4-rails, kube-logging-operator, gitlab-rails-ce-fips, gitlab-rails-ce, ruby4.0-net-imap, ruby4.0-rails, ruby3.3-net-imap, logstash-fips, ruby3.2-net-imap, ruby3.4-net-imap, ruby3.2-rails, ruby3.3-rails...
CVE-2026-42246 vulnerabilities
Vulnerabilities for packages: logstash, kube-fluentd-operator, ruby3.4-rails, kube-logging-operator, gitlab-rails-ce-fips, gitlab-rails-ce, ruby4.0-net-imap, ruby4.0-rails, ruby3.3-net-imap, logstash-fips, ruby3.2-net-imap, ruby3.4-net-imap, ruby3.2-rails, ruby3.3-rails...
CVE-2026-42245 vulnerabilities
Vulnerabilities for packages: logstash, ruby3.4-rails, kube-logging-operator, gitlab-rails-ce-fips, gitlab-rails-ce, ruby4.0-net-imap, ruby4.0-rails, ruby3.3-net-imap, logstash-fips, ruby3.2-net-imap, ruby3.4-net-imap, ruby3.2-rails, ruby3.3-rails...
GHSA-VCGP-9326-PQCP vulnerabilities
Vulnerabilities for packages: logstash, kube-fluentd-operator, ruby3.4-rails, kube-logging-operator, gitlab-rails-ce-fips, gitlab-rails-ce, ruby4.0-net-imap, ruby4.0-rails, ruby3.3-net-imap, logstash-fips, ruby3.2-net-imap, ruby3.4-net-imap, ruby3.2-rails, ruby3.3-rails...