Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Veracode
Veracodeadded 2020/04/10 12:59 a.m.60 views

Access Control Bypass

ruby is vulnerable to access control bypass. A flaw was found in the method for translating an exception message into a string in the Exception class. A remote attacker could use this flaw to bypass safe level 4 restrictions, allowing untrusted tainted code to modify arbitrary, trusted untainted...

5CVSS3.1AI score0.02121EPSS
Exploits2References23Affected Software1
Veracode
Veracodeadded 2019/05/02 4:53 a.m.32 views

Authorization Bypass

ruby is vulnerable to authorization bypass. A flaw was found in the method for translating an exception message into a string in the Ruby Exception class. A remote attacker could use this flaw to bypass safe level 4 restrictions, allowing untrusted tainted code to modify arbitrary, trusted...

5CVSS6.1AI score0.01686EPSS
Exploits1References22Affected Software35
Tenable Nessus
Tenable Nessusadded 2013/03/08 12:0 a.m.25 views

Scientific Linux Security Update : ruby on SL6.x i386/x86_64 (20130307)

It was discovered that Ruby's REXML library did not properly restrict XML entity expansion. An attacker could use this flaw to cause a denial of service by tricking a Ruby application using REXML to read text nodes from specially crafted XML content, which will result in REXML consuming large...

5CVSS8.3AI score0.25732EPSS
Exploits2References4
Tenable Nessus
Tenable Nessusadded 2013/03/08 12:0 a.m.37 views

RHEL 6 : ruby (RHSA-2013:0612)

Updated ruby packages that fix two security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are availab...

5CVSS8.2AI score0.25732EPSS
Exploits2References6
Cent OS
Cent OSadded 2013/01/09 8:36 p.m.62 views

ruby security update

CentOS Errata and Security Advisory CESA-2013:0129 Updated ruby packages that fix two security issues and one bug are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS...

5CVSS7.2AI score0.02121EPSS
Exploits3References7
Japan Vulnerability Notes
Japan Vulnerability Notesadded 2006/07/11 12:0 a.m.13 views

JVN#83768862 Ruby vulnerability caused by a problem with the alias funtion so that safe level 4 does not function as a sandbox

Impact An attacker could force programs to crash. Solution Products Affected Ruby 1.8.4-20060328 and earlier Snapshot versions As a workaround, we recommend that users update to the latest Ruby 1.8.4 snapshot version...

7AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notesadded 2006/07/11 12:0 a.m.9 views

JVN#13947696 Ruby contains a vulnerability that prevents safe level 4 from functioning as a sandbox.

Impact An attacker may be able to bypass the security model of a server application and change the status of a untained object. Solution Products Affected Ruby 1.8.4-20060516 and earlier Snapshot versions As a workaround, we recommend that users update to the latest Ruby 1.8.4 snapshot version...

7.1AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notesadded 2005/09/21 12:0 a.m.32 views

JVN#62914675 Ruby vulnerability allowing to bypass safe level 4 as a sandbox

Impact An attacker could possibly execute an arbitrary script. Solution Products Affected Ruby 1.8.2 and earlier...

7.5CVSS6.3AI score0.14418EPSS
Exploits0
Rows per page
Query Builder