Lucene search
K

4 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 6:17 a.m.4 views

SUSE CVE-2005-2337

Ruby 1.6.x up to 1.6.8, 1.8.x up to 1.8.2, and 1.9.0 development up to 2005-09-01 allows attackers to bypass safe level and taint flag protections and execute disallowed code when Ruby processes a program through standard input stdin...

7.5CVSS7.3AI score0.03256EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:39 a.m.3 views

SUSE CVE-2013-2065

1 DL and 2 Fiddle in Ruby 1.9 before 1.9.3 patchlevel 426, and 2.0 before 2.0.0 patchlevel 195, do not perform taint checking for native functions, which allows context-dependent attackers to bypass intended $SAFE level restrictions...

6.4CVSS8.1AI score0.0251EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2011/08/03 12:0 a.m.26 views

Debian: Security Advisory (DSA-2265-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS6.4AI score0.08712EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2008/10/21 2:52 p.m.5 views

ruby: missing "taintness" checks in dl module

The dl module in Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 does not check "taintness" of inputs, which allows context-dependent attackers to bypass safe levels and execute dangerous functions by accessing a library using DL.dlopen...

7.5CVSS7.2AI score0.13666EPSS
Exploits1References4
Rows per page
Query Builder