Lucene search
K
RubygemsMost viewed

1243 matches found

RubySec
RubySec
•added 2022/02/21 12:0 a.m.•386 views

Update packaged libxml2 (2.9.12 → 2.9.13) and libxslt (1.1.34 → 1.1.35)

Summary Nokogiri v1.13.2 upgrades two of its packaged dependencies: vendored libxml2 from v2.9.12 to v2.9.13 vendored libxslt from v1.1.34 to v1.1.35 Those library versions address the following upstream CVEs: libxslt: CVE-2021-30560 CVSS 8.8, High severity libxml2: CVE-2022-23308 Unspecified...

8.8CVSS1AI score0.21623EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2018/07/03 12:0 a.m.•255 views

XSS vulnerabilities via data-parent, data-target, data-container in bootstrap

In Bootstrap before 4.1.2, XSS is possible in collapse data-parent attribute CVE-2018-14040, data-target property of scrollspy CVE-2018-14041, data-container property of tooltip CVE-2018-14042...

6.1CVSS2.6AI score0.04293EPSS
Exploits3References1Affected Software1
RubySec
RubySec
•added 2022/05/14 12:0 a.m.•159 views

WEBrick RCE Vulnerability

The Basic authentication code in WEBrick library in Ruby before 2.2.8, 2.3.x before 2.3.5, and 2.4.x through 2.4.1 allows remote attackers to inject terminal emulator escape sequences into its log and possibly execute arbitrary commands via a crafted user name...

9.3CVSS8AI score0.16412EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2020/05/18 12:0 a.m.•158 views

Circumvention of file size limits in ActiveStorage

There is a vulnerability in ActiveStorage's S3 adapter that allows the Content-Length of a direct file upload to be modified by an end user. Versions Affected: rails = 5.2.4.3, rails = 6.0.3.1 Impact ------ Utilizing this vulnerability, an attacker can control the Content-Length of an S3 direct...

7.5CVSS3.5AI score0.03065EPSS
Exploits1References1Affected Software1
RubySec
RubySec
•added 2015/06/04 12:0 a.m.•109 views

Data Injection Vulnerability in moped Rubygem

A flaw in the ObjectId validation regular expression can enable attackers to inject arbitrary information into a given BSON object...

7.5CVSS6.7AI score0.05661EPSS
Exploits1References1Affected Software1
RubySec
RubySec
•added 2022/04/12 12:0 a.m.•97 views

Buffer overrun in String-to-Float conversion

A buffer-overrun vulnerability is discovered in a conversion algorithm from a String to a Float. This vulnerability has been assigned the CVE identifier CVE-2022-28739. We strongly recommend upgrading Ruby. Due to a bug in an internal function that converts a String to a Float, some convertion...

7.5CVSS3.3AI score0.04127EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2019/03/13 12:0 a.m.•91 views

Possible Remote Code Execution Exploit in Rails Development Mode

There is a possible a possible remote code executing exploit in Rails when in development mode. This vulnerability has been assigned the CVE identifier CVE-2019-5420. Versions Affected: 6.0.0.X, 5.2.X. Not affected: 5.2.0 Fixed Versions: 6.0.0.beta3, 5.2.2.1 Impact ------ With some knowledge of a...

9.8CVSS4.2AI score0.92144EPSS
Exploits13References1Affected Software1
RubySec
RubySec
•added 2018/07/11 12:0 a.m.•91 views

Doorkeeper gem does not revoke token for public clients

Any OAuth application that uses public/non-confidential authentication when interacting with Doorkeeper is unable to revoke its tokens when calling the revocation endpoint. A bug in the token revocation API would cause it to attempt to authenticate the public OAuth client as if it was a...

7.5CVSS1.5AI score0.01611EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2022/03/08 12:0 a.m.•88 views

Possible code injection vulnerability in Rails / Active Storage

There is a possible code injection vulnerability in the Active Storage module of Rails. This vulnerability has been assigned the CVE identifier CVE-2022-21831. Versions Affected: = 5.2.0 Not affected: params:v % Where the transformation method or its arguments are untrusted arbitrary input. All...

9.8CVSS1.7AI score0.02742EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2023/01/18 12:0 a.m.•85 views

ReDoS based DoS vulnerability in Action Dispatch

There is a possible regular expression based DoS vulnerability in Action Dispatch related to the If-None-Match header. This vulnerability has been assigned the CVE identifier CVE-2023-22795. Versions Affected: All Not affected: None Fixed Versions: 6.1.7.1, 7.0.4.1 Impact A specially crafted HTTP...

7.5CVSS7.4AI score0.02278EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2022/06/27 12:0 a.m.•82 views

Possible shell escape sequence injection vulnerability in Rack

There is a possible shell escape sequence injection vulnerability in the Lint and CommonLogger components of Rack. This vulnerability has been assigned the CVE identifier CVE-2022-30123. Versions Affected: All. Not affected: None Fixed Versions: 2.0.9.1, 2.1.4.1, 2.2.3.1 Impact Carefully crafted...

10CVSS4.3AI score0.01801EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2022/04/27 12:0 a.m.•82 views

Possible XSS Vulnerability in Action Pack

There is a possible XSS vulnerability in Rails / Action Pack. This vulnerability has been assigned the CVE identifier CVE-2022-22577. Versions Affected: = 5.2.0 Not affected: 5.2.0 Fixed Versions: 7.0.2.4, 6.1.5.1, 6.0.4.8, 5.2.7.1 Impact CSP headers were only sent along with responses that Rails...

6.1CVSS7.3AI score0.01594EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2020/03/19 12:0 a.m.•72 views

Unsafe Object Creation Vulnerability in JSON (Additional fix)

When parsing certain JSON documents, the json gem including the one bundled with Ruby can be coerced into creating arbitrary objects in the target system. This is the same issue as CVE-2013-0269. The previous fix was incomplete, which addressed JSON.parseuserinput, but didn’t address some other...

7.5CVSS1.3AI score0.06811EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2020/06/15 12:0 a.m.•71 views

Percent-encoded cookies can be used to overwrite existing prefixed cookie names

It is possible to forge a secure or host-only cookie prefix in Rack using an arbitrary cookie write by using URL encoding percent-encoding on the name of the cookie. This could result in an application that is dependent on this prefix to determine if a cookie is safe to process being manipulated...

7.5CVSS2.9AI score0.02938EPSS
Exploits1References1Affected Software1
RubySec
RubySec
•added 2018/09/28 12:0 a.m.•71 views

Jekyll _config.yml privilege escalation

Jekyll through 3.6.2, 3.7.x through 3.7.3, and 3.8.x through 3.8.3 allows attackers to access arbitrary files by specifying a symlink in the "include" key in the "config.yml" file...

7.5CVSS6.9AI score0.0217EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2008/05/05 12:0 a.m.•70 views

ruby -- DNS spoofing vulnerability in resolv.rb

resolv.rb in Ruby 1.8.5 and earlier, 1.8.6 before 1.8.6-p287, 1.8.7 before 1.8.7-p72, and 1.9 r18423 and earlier uses sequential transaction IDs and constant source ports for DNS requests, which makes it easier for remote attackers to spoof DNS responses, a different vulnerability than...

5.8CVSS4.7AI score0.02415EPSS
Exploits2References1Affected Software1
RubySec
RubySec
•added 2022/06/27 12:0 a.m.•69 views

Denial of Service Vulnerability in Rack Multipart Parsing

There is a possible denial of service vulnerability in the multipart parsing component of Rack. This vulnerability has been assigned the CVE identifier CVE-2022-30122. Versions Affected: = 1.2 Not affected: 1.2 Fixed Versions: 2.0.9.1, 2.1.4.1, 2.2.3.1 Impact Carefully crafted multipart POST...

7.5CVSS4.2AI score0.02056EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2026/05/27 12:0 a.m.•68 views

Puma PROXY Protocol v1 Parser Allows Remote Memory Exhaustion

Impact PROXY protocol support for Puma was added in version 5.5.0. When PROXY protocol v1 support is enabled, Puma reads incoming bytes into an internal buffer. It waits for "\r\n" to determine whether a PROXY v1 line is present. If an attacker opens a TCP connection and continuously sends bytes...

5.8AI score0.0007EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2024/07/10 12:0 a.m.•68 views

Decidim vulnerable to data disclosure through the embed feature

Impact If an attacker can infer the slug or URL of an unpublished or private resource, and this resource can be embedded such as a Participatory Process, an Assembly, a Proposal, a Result, etc, then some data of this resource could be accessed. Patches Version 0.27.6...

5.3CVSS7AI score0.00492EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2015/04/14 12:0 a.m.•68 views

Nokogiri gem contains several vulnerabilities in libxml2 and libxslt

Several vulnerabilities were discovered in the libxml2 and libxslt libraries that the Nokogiri gem depends on. CVE-2015-1819 A denial of service flaw was found in the way libxml2 parsed XML documents. This flaw could cause an application that uses libxml2 to use an excessive amount of memory...

6.8CVSS4.2AI score0.0634EPSS
Exploits3References1Affected Software1
RubySec
RubySec
•added 2021/11/24 12:0 a.m.•66 views

Cookie Prefix Spoofing in CGI::Cookie.parse

The old versions of CGI::Cookie.parse applied URL decoding to cookie names. An attacker could exploit this vulnerability to spoof security prefixes in cookie names, which may be able to trick a vulnerable application. By this fix, CGI::Cookie.parse no longer decodes cookie names. Note that this i...

7.5CVSS6.3AI score0.02931EPSS
Exploits1References1Affected Software1
RubySec
RubySec
•added 2022/04/12 12:0 a.m.•64 views

Double free in Regexp compilation

A double-free vulnerability is discovered in Regexp compilation. This vulnerability has been assigned the CVE identifier CVE-2022-28738. We strongly recommend upgrading Ruby. Due to a bug in the Regexp compilation process, creating a Regexp object with a crafted source string could cause the same...

9.8CVSS7.2AI score0.02744EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2022/04/11 12:0 a.m.•64 views

Out-of-bounds Write in zlib affects Nokogiri

Summary Nokogiri v1.13.4 updates the vendored zlib from 1.2.11 to 1.2.12, which addresses CVE-2018-25032. That CVE is scored as CVSS 7.4 "High" on the NVD record as of 2022-04-05. Please note that this advisory only applies to the CRuby implementation of Nokogiri = v1.13.4. Impact CVE-2018-25032 ...

7.5CVSS0.3AI score0.52063EPSS
Exploits1References1Affected Software1
RubySec
RubySec
•added 2011/02/19 12:0 a.m.•64 views

CVE-2011-1004 Ruby: Symlink race condition by removing directory trees in fileutils module

The FileUtils.removeentrysecure method in Ruby 1.8.6 through 1.8.6-420, 1.8.7 through 1.8.7-330, 1.8.8dev, 1.9.1 through 1.9.1-430, 1.9.2 through 1.9.2-136, and 1.9.3dev allows local users to delete arbitrary files via a symlink attack...

6.3CVSS6.2AI score0.00385EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2012/11/23 12:0 a.m.•62 views

CVE-2012-5371 ruby: Murmur hash-flooding DoS flaw in ruby 1.9 (oCERT-2012-001)

Ruby aka CRuby 1.9 before 1.9.3-p327 and 2.0 before r37575 computes hash values without properly restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service CPU consumption via crafted input to an application that maintains...

5CVSS6.2AI score0.03357EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2026/03/10 12:0 a.m.•61 views

Camaleon CMS vulnerable to Path Traversal through AWS S3 uploader implementation

Camaleon CMS versions 2.4.5.0 through 2.9.1, prior to commit f54a77e, contain a path traversal vulnerability in the AWS S3 uploader implementation that allows authenticated users to read arbitrary files from the web server’s filesystem. The issue occurs in the downloadprivatefile functionality wh...

6.5CVSS5.7AI score0.00732EPSS
Exploits0References1
RubySec
RubySec
•added 2022/06/09 12:0 a.m.•60 views

Authorization header leak on port redirect in mechanize

Summary Mechanize rubygem Cookies do not provide isolation by port. If a cookie is readable by a service running on one port, the cookie is also readable by a service running on another port of the same server. If a cookie is writable by a service on one port, the cookie is also writable by a...

7.5CVSS0.7AI score0.03425EPSS
Exploits1References1Affected Software1
RubySec
RubySec
•added 2017/10/24 12:0 a.m.•60 views

CSRF Protection Bypass in Ruby on Rails

Ruby on Rails 2.1.x, 2.2.x, and 2.3.x before 2.3.11, and 3.x before 3.0.4, does not properly validate HTTP requests that contain an X-Requested-With header, which makes it easier for remote attackers to conduct cross-site request forgery CSRF attacks via forged 1 AJAX or 2 API requests that...

6.8CVSS6.3AI score0.01589EPSS
Exploits1References1Affected Software1
RubySec
RubySec
•added 2022/05/03 12:0 a.m.•59 views

CSV-Safe improperly filters special characters potentially leading to CSV injection

CSV-Safe gem 3.0.0 doesn't filter out special characters which could trigger CSV Injection...

9.8CVSS4.5AI score0.01679EPSS
Exploits1References1Affected Software1
RubySec
RubySec
•added 2021/05/11 12:0 a.m.•59 views

Keepalive Connections Causing Denial Of Service in puma

Impact The fix for CVE-2019-16770 was incomplete. The original fix only protected existing connections that had already been accepted from having their requests starved by greedy persistent-connections saturating all threads in the same process. However, new connections may still be starved by...

7.5CVSS7.3AI score0.0196EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2019/04/10 12:0 a.m.•59 views

Blacklist keys are no longer being filtered in airbrake-ruby

A flaw in airbrake-ruby v4.2.3 prevented user data from being filtered prior to sending to Airbrake. Such data could be user passwords. Therefore, an app could leak user passwords without knowing it...

9.8CVSS2.5AI score0.01442EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2017/10/24 12:0 a.m.•59 views

SQL Injection Vulnerability in Ruby on Rails

The Active Record component in Ruby on Rails before 3.0.14, 3.1.x before 3.1.6, and 3.2.x before 3.2.6 does not properly implement the passing of request data to a where method in an ActiveRecord class, which allows remote attackers to conduct certain SQL injection attacks via nested query...

7.5CVSS6.2AI score0.04174EPSS
Exploits4References1Affected Software1
RubySec
RubySec
•added 2016/08/11 12:0 a.m.•59 views

Unsafe Query Generation Risk in Active Record

There is a vulnerability when Active Record is used in conjunction with JSON parameter parsing. This vulnerability is similar to CVE-2012-2660, CVE-2012-2694 and CVE-2013-0155. Impact ------ Due to the way Active Record interprets parameters in combination with the way that JSON parameters are...

7.5CVSS2.1AI score0.08245EPSS
Exploits4References1Affected Software1
RubySec
RubySec
•added 2019/10/01 12:0 a.m.•58 views

HTTP response splitting in WEBrick (Additional fix)

If a program using WEBrick inserts untrusted input into the response header, an attacker can exploit it to insert a newline character to split a header, and inject malicious content to deceive clients. This is the same issue as CVE-2017-17742. The previous fix was incomplete, which addressed the...

5.3CVSS0.2AI score0.04569EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2024/07/25 12:0 a.m.•57 views

Cross-Site Request Forgery in Spina

A vulnerability classified as problematic was found in Spina CMS 2.18.0. Affected by this vulnerability is an unknown functionality of the file /admin/mediafolders. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the...

8.8CVSS6.9AI score0.00431EPSS
Exploits1References1
RubySec
RubySec
•added 2012/05/31 12:0 a.m.•57 views

CVE-2012-2661 rubygem-activerecord: SQL injection when processing nested query paramaters

The Active Record component in Ruby on Rails 3.0.x before 3.0.13, 3.1.x before 3.1.5, and 3.2.x before 3.2.4 does not properly implement the passing of request data to a where method in an ActiveRecord class, which allows remote attackers to conduct certain SQL injection attacks via nested query...

5CVSS5.3AI score0.04174EPSS
Exploits2References1Affected Software1
RubySec
RubySec
•added 2020/02/10 12:0 a.m.•56 views

matestack-ui-core is vulnerable to XSS/Script injection

matestack-ui-core does not excape strings by default and does not cover this in the docs. matestack-ui-core should escape strings by default in order to prevent XSS/Script injection vulnerability. v0.7.4 fixes that by escaping strings by default...

7.7CVSS2.6AI score0.00627EPSS
Exploits1References1Affected Software1
RubySec
RubySec
•added 2019/02/15 12:0 a.m.•56 views

twitter-bootstrap-rails vulnerable to Cross-Site Scripting (XSS)

The seyhunak/twitter-bootstrap-rails gem includes a vendored version of the Bootstrap JavaScript library. In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute. The most recent version of this gem, 5.0.0, includes Bootstrap v 3.3.6. Al...

6.1CVSS6.2AI score0.1686EPSS
Exploits1References1Affected Software1
RubySec
RubySec
•added 2017/12/14 12:0 a.m.•56 views

Command injection vulnerability in Net::FTP

There is a command injection vulnerability in Net::FTP bundled with Ruby. Net::FTPget, getbinaryfile, gettextfile, put, putbinaryfile, and puttextfile use Kernelopen to open a local file. If the localfile argument starts with the pipe character "|", the command following the pipe character is...

9.3CVSS7.1AI score0.73927EPSS
Exploits5References1Affected Software1
RubySec
RubySec
•added 2016/01/25 12:0 a.m.•56 views

Timing attack vulnerability in basic authentication in Action Controller.

There is a timing attack vulnerability in the basic authentication support in Action Controller. This vulnerability has been assigned the CVE identifier CVE-2015-7576. Versions Affected: All. Not affected: None. Fixed Versions: 5.0.0.beta1.1, 4.2.5.1, 4.1.14.1, 3.2.22.1 Impact ------ Due to the w...

4.3CVSS2.2AI score0.04879EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2013/02/28 12:0 a.m.•56 views

fileutils Gem for Ruby file_utils.rb Crafted URL Handling Remote Command Execution

fileutils Gem for Ruby contains a flaw in fileutils.rb. The issue is triggered when handling a specially crafted URL containing a command after a delimiter ;. This may allow a remote attacker to potentially execute arbitrary commands...

9.3CVSS7.4AI score0.03327EPSS
Exploits1References1Affected Software1
RubySec
RubySec
•added 2011/07/02 12:0 a.m.•56 views

Ruby Properly initialize the random number generator when forking new process

Ruby before 1.8.6-p114 does not reset the random seed upon forking, which makes it easier for context-dependent attackers to predict the values of random numbers by leveraging knowledge of the number sequence obtained in a different child process, a related issue to CVE-2003-0900...

5CVSS4.3AI score0.02088EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2024/01/11 9:0 p.m.•55 views

Devise-Two-Factor vulnerable to brute force attacks

Devise-Two-Factor does not throttle or otherwise restrict login attempts at the server by default. When combined with the Time-based One Time Password algorithm's TOTP inherent entropy limitations, it's possible for an attacker to bypass the 2FA mechanism through brute-force attacks. Impact If a...

7.7AI score
Exploits0References1Affected Software1
RubySec
RubySec
•added 2022/05/24 12:0 a.m.•55 views

Smashing Cross-site Scripting vulnerability

Smashing 1.3.4 is vulnerable to Cross Site Scripting XSS. A URL for a widget can be crafted and used to execute JavaScript on the victim's computer. The JavaScript code can then steal data available in the session/cookies depending on the user environment e.g. if re-using internal URL's for...

6.1CVSS1.9AI score0.00995EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2013/01/10 12:0 a.m.•55 views

Ruby Gem nori Parameter Parsing Remote Code Execution

The Ruby Gem nori has a parameter parsing error that may allow an attacker to execute arbitrary code. This vulnerability has to do with type casting during parsing, and is related to CVE-2013-0156...

7.5CVSS6.8AI score0.02312EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2026/05/18 12:0 a.m.•55 views

Faraday has a possible incomplete fix for GHSA-33mh-2634-fwr2 - protocol-relative URI objects still bypass host scoping

Summary Faraday::Connectionbuildexclusiveurl still allows protocol-relative host override when the request target is provided as a URI object instead of a String. This bypasses the February 2026 fix for GHSA-33mh-2634-fwr2 and can redirect a request built from a fixed-base Faraday::Connection to ...

6.5CVSS5.9AI score0.00272EPSS
Exploits1References1Affected Software1
RubySec
RubySec
•added 2024/07/11 12:0 a.m.•54 views

Bootstrap Cross-Site Scripting (XSS) vulnerability

A vulnerability has been identified in Bootstrap that exposes users to Cross-Site Scripting XSS attacks. The issue is present in the carousel component, where the data-slide and data-slide-to attributes can be exploited through the href attribute of an tag due to inadequate sanitization. This...

6.2AI score
Exploits0References1Affected Software1
RubySec
RubySec
•added 2020/03/19 12:0 a.m.•54 views

json Gem for Ruby Unsafe Object Creation Vulnerability (additional fix)

There is an unsafe object creation vulnerability in the json gem bundled with Ruby. This vulnerability has been assigned the CVE identifier CVE-2020-10663. We strongly recommend upgrading the json gem. Details ------- When parsing certain JSON documents, the json gem including the one bundled wit...

7.5CVSS1.5AI score0.06811EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2019/10/01 12:0 a.m.•54 views

A NUL injection vulnerability of File.fnmatch and File.fnmatch?

Built-in methods File.fnmatch and its alias File.fnmatch? accept the path pattern as their first parameter. When the pattern contains NUL character \0, the methods recognize that the path pattern ends immediately before the NUL byte. Therefore, a script that uses an external input as the pattern...

6.5CVSS3.3AI score0.03317EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2018/03/28 12:0 a.m.•54 views

Unintentional file and directory creation with directory traversal in tempfile and tmpdir

There is an unintentional directory creation vulnerability in tmpdir library bundled with Ruby. And there is also an unintentional file creation vulnerability in tempfile library bundled with Ruby, because it uses tmpdir internally Dir.mktmpdir method introduced by tmpdir library accepts the pref...

7.5CVSS2.5AI score0.10552EPSS
Exploits0References1Affected Software1
Total number of security vulnerabilities1243