Lucene search
+L
RubygemsMost viewed

1255 matches found

RubySec
RubySec
•added 2024/10/15 12:0 a.m.•23 views

Possible ReDoS vulnerability in query parameter filtering in Action Dispatch

There is a possible ReDoS vulnerability in the query parameter filtering routines of Action Dispatch. This vulnerability has been assigned the CVE identifier CVE-2024-41128. Impact Carefully crafted query parameters can cause query parameter filtering to take an unexpected amount of time, possibl...

8.7CVSS6.9AI score0.01103EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2023/11/29 12:0 a.m.•23 views

CarrierWave Content-Type allowlist bypass vulnerability, possibly leading to XSS

Impact CarrierWave::Uploader::ContentTypeAllowlist has a Content-Type allowlist bypass vulnerability, possibly leading to XSS. The validation in allowlistedcontenttype? determines Content-Type permissions by performing a partial match. If the contenttype argument of allowlistedcontenttype? is...

6.8CVSS6.1AI score0.00613EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2023/01/17 12:0 a.m.•23 views

Sisimai Inefficient Regular Expression Complexity vulnerability

A vulnerability has been found in Sisimai up to 4.25.14p11 and classified as problematic. This vulnerability affects the function toplain of the file lib/sisimai/string.rb. The manipulation leads to inefficient regular expression complexity. The exploit has been disclosed to the public and may be...

7.5CVSS2.7AI score0.01336EPSS
Exploits1References1Affected Software1
RubySec
RubySec
•added 2022/07/15 12:0 a.m.•23 views

jQuery UI vulnerable to XSS when refreshing a checkboxradio with an HTML-like initial text label

Impact Initializing a checkboxradio widget on an input enclosed within a label makes that parent label contents considered as the input label. If you call .checkboxradio "refresh" on such a widget and the initial HTML contained encoded HTML entities, they will erroneously get decoded. This can le...

6.1CVSS6.8AI score0.02475EPSS
Exploits1References1Affected Software1
RubySec
RubySec
•added 2022/05/24 12:0 a.m.•23 views

Cross site scripting in publify

In Publify, versions v8.0 to v9.2.4 are vulnerable to stored XSS. A user with a 'publisher' role is able to inject and execute arbitrary JavaScript code while creating a page/article...

5.4CVSS3.3AI score0.00578EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2022/05/24 12:0 a.m.•23 views

Missing Initialization of Resource in Apache Arrow

It was discovered that the C++ implementation which underlies the R, Python and Ruby implementations of Apache Arrow 0.14.0 to 0.14.1 had a uninitialized memory bug when building arrays with null values in some cases. This can lead to uninitialized memory being unintentionally shared if Arrow...

7.5CVSS3AI score0.03225EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2022/05/24 12:0 a.m.•23 views

Gitaly Insufficient Session Expiration vulnerability

When importing repos via URL, one time use git credentials were persisted beyond the expected time window in Gitaly 1.79.0 or above. Affected versions are: =1.79.0, =13.4, =13.5, 13.5.2...

3.2CVSS4AI score0.00271EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2022/05/24 12:0 a.m.•23 views

apollo_upload_server has Denial of Service vulnerability

A Denial Of Service vulnerability in the apollouploadserver Ruby gem in GitLab CE/EE version 11.11 and above allows an attacker to deny access to all users via specially crafted requests to the apollouploadserver middleware...

6.5CVSS6.4AI score0.01328EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2022/05/14 12:0 a.m.•23 views

Puppet Arbitrary Command Execution

Puppet 2.6.x before 2.6.15 and 2.7.x before 2.7.13, and Puppet Enterprise PE Users 1.0, 1.1, 1.2.x, 2.0.x, and 2.5.x before 2.5.1 allows remote authenticated users with agent SSL keys and file-creation permissions on the puppet master to execute arbitrary commands by creating a file whose full...

6CVSS7.6AI score0.02632EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2022/05/02 12:0 a.m.•23 views

Puppet arbitrary files overwrite via a symlink attack

Puppet 0.24.x before 0.24.9 and 0.25.x before 0.25.2 allows local users to overwrite arbitrary files via a symlink attack on the 1 /tmp/daemonout, 2 /tmp/puppetdoc.txt, 3 /tmp/puppetdoc.tex, or 4 /tmp/puppetdoc.aux temporary file...

3.3CVSS7.1AI score0.00325EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2022/04/23 12:0 a.m.•23 views

Out-of-bounds Read in mrb_obj_is_kind_of in in mruby/mruby

Out-of-bounds Read in mrbobjiskindof in in GitHub repository mruby/mruby prior to 3.2. Impact: Possible arbitrary code execution if being exploited...

7.8CVSS7.1AI score0.00446EPSS
Exploits1References1Affected Software1
RubySec
RubySec
•added 2021/06/10 12:0 a.m.•23 views

Exposure of Sensitive Information to an Unauthorized Actor in foreman_fog_proxmox

A flaw was found in the Foreman project. The Proxmox compute resource exposes the password through the API to an authenticated local attacker with viewhosts permission. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Versions...

7.8CVSS4.3AI score0.00273EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2021/06/02 12:0 a.m.•23 views

Remote code execution in Dragonfly

An argument injection vulnerability in the Dragonfly gem before 1.4.0 for Ruby allows remote attackers to read and write to arbitrary files via a crafted URL when the verifyurl option is disabled. This may lead to code execution. The problem occurs because the generate and process features...

9.8CVSS6.3AI score0.72249EPSS
Exploits4References1Affected Software1
RubySec
RubySec
•added 2021/04/26 12:0 a.m.•23 views

Connection security vulnerability with schema sync

pgsync drops connection parameters when syncing the schema with the --schema-first and --schema-only options. Some of these parameters may affect security. For instance, if sslmode is dropped, the connection may not use SSL. The first connection parameter is not affected. pgsync drops connection...

7.5CVSS2.6AI score0.00731EPSS
Exploits1References1Affected Software1
RubySec
RubySec
•added 2020/10/07 12:0 a.m.•23 views

Possible XSS Vulnerability in Action Pack in Development Mode

There is a possible XSS vulnerability in Action Pack while the application server is in development mode. This vulnerability is in the Actionable Exceptions middleware. This vulnerability has been assigned the CVE identifier CVE-2020-8264. Versions Affected: = 6.0.0 Not affected: 6.0.0 Fixed...

6.1CVSS4.8AI score0.70717EPSS
Exploits1References1Affected Software1
RubySec
RubySec
•added 2020/09/18 12:0 a.m.•23 views

Gon gem lack of escaping certain input when outputting as JSON

An issue was discovered in the gon gem before gon-6.4.0 for Ruby. MultiJson does not honor the escapemode parameter to escape fields as an XSS protection mechanism. To mitigate, jsondumper.rb in gon now does escaping for XSS by default without relying on MultiJson...

6.1CVSS0.8AI score0.01376EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2020/05/12 12:0 a.m.•23 views

Directory traversal in Rack::Directory app bundled with Rack

There was a possible directory traversal vulnerability in the Rack::Directory app that is bundled with Rack. Versions Affected: rack = 2.2.0 Impact ------ If certain directories exist in a director that is managed by Rack::Directory, an attacker could, using this vulnerability, read the contents ...

8.6CVSS4.8AI score0.03593EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2019/10/24 12:0 a.m.•23 views

ruby_parser-legacy world writable files allow local privilege escalation

The rubyparser-legacy aka legacy gem 1.0.0 for Ruby allows local privilege escalation because of world-writable files. For example, if the brakeman gem which has a legacy dependency 4.5.0 through 4.7.0 is used, a local user can insert malicious code into the...

7.8CVSS3.2AI score0.00332EPSS
Exploits1References1
RubySec
RubySec
•added 2019/09/12 12:0 a.m.•23 views

Denial of Service in rubyzip ("zip bombs")

In Rubyzip before 1.3.0, a crafted ZIP file can bypass application checks on ZIP entry sizes because data about the uncompressed size can be spoofed. This allows attackers to cause a denial of service disk consumption...

7.1CVSS4.6AI score0.01581EPSS
Exploits1References1Affected Software1
RubySec
RubySec
•added 2019/08/20 12:0 a.m.•23 views

Code execution backdoor in coming-soon

The coming-soon gem 0.2.8 for Ruby, as distributed on RubyGems.org, included a code-execution backdoor inserted by a third party. No unaffected version is known to exist, as the gem appears to have been entirely removed...

9.8CVSS5.4AI score0.0355EPSS
Exploits0References1
RubySec
RubySec
•added 2019/03/05 12:0 a.m.•23 views

Installing a malicious gem may lead to arbitrary code execution

An issue was discovered in RubyGems 2.6 and later through 3.0.2. A crafted gem with a multi-line name is not handled correctly. Therefore, an attacker could inject arbitrary code to the stub line of gemspec, which is eval-ed by code in ensureloadablespec during the preinstall check...

8.8CVSS2.3AI score0.03219EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2019/01/17 12:0 a.m.•23 views

bootstrap Cross-site Scripting vulnerability

In Bootstrap before 3.4.0, XSS is possible in the affix configuration target property...

6.1CVSS6.1AI score0.03984EPSS
Exploits1References1Affected Software1
RubySec
RubySec
•added 2018/06/22 12:0 a.m.•23 views

ruby-ffi DDL loading issue on Windows OS

ruby-ffi version 1.9.23 and earlier has a DLL loading issue which can be hijacked on Windows OS, when a Symbol is used as DLL name instead of a String This vulnerability appears to have been fixed in v1.9.24 and later...

7.8CVSS4AI score0.01351EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2018/06/12 12:0 a.m.•23 views

CHMOD race vulnerability

The file system access race condition allows for local privilege escalation and affects the Nginx module for Passenger versions 5.3.1, all the way back to 3.0.0 the chown command entered the code in 2010. The vulnerability was exploitable only when running a non-standard...

7CVSS7.1AI score0.00276EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2017/10/09 12:0 a.m.•23 views

Unsafe Object Deserialization Vulnerability in RubyGems

There is a possible unsafe object deserialization vulnerability in RubyGems. It is possible for YAML deserialization of gem specifications to bypass class white lists. Specially crafted serialized objects can possibly be used to escalate to remote code execution...

9.8CVSS3.8AI score0.15853EPSS
Exploits1References1Affected Software1
RubySec
RubySec
•added 2017/08/29 12:0 a.m.•23 views

RubyGems ANSI escape sequence vulnerability

RubyGems version 2.6.12 and earlier is vulnerable to maliciously crafted gem specifications that include terminal escape characters. Printing the gem specification would execute terminal escape sequences...

9.8CVSS3.5AI score0.1081EPSS
Exploits1References1Affected Software1
RubySec
RubySec
•added 2016/04/20 12:0 a.m.•23 views

Safemode Gem for Ruby is vulnerable to information disclosure

Safemode is initialised with an optional 'delegate' object. If the delegated object is a Rails controller, 'inspect' could be called which then exposes all informations about the App, including routes, secret tokens, caches and so on...

8.1CVSS6.9AI score0.02131EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2014/08/18 12:0 a.m.•23 views

Data Injection Vulnerability in Active Record

The createwith functionality in Active Record was implemented incorrectly and completely bypasses the strong parameters protection. Applications which pass user-controlled values to createwith could allow attackers to set arbitrary attributes on models...

7.5CVSS6.9AI score0.02797EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2014/06/30 12:0 a.m.•24 views

point-cli Gem for Ruby /lib/commands/setup.rb Process Table Local Plaintext Credential Disclosure

point-cli Gem for Ruby contains a flaw in /lib/commands/setup.rb that is due to the application exposing credential information in plaintext in the process table. This may allow a local attacker to gain access to credential information...

7.8CVSS6.6AI score0.00546EPSS
Exploits1References1
RubySec
RubySec
•added 2014/01/14 12:0 a.m.•23 views

Ember.js Potential XSS Exploit With User-Supplied Data When Using {{group}} Helper

In general, Ember.js escapes or strips any user-supplied content before inserting it in strings that will be sent to innerHTML. However, we have identified a vulnerability that could lead to unescaped content being inserted into the innerHTML string without being sanitized. When using the group...

5.4CVSS0.2AI score0.01219EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2014/01/08 12:0 a.m.•23 views

Paratrooper-newrelic Gem for Ruby Process Listing API Key Local Disclosure

Paratrooper-newrelic Gem for Ruby contains a flaw in /lib/paratrooper-newrelic.rb. The issue is triggered when the script exposes the API key, allowing a local attacker to gain access to it by monitoring the process tree...

2.1CVSS2.5AI score0.00507EPSS
Exploits2References1
RubySec
RubySec
•added 2013/12/03 12:0 a.m.•23 views

XSS Vulnerability in simple_format helper

There is a vulnerability in the simpleformat helper in Ruby on Rails. The simpleformat helper converts user supplied text into html text which is intended to be safe for display. A change made to the implementation of this helper means that any user provided HTML attributes will not be escaped...

4.3CVSS1AI score0.01963EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2013/09/19 12:0 a.m.•23 views

CVE-2013-6459 rubygem-will_paginate: XSS vulnerabilities

Cross-site scripting XSS vulnerability in the willpaginate gem before 3.0.5 for Ruby allows remote attackers to inject arbitrary web script or HTML via vectors involving generated pagination links. It was found that ruby willpaginate is vulnerable to a XSS via malformed input that cause paginatio...

4.3CVSS7.4AI score0.02209EPSS
Exploits1References1Affected Software1
RubySec
RubySec
•added 2013/05/14 12:0 a.m.•23 views

Creme Fraiche Gem for Ruby File Name Shell Metacharacter Injection Arbitrary Command Execution

Creme Fraiche Gem for Ruby contains a flaw that is due to the program failing to properly sanitize input in file names. With a specially crafted file name that contains shell metacharacters, a context-dependent attacker can execute arbitrary commands...

9.3CVSS5.2AI score0.04247EPSS
Exploits2References1Affected Software1
RubySec
RubySec
•added 2012/03/14 12:0 a.m.•23 views

CVE-2012-2140 rubygem-mail: arbitrary command execution when using exim or sendmail from commandline

The Mail gem before 2.4.3 for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a 1 sendmail or 2 exim delivery...

7.5CVSS8.1AI score0.04466EPSS
Exploits1References1Affected Software1
RubySec
RubySec
•added 2009/12/07 12:0 a.m.•23 views

jruby-openssl Gem for JRuby fails to do proper certificate validation

A security problem involving peer certificate verification was found where failed verification silently did nothing, making affected applications vulnerable to attackers. Attackers could lead a client application to believe that a secure connection to a rogue SSL server is legitimate. Attackers...

7.5CVSS3.9AI score0.006EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2009/07/10 12:0 a.m.•23 views

High Security Vulnerability with authenticate_with_http_digest of Rails

The example code for the digest authentication functionality httpauthentication.rb in Ruby on Rails before 2.3.3 defines an authenticateorrequestwithhttpdigest block that returns nil instead of false when the user does not exist, which allows context-dependent attackers to bypass authentication f...

9.8CVSS7.5AI score0.03377EPSS
Exploits1References1Affected Software1
RubySec
RubySec
•added 2008/08/25 12:0 a.m.•23 views

CVE-2008-3790 ruby: DoS vulnerability in the REXML module

The REXML module in Ruby 1.8.6 through 1.8.6-p287, 1.8.7 through 1.8.7-p72, and 1.9 allows context-dependent attackers to cause a denial of service CPU consumption via an XML document with recursively nested entities, aka an "XML entity explosion...

5CVSS6.3AI score0.15197EPSS
Exploits1References1Affected Software1
RubySec
RubySec
•added 2008/06/20 12:0 a.m.•23 views

CVE-2008-2725 ruby: integer overflow in rb_ary_splice/update/replace() - REALLOC_N

Integer overflow in the 1 rbarysplice function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, and 1.8.7 before 1.8.7-p22; and 2 the rbaryreplace function in 1.6.x allows context-dependent attackers to trigger memory corruption via unspecified vectors, aka the...

7.8CVSS6.8AI score0.037EPSS
Exploits1References1Affected Software1
RubySec
RubySec
•added 2024/09/20 12:0 a.m.•22 views

Puma's header normalization allows for client to clobber proxy set headers

Impact Clients could clobber values set by intermediate proxies such as X-Forwarded-For by providing a underscore version of the same header X-ForwardedFor. Any users trusting headers set by their proxy may be affected. Attackers may be able to downgrade connections to HTTP non-SSL or redirect...

5.4CVSS6.7AI score0.00646EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2023/12/06 12:0 a.m.•22 views

pubnub Insufficient Entropy vulnerability

Versions of the package pubnub before 7.4.0; all versions of the package com.pubnub:pubnub; versions of the package pubnub before 6.19.0; all versions of the package github.com/pubnub/go; versions of the package github.com/pubnub/go/v7 before 7.2.0; versions of the package pubnub before 7.3.0;...

5.9CVSS7AI score0.00955EPSS
Exploits1References1Affected Software1
RubySec
RubySec
•added 2022/11/19 12:0 a.m.•22 views

Unsanitized input leading to code injection in Dalli

A vulnerability was found in Dalli. Affected is the function self.metaset of the file lib/dalli/protocol/meta/requestformatter.rb of the component Meta Protocol Handler. The manipulation leads to injection. The exploit has been disclosed to the public and may be used. The name of the patch is...

6.3CVSS1AI score0.01284EPSS
Exploits1References1Affected Software1
RubySec
RubySec
•added 2022/08/19 12:0 a.m.•22 views

OmniAuth's `lib/omniauth/failure_endpoint.rb` does not escape `message_key` value

lib/omniauth/failureendpoint.rb in OmniAuth before 1.9.2 and before 2.0 does not escape the messagekey value...

9.8CVSS2.3AI score0.01035EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2022/05/13 12:0 a.m.•22 views

RubyGems Link Following vulnerability

RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 series: 2.4.3 and earlier, Ruby 2.5 series: 2.5.0 and earlier, prior to trunk revision 62422 contains a Directory Traversal vulnerability in installlocation function of package.rb that can result in...

7.5CVSS3.7AI score0.05076EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2022/04/05 12:0 a.m.•22 views

Use-After-Free in str_escape in mruby/mruby in mruby/mruby

Use-After-Free in strescape in mruby/mruby in GitHub repository mruby/mruby prior to 3.2. Possible arbitrary code execution if being exploited...

9.8CVSS7.8AI score0.0168EPSS
Exploits1References1Affected Software1
RubySec
RubySec
•added 2021/10/26 12:0 a.m.•22 views

XSS in `*Text` options of the Datepicker widget in jquery-ui

Impact Accepting the value of various Text options of the Datepicker widget from untrusted sources may execute untrusted code. For example, initializing the datepicker in the following way: js $"datepicker".datepicker showButtonPanel: true, showOn: "both", closeText: "doEvilThing'closeText XSS'",...

6.5CVSS6.8AI score0.07948EPSS
Exploits1References1Affected Software1
RubySec
RubySec
•added 2021/05/24 12:0 a.m.•22 views

Improper certificate validation in em-imap

em-imap 0.5 and earlier use the library eventmachine in an insecure way that allows an attacker to perform a man-in-the-middle attack against users of the library. The hostname in a TLS server certificate is not verified...

7.4CVSS5.1AI score0.00751EPSS
Exploits1References1
RubySec
RubySec
•added 2021/04/13 12:0 a.m.•22 views

Improper Certificate Validation in Puppet

Previously, Puppet operated on a model that a node with a valid certificate was entitled to all information in the system and that a compromised certificate allowed access to everything in the infrastructure. When a node's catalog falls back to the default node, the catalog can be retrieved for a...

6.5CVSS1.3AI score0.00823EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2020/07/31 12:0 a.m.•22 views

Missing TLS certificate verification in faye-websocket

The Faye::WebSocket::Client class uses the EM::Connectionstarttls1 method in EventMachine2 to implement the TLS handshake whenever a wss: URL is used for the connection. This method does not implement certificate verification by default, meaning that it does not check that the server presents a...

8.7CVSS6.6AI score0.00914EPSS
Exploits1References1Affected Software1
RubySec
RubySec
•added 2020/03/10 12:0 a.m.•22 views

Denial of Service in uap-core when processing crafted User-Agent strings

Impact Some regexes are vulnerable to regular expression denial of service REDoS due to overlapping capture groups. This allows remote attackers to overload a server by setting the User-Agent header in an HTTPS request to maliciously crafted long strings. Patches Please update uap-ruby to = v2.6....

7.5CVSS7.2AI score0.02261EPSS
Exploits1References1Affected Software1
Total number of security vulnerabilities1255