Lucene search
+L
RubygemsMost viewed

1254 matches found

RubySec
RubySec
•added 2016/06/16 12:0 a.m.•48 views

Logstash Logs Sensitive Information

Prior to Logstash version 5.0.1, Elasticsearch Output plugin when updating connections after sniffing, would log to file HTTP basic auth credentials...

6.5CVSS6.9AI score0.01081EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2013/02/12 12:0 a.m.•47 views

CVE-2013-0269 rubygem-json: Denial of Service and SQL Injection

The JSON gem before 1.5.5, 1.6.x before 1.6.8, and 1.7.x before 1.7.7 for Ruby allows remote attackers to cause a denial of service resource consumption or bypass the mass assignment protection mechanism via a crafted JSON document that triggers the creation of arbitrary Ruby symbols or certain...

7.5CVSS7.5AI score0.13911EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2023/01/18 12:0 a.m.•46 views

Denial of Service Vulnerability in ActiveRecord’s PostgreSQL adapter

There is a potential denial of service vulnerability present in ActiveRecord’s PostgreSQL adapter. This has been assigned the CVE identifier CVE-2022-44566. Versions Affected: All. Not affected: None. Fixed Versions: 6.1.7.1, 7.0.4.1 Impact In ActiveRecord 7.0.4.1 and 6.1.7.1, when a value outsid...

7.5CVSS7.4AI score0.01265EPSS
Exploits1References1Affected Software1
RubySec
RubySec
•added 2023/01/18 12:0 a.m.•46 views

Open Redirect Vulnerability in Action Pack

There is a vulnerability in Action Controller’s redirectto. This vulnerability has been assigned the CVE identifier CVE-2023-22797. Versions Affected: = 7.0.0 Not affected: 7.0.0 Fixed Versions: 7.0.4.1 Impact There is a possible open redirect when using the redirectto helper with untrusted user...

6.1CVSS6.6AI score0.00595EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2020/04/29 12:0 a.m.•46 views

Potential XSS vulnerability in jQuery

Impact Passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods i.e. .html, .append, and others may execute untrusted code. Patches This problem is patched in jQuery 3.5.0. Workarounds To workaround the issue without upgrading, adding the...

6.9CVSS6.8AI score0.99019EPSS
Exploits7References1Affected Software1
RubySec
RubySec
•added 2017/05/09 12:0 a.m.•46 views

Nokogiri gem contains two upstream vulnerabilities in libxslt 1.1.29

nokogiri version 1.7.2 has been released. This is a security update based on 1.7.1, addressing two upstream libxslt 1.1.29 vulnerabilities classified as "Medium" by Canonical and given a CVSS3 score of "6.5 Medium" and "8.8 High" by RedHat. These patches only apply when using Nokogiri's vendored...

9.3CVSS8.6AI score0.04147EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2013/01/08 12:0 a.m.•46 views

CVE-2013-0156 rubygem-activesupport: Multiple vulnerabilities in parameter parsing in ActionPack

activesupport/coreext/hash/conversions.rb in Ruby on Rails before 2.3.15, 3.0.x before 3.0.19, 3.1.x before 3.1.10, and 3.2.x before 3.2.11 does not properly restrict casts of string values, which allows remote attackers to conduct object-injection attacks and execute arbitrary code, or cause a...

7.5CVSS6.3AI score0.99449EPSS
Exploits21References1Affected Software1
RubySec
RubySec
•added 2011/08/31 12:0 a.m.•46 views

CVE-2011-3389 HTTPS: block-wise chosen-plaintext attack against SSL/TLS (BEAST)

The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HT...

7AI score0.73327EPSS
Exploits4References1Affected Software1
RubySec
RubySec
•added 2026/04/02 12:0 a.m.•45 views

Rack's multipart parsing without Content-Length header allows unbounded chunked file uploads

Summary Rack::Multipart::Parser only wraps the request body in a BoundedIO when CONTENTLENGTH is present. When a multipart/form-data request is sent without a Content-Length header, such as with HTTP chunked transfer encoding, multipart parsing continues until end-of-stream with no total size...

7.5CVSS5.9AI score0.00369EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2024/06/04 12:0 a.m.•45 views

Missing security headers in Action Pack on non-HTML responses

Permissions-Policy is Only Served on HTML Content-Type The application configurable Permissions-Policy is only served on responses with an HTML related Content-Type. This has been assigned the CVE identifier CVE-2024-28103. Versions Affected: = 6.1.0 Not affected: 6.1.0 Fixed Versions: 6.1.7.8,...

9.8CVSS5.3AI score0.00658EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2023/08/18 12:0 a.m.•45 views

Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') in puma

Impact Prior to version 6.3.1, puma exhibited incorrect behavior when parsing chunked transfer encoding bodies and zero-length Content-Length headers in a way that allowed HTTP request smuggling. The following vulnerabilities are addressed by this advisory: - Incorrect parsing of trailing fields ...

9.8CVSS6.9AI score0.00738EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2020/03/03 12:0 a.m.•45 views

HTTP Response Splitting (Early Hints) in Puma

Impact If an application using Puma allows untrusted input in an early-hints header, an attacker can use a carriage return character to end the header and inject malicious content, such as additional headers or an entirely new response body. This vulnerability is known as HTTP Response Splitting...

7.5CVSS6.4AI score0.02549EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2017/11/16 12:0 a.m.•45 views

gollum and gollum-lib allow remote authenticated users to execute arbitrary code

The gollum-gritadapter Ruby gem dependency in gollum before 3.1.1 and the gollum-lib gem dependency in gollum-lib before 4.0.1 when the string master is in any of the wiki documents, allows remote authenticated users to execute arbitrary code via the -O or --open-files-in-pager flags...

8.8CVSS7AI score0.02292EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2016/08/22 12:0 a.m.•45 views

Archive-Tar-Minitar Directory Traversal Vulnerability

Minitar allows attackers to overwrite arbitrary files during archive extraction via a .. dot dot in an extracted filename. Analogous vulnerabilities for unzip and tar: https://www.cvedetails.com/cve/CVE-2001-1268/ and http://www.cvedetails.com/cve/CVE-2001-1267/ Credit: ecneladis...

7.5CVSS4.5AI score0.04742EPSS
Exploits1References1Affected Software1
RubySec
RubySec
•added 2013/06/27 12:0 a.m.•45 views

CVE-2013-4073 ruby: hostname check bypassing vulnerability in SSL client

The OpenSSL::SSL.verifycertificateidentity function in lib/openssl/ssl.rb in Ruby 1.8 before 1.8.7-p374, 1.9 before 1.9.3-p448, and 2.0 before 2.0.0-p247 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows...

6.8CVSS8.5AI score0.02767EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2012/10/12 12:0 a.m.•45 views

CVE-2012-4522 ruby: unintentional file creation caused by inserting an illegal NUL character

The rbgetpathcheck function in file.c in Ruby 1.9.3 before patchlevel 286 and Ruby 2.0.0 before r37163 allows context-dependent attackers to create files in unexpected locations or with unexpected names via a NUL byte in a file path...

5CVSS5.6AI score0.02204EPSS
Exploits1References1Affected Software1
RubySec
RubySec
•added 2012/03/01 12:0 a.m.•45 views

CVE-2012-1098 rubygem-activesupport: XSS in SafeBuffer#[] (unescaped safe buffers can be marked as safe)

Cross-site scripting XSS vulnerability in Ruby on Rails 3.0.x before 3.0.12, 3.1.x before 3.1.4, and 3.2.x before 3.2.2 allows remote attackers to inject arbitrary web script or HTML via vectors involving a SafeBuffer object that is manipulated through certain methods...

4.3CVSS4AI score0.02113EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2024/04/23 12:0 a.m.•44 views

Arbitrary memory address read vulnerability with Regex search

If attacker-supplied data is provided to the Ruby regex compiler, it is possible to extract arbitrary heap data relative to the start of the text, including pointers and sensitive strings. We recommend to update the Ruby to version 3.3.1 or later. In order to ensure compatibility with older Ruby...

6.6CVSS7.3AI score0.00629EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2022/05/03 12:0 a.m.•44 views

sinatra does not validate expanded path matches

Sinatra before 2.2.0 does not validate that the expanded path matches publicdir when serving static files...

7.5CVSS2.3AI score0.02059EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2022/04/11 12:0 a.m.•44 views

XML Injection in Xerces Java affects Nokogiri

Summary Nokogiri v1.13.4 updates the vendored xerces:xercesImpl from 2.12.0 to 2.12.2, which addresses CVE-2022-23437. That CVE is scored as CVSS 6.5 "Medium" on the NVD record. Please note that this advisory only applies to the JRuby implementation of Nokogiri = v1.13.4. Impact CVE-2022-23437 in...

7.1CVSS1.2AI score0.0444EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2020/02/12 12:0 a.m.•44 views

libxml2 2.9.10 has an infinite loop in a certain end-of-file situation

Nokogiri has backported the patch for CVE-2020-7595 into its vendored version of libxml2, and released this as v1.10.8 CVE-2020-7595 has not yet been addressed in an upstream libxml2 release, and so Nokogiri versions = v1.10.7 are vulnerable...

7.5CVSS7.8AI score0.07627EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2019/10/31 12:0 a.m.•44 views

Nokogiri gem, via libxslt, is affected by multiple vulnerabilities

Nokogiri v1.10.5 has been released. This is a security release. It addresses three CVEs in upstream libxml2, for which details are below. If you're using your distro's system libraries, rather than Nokogiri's vendored libraries, there's no security need to upgrade at this time, though you may wan...

7.5CVSS0.06457EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2018/03/28 12:0 a.m.•44 views

HTTP response splitting in WEBrick

There is an HTTP response splitting vulnerability in WEBrick bundled with Ruby. If a script accepts an external input and outputs it without modification as a part of HTTP responses, an attacker can use newline characters to deceive the clients that the HTTP response header is stopped at there, a...

5.3CVSS6.7AI score0.0576EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2016/01/25 12:0 a.m.•44 views

Object leak vulnerability for wildcard controller routes in Action Pack

There is an object leak vulnerability for wildcard controllers in Action Pack. This vulnerability has been assigned the CVE identifier CVE-2015-7581. Versions Affected: = 4.0.0 and 5.0.0.beta1 Not affected: 4.0.0, 5.0.0.beta1 and newer Fixed Versions: 4.2.5.1, 4.1.14.1 Impact ------ Users that ha...

7.5CVSS2.5AI score0.06535EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2014/03/26 12:0 a.m.•44 views

CVE-2014-2525 libyaml: heap-based buffer overflow when parsing URLs

Heap-based buffer overflow in the yamlparserscanuriescapes function in LibYAML before 0.1.6 allows context-dependent attackers to execute arbitrary code via a long sequence of percent-encoded characters in a URI in a YAML file...

6.8CVSS7.6AI score0.09264EPSS
Exploits2References1Affected Software1
RubySec
RubySec
•added 2023/06/29 12:0 a.m.•43 views

ReDoS vulnerability in URI

We have released the uri gem version 0.12.2, 0.10.3 that has a security fix for a ReDoS vulnerability. This vulnerability has been assigned the CVE identifier CVE-2023-36617. Details A ReDoS issue was discovered in the URI component through 0.12.1 for Ruby. The URI parser mishandles invalid URLs...

5.3CVSS7AI score0.01698EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2023/06/26 12:0 a.m.•43 views

Possible XSS via User Supplied Values to redirect_to

The redirectto method in Rails allows provided values to contain characters which are not legal in an HTTP header value. This results in the potential for downstream services which enforce RFC compliance on HTTP response headers to remove the assigned Location header. This vulnerability has been...

4CVSS6.7AI score0.00332EPSS
Exploits2References1Affected Software1
RubySec
RubySec
•added 2022/02/24 12:0 a.m.•43 views

CVE-2022-25857 jruby/psych/snakeyaml: Denial of Service (DoS) due missing to nested depth limitation for collections

The package org.yaml:snakeyaml from 0 and before 1.31 are vulnerable to Denial of Service DoS due missing to nested depth limitation for collections. This package is bundled into Psych which is in turn bundled into jruby...

7.5CVSS7.6AI score0.02191EPSS
Exploits2References1Affected Software1
RubySec
RubySec
•added 2022/02/15 12:0 a.m.•43 views

Hub Package Arbitrary File Overwrite

The am function in lib/hub/commands.rb in hub before 1.12.1 allows local users to overwrite arbitrary files via a symlink attack on a temporary patch file...

3.6CVSS6.8AI score0.00387EPSS
Exploits1References1Affected Software1
RubySec
RubySec
•added 2020/11/13 12:0 a.m.•43 views

Remote code execution in dependabot-core branch names when cloning

Impact Remote code execution vulnerability in dependabot-common and dependabot-gomodules when a source branch name contains malicious injectable bash code. For example, if Dependabot is configured to use the following source branch name: "/$curl,127.0.0.1", Dependabot will make a HTTP request to...

8.8CVSS7.6AI score0.02935EPSS
Exploits1References1Affected Software1
RubySec
RubySec
•added 2019/02/15 12:0 a.m.•43 views

XSS vulnerability in bootstrap-sass

In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute...

6.1CVSS6.3AI score0.1686EPSS
Exploits2References1Affected Software1
RubySec
RubySec
•added 2018/09/13 12:0 a.m.•43 views

Bootstrap Cross-site Scripting vulnerability

In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip. This is similar to CVE-2018-14041...

6.1CVSS6.1AI score0.04293EPSS
Exploits2References1Affected Software1
RubySec
RubySec
•added 2018/03/28 12:0 a.m.•43 views

Buffer under-read in String#unpack

Stringunpack receives format specifiers as its parameter, and can be specified the position of parsing the data by the specifier @. If a big number is passed with @, the number is treated as the negative value, and out-of-buffer read is occurred. So, if a script accepts an external input as the...

7.5CVSS6.7AI score0.07825EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2013/02/11 12:0 a.m.•43 views

CVE-2013-0276 rubygem-activerecord/rubygem-activemodel: circumvention of attr_protected

ActiveRecord in Ruby on Rails before 2.3.17, 3.1.x before 3.1.11, and 3.2.x before 3.2.12 allows remote attackers to bypass the attrprotected protection mechanism and modify protected model attributes via a crafted request...

4.3CVSS6.3AI score0.0246EPSS
Exploits1References1Affected Software1
RubySec
RubySec
•added 2013/01/28 12:0 a.m.•43 views

CVE-2013-0333 rubygem-activesupport: json to yaml parsing

lib/activesupport/json/backends/yaml.rb in Ruby on Rails 2.3.x before 2.3.16 and 3.0.x before 3.0.20 does not properly convert JSON data to YAML data for processing by a YAML parser, which allows remote attackers to execute arbitrary code, conduct SQL injection attacks, or bypass authentication v...

7.5CVSS7AI score0.98582EPSS
Exploits7References1Affected Software1
RubySec
RubySec
•added 2012/10/12 12:0 a.m.•43 views

Ruby Exception#to_s / NameError#to_s Methods Safe Level Security Bypass

Ruby 1.9.3 before patchlevel 286 and 2.0 before revision r37068 allows context-dependent attackers to bypass safe-level restrictions and modify untainted strings via the 1 exctos or 2 nameerrtos API function, which marks the string as tainted, a different vulnerability than CVE-2012-4466. NOTE:...

5CVSS4.9AI score0.02619EPSS
Exploits1References1Affected Software1
RubySec
RubySec
•added 2012/08/09 12:0 a.m.•43 views

CVE-2012-3465 rubygem-actionpack: XSS Vulnerability in strip_tags

Cross-site scripting XSS vulnerability in actionpack/lib/actionview/helpers/sanitizehelper.rb in the striptags helper in Ruby on Rails before 3.0.17, 3.1.x before 3.1.8, and 3.2.x before 3.2.8 allows remote attackers to inject arbitrary web script or HTML via malformed HTML markup...

4.3CVSS4AI score0.01977EPSS
Exploits1References1Affected Software1
RubySec
RubySec
•added 2011/07/02 12:0 a.m.•43 views

Ruby Random Number Generation Local Denial Of Service Vulnerability

The SecureRandom.randombytes function in lib/securerandom.rb in Ruby before 1.8.7-p352 and 1.9.x before 1.9.2-p290 relies on PID values for initialization, which makes it easier for context-dependent attackers to predict the result string by leveraging knowledge of random strings obtained in an...

5CVSS4.8AI score0.0195EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2007/10/08 12:0 a.m.•43 views

Ruby Net::HTTPS library does not validate server certificate CN

The 1 Net::ftptls, 2 Net::telnets, 3 Net::imap, 4 Net::pop, and 5 Net::smtp libraries in Ruby 1.8.5 and 1.8.6 do not verify that the commonName CN field in a server certificate matches the domain name in a request sent over SSL, which makes it easier for remote attackers to intercept SSL...

5CVSS4.4AI score0.0187EPSS
Exploits1References1Affected Software1
RubySec
RubySec
•added 2024/11/20 12:0 a.m.•42 views

Password Pusher rate limiter can be bypassed by forging proxy headers

Impact Password Pusher comes with a configurable rate limiter. In versions prior to v1.49.0, the rate limiter could be bypassed by forging proxy headers allowing bad actors to send unlimited traffic to the site potentially causing a denial of service. Patches In v1.49.0, a fix was implemented to...

5.3CVSS6.6AI score0.00522EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2022/05/13 12:0 a.m.•42 views

Camaleon CMS vulnerable to Stored Cross-site Scripting

In the 2.4 version of Camaleon CMS, Stored XSS has been discovered. The profile image in the User settings section can be run in the update / upload area via /admin/media/upload?actions=false...

6.1CVSS2.8AI score0.01049EPSS
Exploits2References1
RubySec
RubySec
•added 2022/02/11 12:0 a.m.•42 views

Possible exposure of information vulnerability in Action Pack

Impact Under certain circumstances response bodies will not be closed, for example a bug in a webserver https://github.com/puma/puma/pull/2812 or a bug in a Rack middleware. In the event a response is not notified of a close, ActionDispatch::Executor will not know to reset thread local state for...

7.4CVSS6.5AI score0.02226EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2021/05/05 12:0 a.m.•42 views

Possible Denial of Service vulnerability in Action Dispatch

There is a possible Denial of Service vulnerability in the Mime type parser of Action Dispatch. This vulnerability has been assigned the CVE identifier CVE-2021-22902. Versions Affected: = 6.0.0 Not affected: \sMIMEPARAMETER\s\z/ end end...

7.5CVSS4.1AI score0.02791EPSS
Exploits1References1Affected Software1
RubySec
RubySec
•added 2020/09/29 12:0 a.m.•42 views

Potential HTTP Request Smuggling Vulnerability in WEBrick

WEBrick was too tolerant against an invalid Transfer-Encoding header. This may lead to inconsistent interpretation between WEBrick and some HTTP proxy servers, which may allow the attacker to "smuggle" a request. See CWE-444 in detail...

7.5CVSS3.1AI score0.03849EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2018/04/13 12:0 a.m.•42 views

Moderate severity vulnerability that affects nokogiri

The xzhead function in xzlib.c in libxml2 before 2.9.6 allows remote attackers to cause a denial of service memory consumption via a crafted LZMA file, because the decoder functionality does not restrict memory usage to what is required for a legitimate file. References: -...

6.5CVSS7.2AI score0.02706EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2017/09/14 12:0 a.m.•42 views

Buffer underrun vulnerability in Kernel.sprintf

There is a buffer underrun vulnerability in the sprintf method of Kernel module. If a malicious format string which contains a precious specifier is passed and a huge minus value is also passed to the specifier, buffer underrun may be caused. In such situation, the result may contains heap, or th...

9.1CVSS1.6AI score0.09718EPSS
Exploits1References1Affected Software1
RubySec
RubySec
•added 2017/09/14 12:0 a.m.•42 views

Escape sequence injection vulnerability in the Basic authentication of WEBrick

There is an escape sequence injection vulnerability in the Basic authentication of WEBrick bundled by Ruby. When using the Basic authentication of WEBrick, clients can pass an arbitrary string as the user name. WEBrick outputs the passed user name intact to its log, then an attacker can inject...

9.3CVSS7.4AI score0.16412EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2016/01/25 12:0 a.m.•42 views

XSS vulnerability in rails-html-sanitizer

There is a XSS vulnerability in Rails::Html::FullSanitizer used by Action View's striptags. This vulnerability has been assigned the CVE identifier CVE-2015-7579. Versions Affected: 1.0.2 Not affected: 1.0.0, 1.0.1 Fixed Versions: 1.0.3 Impact ------ Due to the way that Rails::Html::FullSanitizer...

6.1CVSS0.4AI score0.02587EPSS
Exploits1References1Affected Software1
RubySec
RubySec
•added 2015/12/16 12:0 a.m.•42 views

Unsafe tainted string usage in Fiddle and DL

There is an unsafe tainted string vulnerability in Fiddle and DL. This issue was originally reported and fixed with CVE-2009-5147 in DL, but reappeared after DL was reimplemented using Fiddle and libffi. And, about DL, CVE-2009-5147 was fixed at Ruby 1.9.1, but not fixed at other branches, then...

8.4CVSS1.3AI score0.005EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2013/12/03 12:0 a.m.•42 views

XSS Vulnerability in number_to_currency

There is an XSS vulnerability in the numbertocurrency helper in Ruby on Raile. The numbertocurrency helper allows users to nicely format a numeric value. One of the parameters to the helper unit is not escaped correctly. Applications which pass user controlled data as the unit parameter are...

4.3CVSS3.3AI score0.03171EPSS
Exploits0References1Affected Software1
Total number of security vulnerabilities1254