Lucene search
+L
RubygemsMost viewed

1255 matches found

RubySec
RubySec
•added 2018/02/27 12:0 a.m.•38 views

Authentication bypass via incorrect XML canonicalization and DOM traversal

ruby-saml prior to version 1.7.0 is vulnerable to an authentication bypass via incorrect XML canonicalization and DOM traversal. Specifically, there are inconsistencies in handling of comments within XML nodes, resulting in incorrect parsing of the inner text of XML nodes such that any inner text...

9.8CVSS4AI score0.02512EPSS
Exploits1References1Affected Software1
RubySec
RubySec
•added 2018/02/19 12:0 a.m.•38 views

Multiple persistent XSS vulnerabilities in Radiant CMS

There are multiple Persistent XSS vulnerabilities in Radiant CMS. They affect Personal Preferences Name and Username and Configuration Site Title, Dev Site Domain, Page Parts, and Page Fields...

5.4CVSS3.3AI score0.00609EPSS
Exploits2References1
RubySec
RubySec
•added 2018/01/29 12:0 a.m.•38 views

Nokogiri gem, via libxml, is affected by DoS vulnerabilities

The version of libxml2 packaged with Nokogiri contains a vulnerability. Nokogiri has mitigated these issue by upgrading to libxml 2.9.5. Wei Lei discovered that libxml2 incorrecty handled certain parameter entities. An attacker could use this issue with specially constructed XML data to cause...

7.5CVSS3.3AI score0.05928EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2016/08/22 12:0 a.m.•38 views

Minitar Directory Traversal Vulnerability

Minitar allows attackers to overwrite arbitrary files during archive extraction via a .. dot dot in an extracted filename. Analogous vulnerabilities for unzip and tar: https://www.cvedetails.com/cve/CVE-2001-1268/ and http://www.cvedetails.com/cve/CVE-2001-1267/ Credit: ecneladis...

7.5CVSS4.6AI score0.04742EPSS
Exploits1References1Affected Software1
RubySec
RubySec
•added 2016/01/14 12:0 a.m.•38 views

Ember.js XSS Vulnerability with User-Supplied JSON

By default, Ember will escape any values in Handlebars templates that use double curlies value. Developers can specifically opt out of this escaping behavior by passing an instance of SafeString rather than a raw string, which tells Ember that it should not escape the string because the developer...

6.1CVSS1.4AI score0.00816EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2015/04/13 12:0 a.m.•38 views

Ruby OpenSSL Hostname Verification

After reviewing RFC 6125 and RFC 5280, we found multiple violations of matching hostnames and particularly wildcard certificates. Ruby’s OpenSSL extension will now provide a string-based matching algorithm which follows more strict behavior, as recommended by these RFCs. In particular, matching o...

5.9CVSS1.7AI score0.02815EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2013/03/12 12:0 a.m.•38 views

CVE-2013-2617 rubygem-curl: insufficient URL escaping command injection

lib/curl.rb in the Curl Gem for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a URL...

7.5CVSS7.9AI score0.0442EPSS
Exploits0References1
RubySec
RubySec
•added 2013/02/11 12:0 a.m.•38 views

CVE-2013-0277 rubygem-activerecord: Serialized Attributes YAML Vulnerability with Rails 2.3 and 3.0

ActiveRecord in Ruby on Rails before 2.3.17 and 3.x before 3.1.0 allows remote attackers to cause a denial of service or execute arbitrary code via crafted serialized attributes that cause the +serialize+ helper to deserialize arbitrary YAML...

10CVSS7.6AI score0.07497EPSS
Exploits1References1Affected Software1
RubySec
RubySec
•added 2013/02/07 12:0 a.m.•38 views

CVE-2013-0262 rubygem-rack: Path sanitization information disclosure

rack/file.rb Rack::File in Rack 1.5.x before 1.5.2 and 1.4.x before 1.4.5 allows attackers to access arbitrary files outside the intended root directory via a crafted PATHINFO environment variable, probably a directory traversal vulnerability that is remotely exploitable, aka "symlink path...

4.3CVSS6.3AI score0.02952EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2013/01/13 12:0 a.m.•38 views

CVE-2013-0184 rubygem-rack: Rack::Auth::AbstractRequest DoS

Unspecified vulnerability in Rack::Auth::AbstractRequest in Rack 1.1.x before 1.1.5, 1.2.x before 1.2.7, 1.3.x before 1.3.9, and 1.4.x before 1.4.4 allows remote attackers to cause a denial of service via unknown vectors related to "symbolized arbitrary strings."...

4.3CVSS6AI score0.02418EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2012/10/12 12:0 a.m.•38 views

Ruby name_err_mesg_to_str Method Safe Level Security Bypass

Ruby 1.8.7 before patchlevel 371, 1.9.3 before patchlevel 286, and 2.0 before revision r37068 allows context-dependent attackers to bypass safe-level restrictions and modify untainted strings via the nameerrmesgtostr API function, which marks the string as tainted, a different vulnerability than...

5CVSS5.2AI score0.02619EPSS
Exploits1References1Affected Software1
RubySec
RubySec
•added 2012/07/26 12:0 a.m.•39 views

CVE-2012-3424 rubygem-actionpack: DoS vulnerability in authenticate_or_request_with_http_digest

The decodecredentials method in actionpack/lib/actioncontroller/metal/httpauthentication.rb in Ruby on Rails 3.x before 3.0.16, 3.1.x before 3.1.7, and 3.2.x before 3.2.7 converts Digest Authentication strings to symbols, which allows remote attackers to cause a denial of service by leveraging...

5CVSS5.3AI score0.01905EPSS
Exploits1References1Affected Software1
RubySec
RubySec
•added 2023/01/18 12:0 a.m.•37 views

Denial of Service Vulnerability in Rack Content-Disposition parsing

There is a denial of service vulnerability in the Content-Disposition parsing component of Rack. This vulnerability has been assigned the CVE identifier CVE-2022-44571. Versions Affected: = 2.0.0 Not affected: None. Fixed Versions: 2.0.9.2, 2.1.4.2, 2.2.6.1, 3.0.4.1 Impact Carefully crafted input...

7.5CVSS4.1AI score0.01503EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2023/01/17 12:0 a.m.•37 views

Code injection in ruby git

ruby-git versions prior to v1.13.0 allows a remote authenticated attacker to execute an arbitrary ruby code by having a user to load a repository containing a specially crafted filename to the product. This vulnerability is different from CVE-2022-46648...

8.8CVSS7.3AI score0.0136EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2022/10/04 12:0 a.m.•37 views

protobuf-java has a potential Denial of Service issue

Summary A potential Denial of Service issue in protobuf-java core and lite was discovered in the parsing procedure for binary and text format data. Input streams containing multiple instances of non-repeated embedded messages with repeated or unknown fields causes objects to be converted...

7.5CVSS3.3AI score0.01048EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2022/04/20 12:0 a.m.•37 views

SQL injection for certain queries with variables

For some queries, specific variable values can modify the query rather than just the variable. This can occur if: 1. the query's data source uses different escaping than the Rails database OR 2. the query has a variable inside a string literal Since Blazer is designed to run arbitrary queries, th...

7.5CVSS2.6AI score0.00857EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2022/03/30 12:0 a.m.•37 views

HTTP Request Smuggling in puma

Impact When using Puma behind a proxy that does not properly validate that the incoming HTTP request matches the RFC7230 standard, Puma and the frontend proxy may disagree on where a request starts and ends. This would allow requests to be smuggled via the front-end proxy to Puma. The following...

9.1CVSS0.9AI score0.0214EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2021/05/05 12:0 a.m.•37 views

Possible Information Disclosure / Unintended Method Execution in Action Pack

There is a possible information disclosure / unintended method execution vulnerability in Action Pack which has been assigned the CVE identifier CVE-2021-22885. Versions Affected: = 2.0.0. Not affected: 2.0.0. Fixed Versions: 6.1.3.2, 6.0.3.7, 5.2.4.6, 5.2.6 Impact ------ There is a possible...

7.5CVSS2.5AI score0.04195EPSS
Exploits1References1Affected Software1
RubySec
RubySec
•added 2020/05/28 12:0 a.m.•37 views

Cross-Site Scripting in Kaminari via `original_script_name` parameter

Impact There was a vulnerability in versions of Kaminari that would allow an attacker to inject arbitrary code into pages with pagination links. For example, an attacker could craft pagination links that link to other domain or host:...

6.4CVSS7AI score0.01508EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2020/05/18 12:0 a.m.•37 views

Potentially unintended unmarshalling of user-provided objects in MemCacheStore and RedisCacheStore

There is potentially unexpected behaviour in the MemCacheStore and RedisCacheStore where, when untrusted user input is written to the cache store using the raw: true parameter, re-reading the result from the cache can evaluate the user input as a Marshalled object instead of plain text. Vulnerabl...

9.8CVSS2.6AI score0.45732EPSS
Exploits5References1Affected Software1
RubySec
RubySec
•added 2018/10/04 12:0 a.m.•37 views

Nokogiri gem, via libxml2, is affected by multiple vulnerabilities

Nokogiri 1.8.5 has been released. This is a security and bugfix release. It addresses two CVEs in upstream libxml2 rated as "medium" by Red Hat, for which details are below. If you're using your distro's system libraries, rather than Nokogiri's vendored libraries, there's no security need to...

7.5CVSS6.7AI score0.043EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2017/10/24 12:0 a.m.•37 views

Unsafe Query Generation Risk in Ruby on Rails

actionpack/lib/actiondispatch/http/request.rb in Ruby on Rails before 3.0.13, 3.1.x before 3.1.5, and 3.2.x before 3.2.4 does not properly consider differences in parameter handling between the Active Record component and the Rack interface, which allows remote attackers to bypass intended...

6.4CVSS7.1AI score0.046EPSS
Exploits3References1Affected Software1
RubySec
RubySec
•added 2016/06/07 12:0 a.m.•37 views

Denial of service or RCE from libxml2 and libxslt

Nokogiri is affected by series of vulnerabilities in libxml2 and libxslt, which are libraries Nokogiri depends on. It was discovered that libxml2 and libxslt incorrectly handled certain malformed documents, which can allow malicious users to cause issues ranging from denial of service to remote...

7.5CVSS2.7AI score0.04964EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2016/01/19 12:0 a.m.•37 views

Nokogiri gem contains a heap-based buffer overflow vulnerability in libxml2

Nokogiri version 1.6.7.2 has been released, pulling in several upstream patches to the vendored libxml2 to address the following CVE: CVE-2015-7499 CVSS v2 Base Score: 5.0 MEDIUM Heap-based buffer overflow in the xmlGROW function in parser.c in libxml2 before 2.9.3 allows context-dependent...

5CVSS3.7AI score0.06464EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2013/11/22 12:0 a.m.•37 views

CVE-2013-4164 ruby: heap overflow in floating point parsing

Heap-based buffer overflow in Ruby 1.8, 1.9 before 1.9.3-p484, 2.0 before 2.0.0-p353, 2.1 before 2.1.0 preview2, and trunk before revision 43780 allows context-dependent attackers to cause a denial of service segmentation fault and possibly execute arbitrary code via a string that is converted to...

6.8CVSS6.1AI score0.34968EPSS
Exploits3References1Affected Software1
RubySec
RubySec
•added 2013/09/24 12:0 a.m.•37 views

CVE-2013-4363 rubygems: version regex algorithmic complexity vulnerability, incomplete CVE-2013-4287 fix

'Algorithmic complexity vulnerability in Gem::Version::ANCHOREDVERSIONPATTERN in lib/rubygems/version.rb in RubyGems before 1.8.23.2, 1.8.24 through 1.8.26, 2.0.x before 2.0.10, and 2.1.x before 2.1.5, as used in Ruby 1.9.0 through 2.0.0p247, allows remote attackers to cause a denial of service C...

4.3CVSS6AI score0.03343EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2012/05/29 12:0 a.m.•37 views

Puppet Privilege Escallation

The changeuser method in the SUIDManager lib/puppet/util/suidmanager.rb in Puppet 2.6.x before 2.6.14 and 2.7.x before 2.7.11, and Puppet Enterprise PE Users 1.0, 1.1, 1.2.x, 2.0.x before 2.0.3 does not properly manage group privileges, which allows local users to gain privileges via vectors...

6.9CVSS6.9AI score0.00384EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2008/08/08 12:0 a.m.•37 views

Ruby missing "taintness" checks in dl module

The dl module in Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 does not check "taintness" of inputs, which allows context-dependent attackers to bypass safe levels and execute dangerous functions by accessing a library using DL.dlopen...

7.5CVSS6AI score0.13666EPSS
Exploits1References1Affected Software1
RubySec
RubySec
•added 2024/07/11 12:0 a.m.•36 views

Bootstrap Cross-Site Scripting (XSS) vulnerability

A vulnerability has been identified in Bootstrap that exposes users to Cross-Site Scripting XSS attacks. The issue is present in the carousel component, where the data-slide and data-slide-to attributes can be exploited through the href attribute of an tag due to inadequate sanitization. This...

6.2AI score
Exploits0References1Affected Software1
RubySec
RubySec
•added 2023/12/24 12:0 a.m.•36 views

ActiveAdmin vulnerable to CSV injection

csvbuilder.rb in ActiveAdmin aka Active Admin before 3.2.0 allows CSV injection...

9.8CVSS7.1AI score0.0095EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2023/07/05 12:0 a.m.•37 views

Connection confusion in gRPC

When gRPC HTTP2 stack raised a header size exceeded error, it skipped parsing the rest of the HPACK frame. This caused any HPACK table mutations to also be skipped, resulting in a desynchronization of HPACK tables between sender and receiver. If leveraged, say, between a proxy and a backend, this...

7.5CVSS6.8AI score0.00502EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2022/04/11 12:0 a.m.•36 views

Denial of Service (DoS) in Nokogiri on JRuby

Summary Nokogiri v1.13.4 updates the vendored org.cyberneko.html library to 1.9.22.noko2 which addresses CVE-2022-24839. That CVE is rated 7.5 High Severity. See GHSA-9849-p7jc-9rmv for more information. Please note that this advisory only applies to the JRuby implementation of Nokogiri = 1.13.4...

7.5CVSS0.3AI score0.02114EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2022/02/11 12:0 a.m.•36 views

Information Exposure with Puma when used with Rails

Impact Prior to puma version 5.6.2, puma may not always call close on the response body. Rails, prior to version 7.0.2.2, depended on the response body being closed in order for its CurrentAttributes implementation to work correctly. From Rails: Under certain circumstances response bodies will no...

8CVSS6.4AI score0.02124EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2021/12/14 12:0 a.m.•36 views

Possible Open Redirect in Host Authorization Middleware

There is a possible open redirect vulnerability in the Host Authorization middleware in Action Pack. Specially crafted "X-Forwarded-Host" headers in combination with certain "allowed host" formats can cause the Host Authorization middleware in Action Pack to redirect users to a malicious website...

6.1CVSS6.4AI score0.04182EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2021/12/08 12:0 a.m.•36 views

Local Code Execution through Argument Injection via dash leading git url parameter in Gemfile

In bundler versions before 2.2.33, when working with untrusted and apparently harmless Gemfile's, it is not expected that they lead to execution of external code, unless that's explicit in the ruby code inside the Gemfile itself. However, if the Gemfile includes gem entries that use the git optio...

9.3CVSS8AI score0.02796EPSS
Exploits1References1Affected Software1
RubySec
RubySec
•added 2021/05/05 12:0 a.m.•36 views

Possible DoS Vulnerability in Action Controller Token Authentication

There is a possible DoS vulnerability in the Token Authentication logic in Action Controller. This vulnerability has been assigned the CVE identifier CVE-2021-22904. Versions Affected: = 4.0.0 Not affected: 4.0.0 Fixed Versions: 6.1.3.2, 6.0.3.7, 5.2.4.6, 5.2.6 Impact ------ Impacted code uses...

7.5CVSS4.4AI score0.04808EPSS
Exploits1References1Affected Software1
RubySec
RubySec
•added 2021/02/10 12:0 a.m.•36 views

Possible Open Redirect in Host Authorization Middleware

There is a possible open redirect vulnerability in the Host Authorization middleware in Action Pack. This vulnerability has been assigned the CVE identifier CVE-2021-22881. Versions Affected: = 6.0.0 Not affected: a-z0-9.-+|\a-f0-9:a-f0-9.:+\ :\d+? \z /x originhost = validhost.match...

6.1CVSS3.6AI score0.87301EPSS
Exploits1References1Affected Software1
RubySec
RubySec
•added 2020/05/18 12:0 a.m.•36 views

CSRF Vulnerability in rails-ujs

There is an vulnerability in rails-ujs that allows attackers to send CSRF tokens to wrong domains. Versions Affected: rails = 5.2.4.3, rails = 6.0.3.1 Impact ------ This is a regression of CVE-2015-1840. In the scenario where an attacker might be able to control the href attribute of an anchor ta...

6.5CVSS2AI score0.04397EPSS
Exploits2References1Affected Software1
RubySec
RubySec
•added 2020/04/29 12:0 a.m.•36 views

Potential XSS vulnerability in jQuery

Impact Passing HTML containing elements from untrusted sources - even after sanitizing them - to one of jQuery's DOM manipulation methods i.e. .html, .append, and others may execute untrusted code. Workarounds To workaround this issue without upgrading, use DOMPurify with its SAFEFORJQUERY option...

6.9CVSS7AI score0.8383EPSS
Exploits6References1Affected Software1
RubySec
RubySec
•added 2019/02/15 12:0 a.m.•36 views

XSS vulnerability in bootstrap

In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute...

6.1CVSS6.3AI score0.1686EPSS
Exploits2References1Affected Software1
RubySec
RubySec
•added 2018/09/13 12:0 a.m.•36 views

Bootstrap Cross-site Scripting vulnerability

In Bootstrap starting in version 2.3.0 and prior to versions 3.4.0 and 4.1.2, XSS is possible in the data-container property of tooltip. This is similar to CVE-2018-14041...

6.1CVSS6.1AI score0.04293EPSS
Exploits2References1Affected Software1
RubySec
RubySec
•added 2017/11/10 12:0 a.m.•36 views

Stored XSS in "geminabox" via injection in Gemspec "homepage" value

Stored cross-site scripting XSS vulnerability in "geminabox" Gem in a Box allows attackers to inject arbitrary web script via a crafted JavaScript URL in the "homepage" value of a ".gemspec" file. A ".gemspec" file must be created with a JavaScript URL in the homepage value. This can be used to...

6.1CVSS1.1AI score0.01084EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2017/10/24 12:0 a.m.•36 views

High severity vulnerability that affects thin

lib/thin/connection.rb in Thin web server before 1.2.4 relies on the X-Forwarded-For header to determine the IP address of the client, which allows remote attackers to spoof the IP address and hide activities via a modified X-Forwarded-For header...

7.5CVSS6.8AI score0.01382EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2016/01/25 12:0 a.m.•36 views

Possible Information Leak Vulnerability in Action View

There is a possible directory traversal and information leak vulnerability in Action View. This vulnerability has been assigned the CVE identifier CVE-2016-0752. Versions Affected: All. Not affected: None. Fixed Versions: 5.0.0.beta1.1, 4.2.5.1, 4.1.14.1, 3.2.22.1 Impact ------ Applications that...

7.5CVSS2.3AI score0.95537EPSS
Exploits11References1Affected Software1
RubySec
RubySec
•added 2015/04/29 12:0 a.m.•36 views

rest-client ruby gem logs sensitive information

REST client for Ruby aka rest-client before 1.7.3 logs usernames and passwords, which allows local users to obtain sensitive information by reading the log...

2.1CVSS2.5AI score0.00373EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2014/09/27 12:0 a.m.•36 views

i18n Gem for Ruby lib/i18n/core_ext/hash.rb Hash#slice() Function Hash Handling DoS

i18n Gem for Ruby contains a flaw in the Hashslice function in lib/i18n/coreext/hash.rb that is triggered when calling a hash when :somekey is in keepkeys but not in the hash. This may allow an attacker to cause the program to crash...

7.5CVSS1.8AI score0.0339EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2012/10/05 12:0 a.m.•36 views

Ruby incomplete fix for CVE-2011-1005 for NameError#to_s method when used on objects

The safe-level feature in Ruby 1.8.7 allows context-dependent attackers to modify strings via the NameErrortos method when operating on Ruby objects. NOTE: this issue is due to an incomplete fix for CVE-2011-1005...

5CVSS5.2AI score0.02772EPSS
Exploits2References1Affected Software1
RubySec
RubySec
•added 2008/08/08 12:0 a.m.•36 views

Ruby multiple insufficient safe mode restrictions

Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 does not properly restrict access to critical variables and methods at various safe levels, which allows context-dependent attackers to bypass intended access restrictions via 1 untracevar, 2...

7.5CVSS5.8AI score0.14085EPSS
Exploits1References1Affected Software1
RubySec
RubySec
•added 2024/03/21 12:0 a.m.•35 views

Buffer overread vulnerability in StringIO

An issue was discovered in StringIO 3.0.1, as distributed in Ruby 3.0.x through 3.0.6 and 3.1.x through 3.1.4. The ungetbyte and ungetc methods on a StringIO can read past the end of a string, and a subsequent call to StringIO.gets may return the memory value. This vulnerability is not affected...

9.8CVSS7AI score0.02364EPSS
Exploits0References1Affected Software1
RubySec
RubySec
•added 2023/03/31 12:0 a.m.•35 views

Ruby Time component ReDos issue

A ReDoS issue was discovered in the Time component through 0.2.1 in Ruby through 3.2.1. The Time parser mishandles invalid URLs that have specific characters. It causes an increase in execution time for parsing strings to Time objects. The fixed versions are 0.1.1 and 0.2.2...

5.3CVSS6.8AI score0.02452EPSS
Exploits0References1Affected Software1
Total number of security vulnerabilities1255