Lucene search
+L
RubygemsMost viewed

1255 matches found

RubySec
RubySec
added 2017/08/29 12:0 a.m.29 views

RubyGems DNS request hijacking vulnerability

RubyGems version 2.6.12 and earlier is vulnerable to a DNS hijacking vulnerability that allows a MITM attacker to force the RubyGems client to down load and install gems from a server that the attacker controls...

8.1CVSS4.5AI score0.0475EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2016/08/11 12:0 a.m.29 views

Possible XSS Vulnerability in Action View

There is a possible XSS vulnerability in Action View. Text declared as "HTML safe" will not have quotes escaped when used as attribute values in tag helpers. Impact ------ Text declared as "HTML safe" when passed as an attribute value to a tag helper will not have quotes escaped which can lead to...

6.1CVSS1.6AI score0.03438EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2016/02/29 12:0 a.m.29 views

Possible remote code execution vulnerability in Action Pack

There is a possible remote code execution vulnerability in Action Pack. This vulnerability has been assigned the CVE identifier CVE-2016-2098. Versions Affected: 3.2.x, 4.0.x, 4.1.x, 4.2.x Not affected: 5.0+ Fixed Versions: 3.2.22.2, 4.1.14.2, 4.2.5.2 Impact ------ Applications that pass unverifi...

7.5CVSS3.4AI score0.81445EPSS
Exploits7References1Affected Software1
RubySec
RubySec
added 2015/11/23 12:0 a.m.29 views

Phusion Passenger Server allows to overwrite headers in some cases

It is possible in some cases, for clients to overwrite headers set by the server, resulting in a medium level security issue. Passenger 5 uses an SCGI-inspired format to pass headers to Ruby/Python applications, while Passenger 4 uses an SCGI-inspired format to pass headers to all applications...

4.3CVSS6.8AI score0.02364EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2014/10/30 12:0 a.m.29 views

Arbitrary file existence disclosure in Action Pack

Specially crafted requests can be used to determine whether a file exists on the filesystem that is outside the Rails application's root directory. The files will not be served, but attackers can determine whether or not the file exists...

4.3CVSS4.6AI score0.03457EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2013/12/03 12:0 a.m.29 views

Denial of Service Vulnerability in Action View

There is a denial of service vulnerability in the header handling component of Action View...

5CVSS2.4AI score0.207EPSS
Exploits2References1Affected Software1
RubySec
RubySec
added 2013/10/22 12:0 a.m.29 views

Cocaine Gem for Ruby contains a flaw

Cocaine Gem for Ruby contains a flaw that is due to the method of variable interpolation used by the program. With a specially crafted object, a context-dependent attacker can execute arbitrary commands...

6.8CVSS4.3AI score0.01453EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2013/09/09 12:0 a.m.29 views

CVE-2013-4287 rubygems: version regex algorithmic complexity vulnerability

Algorithmic complexity vulnerability in Gem::Version::VERSIONPATTERN in lib/rubygems/version.rb in RubyGems before 1.8.23.1, 1.8.24 through 1.8.25, 2.0.x before 2.0.8, and 2.1.x before 2.1.0, as used in Ruby 1.9.0 through 2.0.0p247, allows remote attackers to cause a denial of service CPU...

4.3CVSS5.9AI score0.03343EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2013/01/14 12:0 a.m.29 views

httparty Gem for Ruby Type Casting Parameter Parsing Remote Code Execution

httparty Gem for Ruby contains a flaw that is triggered when a type casting error occurs during the parsing of parameters. This may allow a context-dependent attacker to potentially execute arbitrary code...

7.5CVSS7.3AI score0.0441EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2011/12/27 12:0 a.m.29 views

CVE-2011-4838 jruby: hash table collisions DoS (oCERT-2011-003)

JRuby before 1.6.5.1 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service CPU consumption via crafted input to an application that maintains a hash table...

5CVSS6.1AI score0.0436EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2011/03/01 12:0 a.m.29 views

Ruby memory corruption in BigDecimal on 64bit platforms

The VpMemAlloc function in bigdecimal.c in the BigDecimal class in Ruby 1.9.2-p136 and earlier, as used on Apple Mac OS X before 10.6.7 and other platforms, does not properly allocate memory, which allows context-dependent attackers to execute arbitrary code or cause a denial of service applicati...

6.8CVSS6.2AI score0.03025EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2008/06/20 12:0 a.m.29 views

CVE-2008-2726 ruby: integer overflow in rb_ary_splice/update/replace() - beg + rlen

Integer overflow in the 1 rbarysplice function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2; and 2 the rbaryreplace function in 1.6.x allows context-dependent attackers to trigger memory corruption, aka the "beg +...

7.8CVSS6.7AI score0.03759EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2025/02/26 12:0 a.m.28 views

CVE-2025-27221 - userinfo leakage in URI#join, URI#merge and URI#+.

There is a possibility for userinfo leakage by in the uri gem. This vulnerability has been assigned the CVE identifier CVE-2025-27221. We recommend upgrading the uri gem. Details The methods URIjoin, URImerge, and URI+ retained userinfo, such as user:password, even after the host is replaced. Whe...

5.3CVSS6.9AI score0.00472EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2024/10/15 12:0 a.m.28 views

Possible ReDoS vulnerability in HTTP Token authentication in Action Controller

There is a possible ReDoS vulnerability in Action Controller's HTTP Token authentication. This vulnerability has been assigned the CVE identifier CVE-2024-47887. Impact For applications using HTTP Token authentication via authenticateorrequestwithhttptoken or similar, a carefully crafted header m...

8.7CVSS7.2AI score0.01048EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2024/08/23 12:0 a.m.28 views

request_store has Incorrect Default Permissions

Impact The files published as part of requeststore 1.3.2 have 0666 permissions, meaning that they are world-writable, which allows local users to execute arbitrary code. This version was published in 2017, and most production environments do not allow access for local users, so the chances of thi...

7.8CVSS7.6AI score0.00194EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2024/02/20 12:0 a.m.28 views

Cross-site scripting (XSS) in the dynamic file uploads

Impact The dynamic file upload feature is subject to potential XSS attach in case the attacker manages to modify the file names of the records being uploaded to the server. This appears in sections where the user controls the file upload dialogs themselves and has the technical knowledge to chang...

6.3CVSS6AI score0.00493EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2023/05/01 12:0 a.m.28 views

Race Condition leading to logging errors

In certain setups with threaded web servers, Audited's use of Thread.current can incorrectly attributed audits to the wrong user. Fixed in 5.3.3. In March, @convisoappsec noticed that the library in question had a Race Condition problem, which caused logs to be registered at times with different...

3.1CVSS7AI score0.00494EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2023/04/20 12:0 a.m.28 views

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) in Pay

Impact A payments info page of Pay is susceptible to reflected Cross-site scripting. An attacker could create a working URL that renders a javascript link to a user on a Rails application that integrates Pay. This URL could be distributed via email to specifically target certain individuals. If t...

7.1CVSS6.5AI score0.0045EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2022/05/23 12:0 a.m.28 views

Improper Handling of Unexpected Data Type in Nokogiri

Summary Nokogiri = 1.13.6. JRuby users are not affected. Workarounds To avoid this vulnerability in affected applications, ensure the untrusted input is a String by calling tos or equivalent...

8.2CVSS2.8AI score0.03078EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2022/05/13 12:0 a.m.28 views

katello SQL Injection vulnerability

A SQL injection flaw was found in katello's errata-related API. An authenticated remote attacker can craft input data to force a malformed SQL query to the backend database, which will leak internal IDs. This is issue is related to an incomplete fix for CVE-2016-3072. Version 3.10 and older is...

4.3CVSS4.4AI score0.01428EPSS
Exploits0References1
RubySec
RubySec
added 2022/01/07 12:0 a.m.28 views

A potential Denial of Service issue in protobuf-java

Summary A potential Denial of Service issue in protobuf-java was discovered in the parsing procedure for binary data. Affected versions: All versions of Java Protobufs including Kotlin and JRuby prior to the versions listed below. Protobuf "javalite" users typically Android are not affected...

7.5CVSS6.6AI score0.01655EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2021/11/24 12:0 a.m.28 views

Buffer Overrun in CGI.escape_html

A security vulnerability that causes buffer overflow when you pass a very large string 700 MB to CGI.escapehtml on a platform where long type takes 4 bytes, typically, Windows. Please update the cgi gem to version 0.3.1, 0.2.1, and 0.1.1 or later. You can use gem update cgi to update it. If you a...

9.8CVSS7.2AI score0.04766EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2021/11/18 12:0 a.m.28 views

Authentication Bypass by CSRF Weakness

Impact CSRF vulnerability that allows user account takeover. All applications using any version of the frontend component of solidusauthdevise are affected if protectfromforgery method is both: - Executed whether as: - A beforeaction callback the default - A prependbeforeaction option prepend: tr...

9.3CVSS6.7AI score0.00609EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2021/01/11 12:0 a.m.28 views

Injection/XSS in Redcarpet

Redcarpet is a Ruby library for Markdown processing. In Redcarpet before version 3.5.1, there is an injection vulnerability which can enable a cross-site scripting attack. In affected versions no HTML escaping was being performed when processing quotes. This applies even when the :escapehtml opti...

6.8CVSS2.5AI score0.0157EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2020/12/08 12:0 a.m.28 views

omniauth-apple allows attacker to fake their email address during authentication

Impact This vulnerability impacts applications using the omniauth-apple strategy of OmniAuth and using the info.email field of OmniAuth's Auth Hash Schema for any kind of identification. The value of this field may be set to any value of the attacker's choice including email addresses of other...

7.7CVSS7AI score0.01322EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2019/01/17 12:0 a.m.28 views

XSS vulnerability that affects bootstrap

In Bootstrap before 3.4.0, XSS is possible in the tooltip data-viewport attribute...

6.1CVSS6.1AI score0.03835EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2019/01/17 12:0 a.m.28 views

XSS vulnerability that affects bootstrap

In Bootstrap before 3.4.0, XSS is possible in the tooltip data-viewport attribute...

6.1CVSS6.1AI score0.03835EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2018/06/12 12:0 a.m.28 views

Null pointer dereference in mrb_class_real

An issue was discovered in mruby 1.4.1. There is a NULL pointer dereference in mrbclassreal because "class BasicObject" is not properly supported in class.c...

7.5CVSS6.9AI score0.02119EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2018/03/19 12:0 a.m.28 views

HTML injection/XSS in Sanitize

When Sanitize gem is used in combination with libxml2 = 2.9.2, a specially crafted HTML fragment can cause libxml2 to generate improperly escaped output, allowing non-whitelisted attributes to be used on whitelisted elements. This can allow HTML and JavaScript injection, which could result in XSS...

7.5CVSS1.9AI score0.0152EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2017/10/24 12:0 a.m.28 views

Cross-site Scripting in jquery-ui

Cross-site scripting XSS vulnerability in jquery.ui.dialog.js in the Dialog widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title option...

6.1CVSS6AI score0.18351EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2017/10/24 12:0 a.m.28 views

Filter Skipping Vulnerability in Ruby on Rails 3.0/actionpack

The template selection functionality in actionpack/lib/actionview/template/resolver.rb in Ruby on Rails 3.0.x before 3.0.10 and 3.1.x before 3.1.0.rc6 does not properly handle glob characters, which allows remote attackers to render arbitrary views via a crafted URL, related to a "filter skipping...

5CVSS6.7AI score0.01813EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2016/08/11 12:0 a.m.28 views

Possible XSS Vulnerability in Action View

There is a possible XSS vulnerability in Action View. Text declared as "HTML safe" will not have quotes escaped when used as attribute values in tag helpers. Impact ------ Text declared as "HTML safe" when passed as an attribute value to a tag helper will not have quotes escaped which can lead to...

6.1CVSS1.6AI score0.03438EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2016/01/25 12:0 a.m.28 views

Possible XSS vulnerability in rails-html-sanitizer

There is a possible XSS vulnerability in rails-html-sanitizer. This vulnerability has been assigned the CVE identifier CVE-2015-7578. Versions Affected: All. Not affected: None. Fixed Versions: 1.0.3 Impact ------ There is a possible XSS vulnerability in rails-html-sanitizer. Certain attributes a...

6.1CVSS3.6AI score0.02485EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2016/01/25 12:0 a.m.28 views

Possible XSS vulnerability in rails-html-sanitizer

There is a possible XSS vulnerability in the white list sanitizer in the rails-html-sanitizer gem. This vulnerability has been assigned the CVE identifier CVE-2015-7580. Versions Affected: All. Not affected: None. Fixed Versions: v1.0.3 Impact ------ Carefully crafted strings can cause user input...

6.1CVSS1.4AI score0.02196EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2015/06/16 12:0 a.m.28 views

CSRF Vulnerability in jquery-rails

In the scenario where an attacker might be able to control the href attribute of an anchor tag or the action attribute of a form tag that will trigger a POST action, the attacker can set the href or action to " https://attacker.com" note the leading space that will be passed to JQuery, who will s...

5CVSS6.3AI score0.04397EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2013/12/14 12:0 a.m.28 views

CVE-2013-6461 rubygem-nokogiri: DoS while parsing XML entities

Nokogiri gem 1.5.x and 1.6.x has DoS while parsing XML entities by failing to apply limits...

6.5CVSS6.4AI score0.02194EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2013/12/02 12:0 a.m.28 views

sprout Gem for Ruby archive_unpacker.rb unpack_zip() Function Multiple Parameter Arbitrary Code Execution

sprout Gem for Ruby contains a flaw in the unpackzip function in archiveunpacker.rb. The issue is due to the program failing to properly sanitize input passed via the 'zipfile', 'dir', 'zipname', and 'output' parameters. This may allow a context-dependent attacker to execute arbitrary code...

7.5CVSS7AI score0.01971EPSS
Exploits1References1
RubySec
RubySec
added 2013/03/19 12:0 a.m.28 views

XML Parsing Vulnerability affecting JRuby users

The ActiveSupport XML parsing functionality supports multiple pluggable backends. One backend supported for JRuby users is ActiveSupport::XmlMiniJDOM which makes use of the javax.xml.parsers.DocumentBuilder class. In some JVM configurations the default settings of that class can allow an attacker...

5.8CVSS4.2AI score0.02054EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2012/04/20 12:0 a.m.28 views

CVE-2012-2125 CVE-2012-2126 rubygems: Two security fixes in v1.8.23

RubyGems before 1.8.23 does not verify an SSL certificate, which allows remote attackers to modify a gem during installation via a man-in-the-middle attack...

5.8CVSS6AI score0.02477EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2008/08/14 12:0 a.m.28 views

Ruby Memory allocation failure in Ruby regex engine (remotely exploitable DoS)

The regular expression engine regex.c in Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 allows remote attackers to cause a denial of service infinite loop and crash via multiple long requests to a Ruby socket, related to memory allocation failure...

5CVSS6.6AI score0.15678EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2008/06/20 12:0 a.m.28 views

CVE-2008-2663 ruby: Integer overflows in rb_ary_store()

Multiple integer overflows in the rbarystore function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, and 1.8.7 before 1.8.7-p22 allow context-dependent attackers to execute arbitrary code or cause a denial of service via unknown vectors, a different issue than...

10CVSS6.6AI score0.04456EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2025/03/14 12:0 a.m.27 views

Camaleon CMS Vulnerable to Privilege Escalation through a Mass Assignment

A Privilege Escalation through a Mass Assignment exists in Camaleon CMS When a user wishes to change his password, the 'updatedajax' method of the UsersController is called. The vulnerability stems from the use of the dangerous permit! method, which allows all parameters to pass through without a...

9.4CVSS7AI score0.0058EPSS
Exploits17References1Affected Software1
RubySec
RubySec
added 2024/10/01 12:0 a.m.27 views

Decidim has a cross-site scripting vulnerability in the version control page

Impact The version control feature used in resources is subject to potential cross-site scripting XSS attack through a malformed URL. Workarounds Not available References OWASP ASVS v4.0.3-5.1.3 Credits This issue was discovered in a security audit organized by Open Source Politics against Decidi...

7.1CVSS6.1AI score0.004EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2024/05/27 12:0 a.m.27 views

Denial of Service in rack-contrib via "profiler_runs" parameter

rack-contrib prior to version 2.5.0 is vulnerable to a Denial of Service via the profilerruns HTTP request parameter. Versions Affected: = 2.5.0 Impact An attacker can trigger a Denial of Service by sending an HTTP request with an overly large profilerruns parameter. shell curl...

8.6CVSS6.9AI score0.00662EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2024/01/16 12:0 a.m.27 views

avo vulnerable to stored cross-site scripting (XSS) in key_value field

Summary A stored cross-site scripting XSS vulnerability was found in the keyvalue field of Avo v3.2.3. This vulnerability could allow an attacker to execute arbitrary JavaScript code in the victim's browser. Details The value of the keyvalue is inserted directly into the HTML code. In the current...

7.3CVSS6.4AI score0.00745EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2023/09/14 12:0 a.m.27 views

sidekiq Denial of Service vulnerability

Versions of the package sidekiq before 7.1.3 are vulnerable to Denial of Service DoS due to insufficient checks in the dashboard-charts.js file. An attacker can exploit this vulnerability by manipulating the localStorage value which will cause excessive polling requests...

7.5CVSS6.8AI score0.0075EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2023/07/06 12:0 a.m.27 views

gRPC Reachable Assertion issue

There exists an vulnerability causing an abort to be called in gRPC. The following headers cause gRPC's C++ implementation to abort when called via http2: te: x x != trailers :scheme: x x != http, https grpclbclientstats: x x == anything On top of sending one of those headers, a later header must...

7.5CVSS6.7AI score0.00412EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2023/02/24 12:0 a.m.27 views

Code injection in pdf_info

pdfinfo 0.5.3 is vulnerable to Command Execution. An attacker using a specially crafted payload may execute OS commands by using command chaining because during object initalization there is no validation performed and the user provided path is used...

9.8CVSS3.9AI score0.03014EPSS
Exploits2References1
RubySec
RubySec
added 2022/10/07 12:0 a.m.27 views

Fat Free CRM vulnerable to Remote Denial of Service via Tasks endpoint

Impact An authenticated user can perform a remote Denial of Service attack against Fat Free CRM. This vulnerability has been assigned the CVE identifier: CVE-2022-39281 Affected versions: All Not affected: None Fixed versions: 0.20.1 All users running an affected release should either upgrade or...

6.5CVSS5.2AI score0.01414EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2022/05/24 12:0 a.m.27 views

Nokogiri affected by libxslt Use of Uninitialized Resource/ Use After Free vulnerability

In xsltCopyText in transform.c in libxslt 1.1.33, a pointer variable isn't reset under certain circumstances. If the relevant memory area happened to be freed and reused in a certain way, a bounds check could fail and memory outside a buffer could be written to, or uninitialized data could be...

7.5CVSS6.9AI score0.04446EPSS
Exploits0References1Affected Software1
Total number of security vulnerabilities1255