Lucene search
+L
RubygemsRecent

1255 matches found

RubySec
RubySec
added 2022/05/05 12:0 a.m.14 views

RubyGem openshift-origin-controller is vulnerable to command injection

'rubygem-openshift-origin-controller: API can be used to create applications via cartridgecache.rb URI.prase to perform command injection'...

9.8CVSS7AI score0.02498EPSS
Exploits1References1
RubySec
RubySec
added 2022/05/03 12:0 a.m.44 views

sinatra does not validate expanded path matches

Sinatra before 2.2.0 does not validate that the expanded path matches publicdir when serving static files...

7.5CVSS2.3AI score0.02059EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2022/05/03 12:0 a.m.59 views

CSV-Safe improperly filters special characters potentially leading to CSV injection

CSV-Safe gem 3.0.0 doesn't filter out special characters which could trigger CSV Injection...

9.8CVSS4.5AI score0.01729EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2022/05/02 12:0 a.m.23 views

Puppet arbitrary files overwrite via a symlink attack

Puppet 0.24.x before 0.24.9 and 0.25.x before 0.25.2 allows local users to overwrite arbitrary files via a symlink attack on the 1 /tmp/daemonout, 2 /tmp/puppetdoc.txt, 3 /tmp/puppetdoc.tex, or 4 /tmp/puppetdoc.aux temporary file...

3.3CVSS7.1AI score0.00325EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2022/05/01 12:0 a.m.21 views

Mongrel vulnerable to directory traversal via double-encoded sequences

Directory traversal vulnerability in DirHandler lib/mongrel/handlers.rb in Mongrel 1.0.4 1.0.3 and prior are not affected and 1.1.x before 1.1.3 allows remote attackers to read arbitrary files via an HTTP request containing double-encoded sequences .%252e...

6.4CVSS7AI score0.03003EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2022/04/27 12:0 a.m.82 views

Possible XSS Vulnerability in Action Pack

There is a possible XSS vulnerability in Rails / Action Pack. This vulnerability has been assigned the CVE identifier CVE-2022-22577. Versions Affected: = 5.2.0 Not affected: 5.2.0 Fixed Versions: 7.0.2.4, 6.1.5.1, 6.0.4.8, 5.2.7.1 Impact CSP headers were only sent along with responses that Rails...

6.1CVSS7.3AI score0.01594EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2022/04/26 12:0 a.m.29 views

Possible XSS Vulnerability in Action View tag helpers

There is a possible XSS vulnerability in Action View tag helpers. Passing untrusted input as hash keys can lead to a possible XSS vulnerability. This vulnerability has been assigned the CVE identifier CVE-2022-27777. Versions Affected: ALL Not affected: NONE Fixed Versions: 7.0.2.4, 6.1.5.1,...

6.1CVSS3.2AI score0.01485EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2022/04/26 12:0 a.m.16 views

Server side request forgery in gibbon

Gibbon v3.4.3 and below allows attackers to execute a Server-Side Request Forgery SSRF via a crafted URL. This issue has been resolved in version 3.4.4...

9.8CVSS7AI score0.01533EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2022/04/23 12:0 a.m.23 views

Out-of-bounds Read in mrb_obj_is_kind_of in in mruby/mruby

Out-of-bounds Read in mrbobjiskindof in in GitHub repository mruby/mruby prior to 3.2. Impact: Possible arbitrary code execution if being exploited...

7.8CVSS7.1AI score0.00446EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2022/04/22 12:0 a.m.18 views

Cross site scripting in rails/actionpack < 3.0.6

A cross-site scripting vulnerability flaw was found in the autolink function in Rails before version 3.0.6...

6.1CVSS6.1AI score0.01243EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2022/04/20 12:0 a.m.37 views

SQL injection for certain queries with variables

For some queries, specific variable values can modify the query rather than just the variable. This can occur if: 1. the query's data source uses different escaping than the Rails database OR 2. the query has a variable inside a string literal Since Blazer is designed to run arbitrary queries, th...

7.5CVSS2.6AI score0.00857EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2022/04/20 12:0 a.m.26 views

Command injection in ruby-git

The package git before 1.11.0 are vulnerable to Command Injection via git argument injection. When calling the fetchremote = 'origin', opts = function, the remote parameter is passed to the git fetch subcommand in a way that additional flags can be set. The additional flags can be used to perform...

9.8CVSS3.3AI score0.04871EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2022/04/12 12:0 a.m.65 views

Double free in Regexp compilation

A double-free vulnerability is discovered in Regexp compilation. This vulnerability has been assigned the CVE identifier CVE-2022-28738. We strongly recommend upgrading Ruby. Due to a bug in the Regexp compilation process, creating a Regexp object with a crafted source string could cause the same...

9.8CVSS7.2AI score0.02744EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2022/04/12 12:0 a.m.98 views

Buffer overrun in String-to-Float conversion

A buffer-overrun vulnerability is discovered in a conversion algorithm from a String to a Float. This vulnerability has been assigned the CVE identifier CVE-2022-28739. We strongly recommend upgrading Ruby. Due to a bug in an internal function that converts a String to a Float, some convertion...

7.5CVSS3.3AI score0.04127EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2022/04/11 12:0 a.m.44 views

XML Injection in Xerces Java affects Nokogiri

Summary Nokogiri v1.13.4 updates the vendored xerces:xercesImpl from 2.12.0 to 2.12.2, which addresses CVE-2022-23437. That CVE is scored as CVSS 6.5 "Medium" on the NVD record. Please note that this advisory only applies to the JRuby implementation of Nokogiri = v1.13.4. Impact CVE-2022-23437 in...

7.1CVSS1.2AI score0.0444EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2022/04/11 12:0 a.m.64 views

Out-of-bounds Write in zlib affects Nokogiri

Summary Nokogiri v1.13.4 updates the vendored zlib from 1.2.11 to 1.2.12, which addresses CVE-2018-25032. That CVE is scored as CVSS 7.4 "High" on the NVD record as of 2022-04-05. Please note that this advisory only applies to the CRuby implementation of Nokogiri = v1.13.4. Impact CVE-2018-25032 ...

7.5CVSS0.3AI score0.52063EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2022/04/11 12:0 a.m.36 views

Denial of Service (DoS) in Nokogiri on JRuby

Summary Nokogiri v1.13.4 updates the vendored org.cyberneko.html library to 1.9.22.noko2 which addresses CVE-2022-24839. That CVE is rated 7.5 High Severity. See GHSA-9849-p7jc-9rmv for more information. Please note that this advisory only applies to the JRuby implementation of Nokogiri = 1.13.4...

7.5CVSS0.3AI score0.02114EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2022/04/11 12:0 a.m.25 views

Inefficient Regular Expression Complexity in Nokogiri

Summary Nokogiri = 1.13.4...

7.5CVSS2.7AI score0.03549EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2022/04/10 12:0 a.m.25 views

Out-of-bounds Read in mrb_get_args in mruby/mruby

Out-of-bounds Read in mrbgetargs in GitHub repository mruby/mruby prior to 3.2. Possible arbitrary code execution if being exploited...

9.8CVSS7.8AI score0.01476EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2022/04/10 12:0 a.m.18 views

heap-buffer-overflow in mrb_vm_exec in mruby/mruby in mruby/mruby

heap-buffer-overflow in mrbvmexec in mruby/mruby in GitHub repository mruby/mruby prior to 3.2. Possible arbitrary code execution if being exploited...

9.8CVSS7AI score0.01109EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2022/04/07 12:0 a.m.30 views

Improper one time password handling in devise-two-factor

Impact As a result of an incomplete fix for CVE-2015-7225, in versions of devise-two-factor prior to 4.0.2 it is possible to reuse a One-Time-Password OTP for one and only one immediately trailing interval. Patches This vulnerability has been patched in version 4.0.2 which was released on March...

5.3CVSS2.7AI score0.01782EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2022/04/05 12:0 a.m.22 views

Use-After-Free in str_escape in mruby/mruby in mruby/mruby

Use-After-Free in strescape in mruby/mruby in GitHub repository mruby/mruby prior to 3.2. Possible arbitrary code execution if being exploited...

9.8CVSS7.8AI score0.0168EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2022/04/05 12:0 a.m.32 views

Reallocation bug can trigger heap memory corruption

The 1.x branch and the 2.x branch of yajl contain an integer overflow which leads to subsequent heap memory corruption when dealing with large 2GB inputs. Details The reallocation logic at yajlbuf.cL64 may result in the need 32bit integer wrapping to 0 when need approaches a value of 0x80000000...

7.5CVSS1.2AI score0.03472EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2022/04/02 12:0 a.m.12 views

Command injection in cocoapods-downloader

The package cocoapods-downloader before 1.6.0, from 1.6.2 and before 1.6.3 are vulnerable to Command Injection via git argument injection. When calling the Pod::Downloader.preprocessoptions function and using git, both the git and branch parameters are passed to the git ls-remote subcommand in a...

9.8CVSS7.5AI score0.02713EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2022/04/02 12:0 a.m.13 views

Command injection in cocoapods-downloader

The package cocoapods-downloader before 1.6.2 are vulnerable to Command Injection via hg argument injection. When calling the download function when using hg, the url and/or revision, tag, branch is passed to the hg clone command in a way that additional flags can be set. The additional flags can...

9.8CVSS2.5AI score0.01781EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2022/04/02 12:0 a.m.30 views

NULL Pointer Dereference in mrb_vm_exec with super in mruby/mruby

NULL Pointer Dereference in mrbvmexec with super in GitHub repository mruby/mruby prior to 3.2. This vulnerability is capable of making the mruby interpreter crash, thus affecting the availability of the system...

7.1CVSS6.8AI score0.00363EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2022/03/31 12:0 a.m.17 views

Command Injection vulnerability in asciidoctor-include-ext

Impact Applications using Asciidoctor Ruby with asciidoctor-include-ext prior to version 0.4.0, which render user-supplied input in AsciiDoc markup, may allow an attacker to execute arbitrary system commands on the host operating system. This attack is possible even when allow-uri-read is disable...

10CVSS7.6AI score0.02719EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2022/03/30 12:0 a.m.37 views

HTTP Request Smuggling in puma

Impact When using Puma behind a proxy that does not properly validate that the incoming HTTP request matches the RFC7230 standard, Puma and the frontend proxy may disagree on where a request starts and ends. This would allow requests to be smuggled via the front-end proxy to Puma. The following...

9.1CVSS0.9AI score0.0214EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2022/03/27 12:0 a.m.18 views

Use after free in mrb_vm_exec in mruby/mruby

Use after free in mrbvmexec in GitHub repository mruby/mruby prior to 3.2...

9.1CVSS7.4AI score0.01031EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2022/03/26 12:0 a.m.31 views

Improper Certificate Validation in kubeclient

A flaw was found in all versions of kubeclient up to but not including v4.9.3, the Ruby client for Kubernetes REST API, in the way it parsed kubeconfig files. When the kubeconfig file does not configure custom CA to verify certs, kubeclient ends up accepting any certificate it wrongly returns...

8.1CVSS2.9AI score0.00905EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2022/03/26 12:0 a.m.17 views

User after free in mrb_vm_exec in mruby/mruby

User after free in mrbvmexec in GitHub repository mruby/mruby prior to 3.2...

8.2CVSS7.2AI score0.00906EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2022/03/24 12:0 a.m.25 views

Missing Authentication for Critical Function in Foreman Ansible

An authorization flaw was found in Foreman Ansible. An authenticated attacker with certain permissions to create and run Ansible jobs can access hosts through job templates. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

8CVSS2.6AI score0.01031EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2022/03/16 12:0 a.m.7 views

Cross-site Scripting in CKEditor4

Affected packages The vulnerability has been discovered in the core HTML processing module and may affect all plugins used by CKEditor 4. Impact A potential vulnerability has been discovered in CKEditor 4 HTML processing core module. The vulnerability allowed to inject malformed HTML bypassing...

5.4CVSS9.1AI score0.0119EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2022/03/10 12:0 a.m.20 views

NULL Pointer Dereference in mruby/mruby

NULL Pointer Dereference in GitHub repository mruby/mruby prior to 3.2...

7.1CVSS6.9AI score0.00814EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2022/03/08 12:0 a.m.88 views

Possible code injection vulnerability in Rails / Active Storage

There is a possible code injection vulnerability in the Active Storage module of Rails. This vulnerability has been assigned the CVE identifier CVE-2022-21831. Versions Affected: = 5.2.0 Not affected: params:v % Where the transformation method or its arguments are untrusted arbitrary input. All...

9.8CVSS1.7AI score0.02742EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2022/03/03 12:0 a.m.28 views

Integer overflow in cmark-gfm table parsing extension leads to heap memory corruption

Impact CommonMarker uses cmark-gfm for rendering Github Flavored Markdown. An integer overflow in cmark-gfm's table row parsing may lead to heap memory corruption when parsing tables who's marker rows contain more than UINT16MAX columns. The impact of this heap corruption ranges from Information...

9.8CVSS7.1AI score0.0145EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2022/03/02 12:0 a.m.19 views

XSS via `translate` method of `ViewComponent::Translatable` in view_component gem

This is an XSS vulnerability that has the potential to impact anyone using translations with the viewcomponent gem. Data received via user input and passed as an interpolation argument to the translate method is not properly sanitized before display. Versions 2.31.2 and 2.49.1 have been released...

8.1CVSS3.9AI score0.01075EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2022/03/01 12:0 a.m.35 views

Remote shell execution vulnerability when applying commands from user input

Impact When using the apply method from imageprocessing to apply a series of operations that are coming from unsanitized user input, this allows the attacker to execute shell commands: rb ImageProcessing::Vips.apply system: "echo EXECUTED" EXECUTED This method is called internally by Active Stora...

10CVSS7.1AI score0.02595EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2022/02/24 12:0 a.m.43 views

CVE-2022-25857 jruby/psych/snakeyaml: Denial of Service (DoS) due missing to nested depth limitation for collections

The package org.yaml:snakeyaml from 0 and before 1.31 are vulnerable to Denial of Service DoS due missing to nested depth limitation for collections. This package is bundled into Psych which is in turn bundled into jruby...

7.5CVSS7.6AI score0.02191EPSS
Exploits2References1Affected Software1
RubySec
RubySec
added 2022/02/23 12:0 a.m.16 views

Out-of-bounds Read in mruby/mruby

Out-of-bounds Read in GitHub repository mruby/mruby prior to 3.2...

9.1CVSS6.9AI score0.00921EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2022/02/21 12:0 a.m.388 views

Update packaged libxml2 (2.9.12 → 2.9.13) and libxslt (1.1.34 → 1.1.35)

Summary Nokogiri v1.13.2 upgrades two of its packaged dependencies: vendored libxml2 from v2.9.12 to v2.9.13 vendored libxslt from v1.1.34 to v1.1.35 Those library versions address the following upstream CVEs: libxslt: CVE-2021-30560 CVSS 8.8, High severity libxml2: CVE-2022-23308 Unspecified...

8.8CVSS1AI score0.21623EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2022/02/19 12:0 a.m.16 views

NULL Pointer Dereference in mruby/mruby

NULL Pointer Dereference in Homebrew mruby prior to 3.2...

5.5CVSS6.8AI score0.00813EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2022/02/19 12:0 a.m.17 views

Out-of-bounds Read in mruby/mruby

Out-of-bounds Read in Homebrew mruby prior to 3.2...

7.1CVSS6.8AI score0.00992EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2022/02/18 12:0 a.m.16 views

Heap-based Buffer Overflow in mruby/mruby

Heap-based Buffer Overflow in Homebrew mruby prior to 3.2...

9.8CVSS6.9AI score0.00922EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2022/02/17 12:0 a.m.16 views

Out-of-bounds Read in mruby/mruby

Out-of-bounds Read in Homebrew mruby prior to 3.2...

9.1CVSS6.8AI score0.01637EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2022/02/16 12:0 a.m.19 views

Use of Out-of-range Pointer Offset in mruby/mruby

Use of Out-of-range Pointer Offset in Homebrew mruby prior to 3.2...

8.4CVSS6.9AI score0.00914EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2022/02/15 12:0 a.m.43 views

Hub Package Arbitrary File Overwrite

The am function in lib/hub/commands.rb in hub before 1.12.1 allows local users to overwrite arbitrary files via a symlink attack on a temporary patch file...

3.6CVSS6.8AI score0.00387EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2022/02/14 12:0 a.m.14 views

Heap-based Buffer Overflow in mruby/mruby

Heap-based Buffer Overflow in Homebrew mruby prior to 3.2...

9.8CVSS6.9AI score0.01243EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2022/02/11 12:0 a.m.36 views

Information Exposure with Puma when used with Rails

Impact Prior to puma version 5.6.2, puma may not always call close on the response body. Rails, prior to version 7.0.2.2, depended on the response body being closed in order for its CurrentAttributes implementation to work correctly. From Rails: Under certain circumstances response bodies will no...

8CVSS6.4AI score0.02124EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2022/02/11 12:0 a.m.42 views

Possible exposure of information vulnerability in Action Pack

Impact Under certain circumstances response bodies will not be closed, for example a bug in a webserver https://github.com/puma/puma/pull/2812 or a bug in a Rack middleware. In the event a response is not notified of a close, ActionDispatch::Executor will not know to reset thread local state for...

7.4CVSS6.5AI score0.02226EPSS
Exploits0References1Affected Software1
Total number of security vulnerabilities1255