Lucene search
+L
RubygemsRecent

1255 matches found

RubySec
RubySec
added 2022/02/09 12:0 a.m.11 views

Business Logic Errors in Publify

Publify formerly known as Typo prior to version 9.2.7 is vulnerable to business logic errors...

7.5CVSS3.6AI score0.01567EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2022/02/09 12:0 a.m.17 views

Out-of-bounds Read in mruby/mruby

Out-of-bounds Read in Homebrew mruby prior to 3.2...

9.1CVSS6.8AI score0.01153EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2022/02/04 12:0 a.m.22 views

NULL Pointer Dereference in mruby/mruby

NULL Pointer Dereference in Homebrew mruby prior to 3.2...

7.8CVSS6.8AI score0.00918EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2022/01/27 12:0 a.m.29 views

Denial of service in sidekiq

In api.rb in Sidekiq before 5.2.10 and 6.4.0, there is no limit on the number of days when requesting stats for the graph. This overloads the system, affecting the Web UI, and makes it unavailable to users...

7.5CVSS3.8AI score0.05258EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2022/01/21 12:0 a.m.17 views

NULL Pointer Dereference in mruby/mruby

NULL Pointer Dereference in Homebrew mruby prior to 3.2...

5.5CVSS6.8AI score0.0081EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2022/01/17 12:0 a.m.16 views

NULL Pointer Dereference in mruby/mruby

mruby is vulnerable to NULL Pointer Dereference...

7.5CVSS6.9AI score0.00963EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2022/01/14 12:0 a.m.5 views

An untrusted pointer dereference in mrb_vm_exec() of mruby 3.0.0

An untrusted pointer dereference in mrbvmexec of mruby v3.0.0 can lead to a segmentation fault or application crash. PATCH INFO - Mruby 5613 described the issue and Matz cited 5619 and 5620 as "been addressed" on 2/16/2022. - Found the 5619 commit on 12/31/2021 in 3.1.0-rc release. - Found the 56...

7.5CVSS5.9AI score0.01037EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2022/01/07 12:0 a.m.28 views

A potential Denial of Service issue in protobuf-java

Summary A potential Denial of Service issue in protobuf-java was discovered in the parsing procedure for binary data. Affected versions: All versions of Java Protobufs including Kotlin and JRuby prior to the versions listed below. Protobuf "javalite" users typically Android are not affected...

7.5CVSS6.6AI score0.01655EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2022/01/06 12:0 a.m.8 views

Regular Expression Denial of Service (ReDoS) in lodash

All versions of package lodash prior to 4.17.21 are vulnerable to Regular Expression Denial of Service ReDoS via the toNumber, trim and trimEnd functions. Steps to reproduce provided by reporter Liyuan Chen: var lo = require'lodash'; function buildblankn var ret = "1" for var i = 0; i n; i++ ret ...

5.3CVSS7AI score0.07336EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2022/01/06 12:0 a.m.17 views

CSRF forgery protection bypass in solidus_frontend

Impact CSRF vulnerability that allows a malicious site to add an item to the user's cart without their knowledge. All solidusfrontend versions are affected. If you're using your own storefront, please, follow along to make sure you're not affected. To reproduce the issue: - Pick the id for a...

5.3CVSS5.1AI score0.00575EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2022/01/02 12:0 a.m.13 views

Heap-based Buffer Overflow in mruby/mruby

mruby is vulnerable to Heap-based Buffer Overflow...

9.8CVSS6.9AI score0.0141EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2021/12/30 12:0 a.m.16 views

NULL Pointer Dereference in mruby/mruby

mruby is vulnerable to NULL Pointer Dereference...

7.5CVSS6.9AI score0.00856EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2021/12/17 12:0 a.m.18 views

Path traversal when MessageBus::Diagnostics is enabled

Impact Users who deployed message bus with diagnostics features enabled default off were vulnerable to a path traversal bug, which could lead to disclosure of secret information on a machine if an unintended user were to gain access to the diagnostic route. The impact is also greater if there is ...

6.5CVSS7AI score0.01869EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2021/12/15 12:0 a.m.26 views

NULL Pointer Dereference in mruby/mruby

mruby is vulnerable to NULL Pointer Dereference...

9.1CVSS6.9AI score0.01621EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2021/12/14 12:0 a.m.36 views

Possible Open Redirect in Host Authorization Middleware

There is a possible open redirect vulnerability in the Host Authorization middleware in Action Pack. Specially crafted "X-Forwarded-Host" headers in combination with certain "allowed host" formats can cause the Host Authorization middleware in Action Pack to redirect users to a malicious website...

6.1CVSS6.4AI score0.04182EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2021/12/08 12:0 a.m.36 views

Local Code Execution through Argument Injection via dash leading git url parameter in Gemfile

In bundler versions before 2.2.33, when working with untrusted and apparently harmless Gemfile's, it is not expected that they lead to execution of external code, unless that's explicit in the ruby code inside the Gemfile itself. However, if the Gemfile includes gem entries that use the git optio...

9.3CVSS8AI score0.02796EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2021/12/08 12:0 a.m.34 views

Improper Privilege Management in devise_masquerade

The devisemasquerade gem before 1.3 allows certain attacks when a password's salt is unknown. An application that uses this gem to let administrators masquerade/impersonate users loses one layer of security protection compared to a situation where Devise without this extension is used. If the...

8.1CVSS2.5AI score0.0121EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2021/12/07 12:0 a.m.20 views

ReDos vulnerability on guest checkout email validation

Impact Denial of service vulnerability that could be exploited during a guest checkout. The regular expression used to validate a guest order's email was subject to exponential backtracking through a fragment like a.a.. Before the patch, it can be reproduced in the console like this: ruby irbmain...

7.5CVSS1.6AI score0.01403EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2021/12/02 12:0 a.m.25 views

Silent Configuration Failure in Puppet Agent

A flaw was discovered in Puppet Agent where the agent may silently ignore Augeas settings or may be vulnerable to a Denial of Service condition prior to the first 'pluginsync'...

6.5CVSS3.3AI score0.01149EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2021/12/02 12:0 a.m.53 views

Unsafe HTTP Redirect in Puppet Agent and Puppet Server

A flaw was discovered in Puppet Agent and Puppet Server that may result in a leak of HTTP credentials when following HTTP redirects to a different host. This is similar to CVE-2018-1000007...

9.8CVSS0.3AI score0.01328EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2021/11/24 12:0 a.m.67 views

Cookie Prefix Spoofing in CGI::Cookie.parse

The old versions of CGI::Cookie.parse applied URL decoding to cookie names. An attacker could exploit this vulnerability to spoof security prefixes in cookie names, which may be able to trick a vulnerable application. By this fix, CGI::Cookie.parse no longer decodes cookie names. Note that this i...

7.5CVSS6.3AI score0.02931EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2021/11/24 12:0 a.m.28 views

Buffer Overrun in CGI.escape_html

A security vulnerability that causes buffer overflow when you pass a very large string 700 MB to CGI.escapehtml on a platform where long type takes 4 bytes, typically, Windows. Please update the cgi gem to version 0.3.1, 0.2.1, and 0.1.1 or later. You can use gem update cgi to update it. If you a...

9.8CVSS7.2AI score0.04766EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2021/11/18 12:0 a.m.29 views

Authentication Bypass by CSRF Weakness

Impact CSRF vulnerability that allows user account takeover. All applications using any version of the frontend component of spreeauthdevise are affected if protectfromforgery method is both: Executed whether as: A beforeaction callback the default A prependbeforeaction option prepend: true given...

9.3CVSS6.7AI score0.0052EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2021/11/18 12:0 a.m.28 views

Authentication Bypass by CSRF Weakness

Impact CSRF vulnerability that allows user account takeover. All applications using any version of the frontend component of solidusauthdevise are affected if protectfromforgery method is both: - Executed whether as: - A beforeaction callback the default - A prependbeforeaction option prepend: tr...

9.3CVSS6.7AI score0.00609EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2021/11/17 12:0 a.m.4 views

Advanced Content Filter (ACF) vulnerability allowing to execute JavaScript code using malformed HTML

Affected packages The vulnerability has been discovered in the Advanced Content Filter ACF module and may affect all plugins used by CKEditor 4. Impact A potential vulnerability has been discovered in CKEditor 4 Advanced Content Filter ACF core module. The vulnerability allowed to inject malforme...

8.2CVSS6.9AI score0.01257EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2021/11/17 12:0 a.m.6 views

HTML comments vulnerability allowing to execute JavaScript code

Affected packages The vulnerability has been discovered in the core HTML processing module and may affect all plugins used by CKEditor 4. Impact A potential vulnerability has been discovered in CKEditor 4 HTML processing core module. The vulnerability allowed to inject malformed comments HTML...

8.2CVSS6.9AI score0.0147EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2021/11/15 12:0 a.m.25 views

Regular Expression Denial of Service Vulnerability of Date Parsing Methods

Date's parsing methods including Date.parse are using Regexps internally, some of which are vulnerable against regular expression denial of service. Applications and libraries that apply such methods to untrusted input may be affected. The fix limits the input length up to 128 bytes by default...

7.5CVSS6.7AI score0.03222EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2021/11/15 12:0 a.m.20 views

Secure/signed cookies share secrets between sites in a multi-site application

Impact This vulnerability impacts any Rails applications using railsmultisite alongside Rails' signed/encrypted cookies. Depending on how the application makes use of these cookies, it may be possible for an attacker to re-use cookies on different 'sites' within a multi-site Rails application...

8.8CVSS6.8AI score0.00608EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2021/11/03 12:0 a.m.14 views

Improper Authorization in Publify

In Publify, 9.0.0.pre1 to 9.2.4 are vulnerable to Improper Access Control. guest role users can self-register even when the admin does not allow. This happens due to front-end restriction only...

6.8AI score0.008EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2021/11/03 12:0 a.m.20 views

Improper Authorization in Publify

In Publify, 9.0.0.pre1 to 9.2.4 are vulnerable to Improper Access Control. guest role users can self-register even when the admin does not allow. This happens due to front-end restriction only...

6.5CVSS4.1AI score0.008EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2021/11/01 12:0 a.m.20 views

ReDoS vulnerability in parser_apache2

Impact parserapache2 plugin in Fluentd v0.14.14 to v1.14.1 suffers from a regular expression denial of service ReDoS vulnerability. A broken apache log with a certain pattern of string can spend too much time in a regular expression, resulting in the potential for a DoS attack. Patches v1.14.2...

7.5CVSS6.7AI score0.02004EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2021/10/26 12:0 a.m.22 views

XSS in `*Text` options of the Datepicker widget in jquery-ui

Impact Accepting the value of various Text options of the Datepicker widget from untrusted sources may execute untrusted code. For example, initializing the datepicker in the following way: js $"datepicker".datepicker showButtonPanel: true, showOn: "both", closeText: "doEvilThing'closeText XSS'",...

6.5CVSS6.8AI score0.07948EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2021/10/26 12:0 a.m.38 views

XSS in the `of` option of the `.position()` util in jquery-ui

Impact Accepting the value of the of option of the .position util from untrusted sources may execute untrusted code. For example, invoking the following code: js $"element".position my: "left top", at: "right bottom", of: "", collision: "none" ; will call the doEvilThing function. Patches The iss...

6.5CVSS6.8AI score0.44515EPSS
Exploits2References1Affected Software1
RubySec
RubySec
added 2021/10/26 12:0 a.m.17 views

XSS in the `altField` option of the Datepicker widget in jquery-ui

Impact Accepting the value of the altField option of the Datepicker widget from untrusted sources may execute untrusted code. For example, initializing the datepicker in the following way: js $"datepicker".datepicker altField: "", ; will call the doEvilThing function. Patches The issue is fixed i...

6.5CVSS6.8AI score0.42229EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2021/10/13 12:0 a.m.5 views

Inclusion of Functionality from Untrusted Control Sphere in CKEditor 4

It was possible to execute a ReDoS-type attack inside CKEditor 4 before 4.16 by persuading a victim to paste crafted URL-like text into the editor, and then press Enter or Space in the Autolink plugin...

6.5CVSS7.2AI score0.02223EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2021/10/12 12:0 a.m.34 views

Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') in puma

Impact Prior to puma version 5.5.0, using puma with a proxy which forwards LF characters as line endings could allow HTTP request smuggling. A client could smuggle a request through a proxy, causing the proxy to send a response back to another unknown client. This behavior forwarding LF character...

3.7CVSS6.8AI score0.01119EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2021/10/06 12:0 a.m.20 views

Remote code execution in ruby-jss

The Pixar ruby-jss gem before 1.6.0 allows remote attackers to execute arbitrary code because of the Plist gem's documented behavior of using Marshal.load during XML document processing...

9.8CVSS7.3AI score0.02603EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2021/10/06 12:0 a.m.16 views

Cross-site Scripting in Sidekiq

Sidekiq through 5.1.3 and 6.x through 6.2.0 allows XSS via the queue name of the live-poll feature when Internet Explorer is used...

6.1CVSS2.9AI score0.04158EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2021/09/27 12:0 a.m.21 views

Improper Restriction of XML External Entity Reference (XXE) in Nokogiri on JRuby

Severity The Nokogiri maintainers have evaluated this as High Severity 7.5 CVSS3.0 for JRuby users. This security advisory does not apply to CRuby users. Impact In Nokogiri v1.12.4 and earlier, on JRuby only, the SAX parser resolves external entities by default. Users of Nokogiri on JRuby who par...

7.5CVSS6.9AI score0.01374EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2021/09/13 12:0 a.m.27 views

Open Redirect in clearance

This affects the package clearance before 2.5.0. The vulnerability can be possible when users are able to set the value of session:returnto. If the value used for returnto contains multiple leading slashes /////example.com the user ends up being redirected to the external domain that comes after...

7.6CVSS1.1AI score0.00697EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2021/09/07 12:0 a.m.18 views

Older releases of better_errors open to Cross-Site Request Forgery attack

Impact bettererrors prior to 2.8.0 did not implement CSRF protection for its internal requests. It also did not enforce the correct "Content-Type" header for these requests, which allowed a cross-origin "simple request" to be made without CORS protection. These together left an application with...

8.8CVSS0.8AI score0.00636EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2021/08/23 12:0 a.m.5 views

Fake objects feature vulnerability allowing to execute JavaScript code using malformed HTML.

Affected packages The vulnerability has been discovered in Fake Objects plugin. All plugins with Fake Objects plugin dependency are affected: Fake Objects Link Flash Iframe Forms Page Break Impact A potential vulnerability has been discovered in CKEditor 4 Fake Objects package. The vulnerability...

7.3CVSS7AI score0.01324EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2021/08/23 12:0 a.m.6 views

Widget feature vulnerability allowing to execute JavaScript code using undo functionality

Affected packages The vulnerability has been discovered in Widget plugin if used alongside Undo feature. Impact A potential vulnerability has been discovered in CKEditor 4 Widget package. The vulnerability allowed to abuse undo functionality using malformed widget HTML, which could result in...

7.6CVSS7AI score0.01192EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2021/08/23 12:0 a.m.7 views

Clipboard feature vulnerability allowing to inject arbitrary HTML into the editor using paste functionality

Affected packages The vulnerability has been discovered in clipboard plugin. All plugins with clipboard plugin dependency are affected: clipboard pastetext pastetools widget uploadwidget autolink tableselection Impact A potential vulnerability has been discovered in CKEditor 4 Clipboard package...

5.4CVSS7AI score0.01188EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2021/08/19 12:0 a.m.35 views

Possible Open Redirect in Host Authorization Middleware

There is a possible open redirect vulnerability in the Host Authorization middleware in Action Pack. This vulnerability has been assigned the CVE identifier CVE-2021-22942. Versions Affected: = 6.0.0. Not affected: 6.0.0 Fixed Versions: 6.1.4.1, 6.0.4.1 Impact ------ Specially crafted...

6.1CVSS3.5AI score0.0164EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2021/08/02 12:0 a.m.35 views

XSS in qiita-markdown

Increments Qiita::Markdown before 0.34.0 allows XSS via a crafted gist link, a different vulnerability than CVE-2021-28796...

6.1CVSS3.8AI score0.00774EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2021/08/02 12:0 a.m.17 views

Cross-Site Scripting in Qiita::Markdown

Increments Qiita::Markdown before 0.33.0 allows XSS in transformers...

6.1CVSS6.3AI score0.00774EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2021/08/01 12:0 a.m.9 views

imap - StartTLS stripping attack

An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. Net::IMAP does not raise an exception when StartTLS fails with an an unknown response, which might allow man-in-the-middle attackers to bypass the TLS protections by leveraging a network position between th...

7.4CVSS7AI score0.02909EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2021/07/13 12:0 a.m.7 views

Trusting FTP PASV responses vulnerability in Net::FTP

A malicious FTP server can use the PASV response to trick Net::FTP into connecting back to a given IP address and port. This potentially makes curl extract information about services that are otherwise private and not disclosed e.g., the attacker can conduct port scans and service banner...

5.8CVSS7AI score0.0305EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2021/07/13 12:0 a.m.6 views

Trusting FTP PASV responses vulnerability in Net::FTP

An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. A malicious FTP server can use the PASV response to trick Net::FTP into connecting back to a given IP address and port. This potentially makes curl extract information about services that are otherwise...

5.8CVSS7AI score0.0305EPSS
Exploits1References1Affected Software1
Total number of security vulnerabilities1255