Lucene search
K
RubygemsRecent

1230 matches found

RubySec
RubySec
added 2012/09/25 12:0 a.m.22 views

CVE-2012-2125 CVE-2012-2126 rubygems: Two security fixes in v1.8.23

RubyGems before 1.8.23 can redirect HTTPS connections to HTTP, which makes it easier for remote attackers to observe or modify a gem during installation via a man-in-the-middle attack...

5.8CVSS6.2AI score0.02477EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2012/09/08 12:0 a.m.23 views

Ruby on Rails omniauth-oauth2 Gem CSRF vulnerability

The omniauth-oauth2 Ruby Gem contains a flaw that allows an attacker to inject values into a user's session through a CSRF attack...

6.8CVSS6.8AI score0.01196EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2012/08/09 12:0 a.m.45 views

CVE-2012-3464 rubygem-actionpack: potential XSS vulnerability

Cross-site scripting XSS vulnerability in activesupport/lib/activesupport/coreext/string/outputsafety.rb in Ruby on Rails before 3.0.17, 3.1.x before 3.1.8, and 3.2.x before 3.2.8 might allow remote attackers to inject arbitrary web script or HTML via vectors involving a ' quote character...

4.3CVSS4AI score0.02568EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2012/08/09 12:0 a.m.38 views

CVE-2012-3465 rubygem-actionpack: XSS Vulnerability in strip_tags

Cross-site scripting XSS vulnerability in actionpack/lib/actionview/helpers/sanitizehelper.rb in the striptags helper in Ruby on Rails before 3.0.17, 3.1.x before 3.1.8, and 3.2.x before 3.2.8 allows remote attackers to inject arbitrary web script or HTML via malformed HTML markup...

4.3CVSS4AI score0.01977EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2012/08/09 12:0 a.m.48 views

CVE-2012-3463 rubygem-actionpack: potential XSS vulnerability in select_tag prompt

Cross-site scripting XSS vulnerability in actionpack/lib/actionview/helpers/formtaghelper.rb in Ruby on Rails 3.x before 3.0.17, 3.1.x before 3.1.8, and 3.2.x before 3.2.8 allows remote attackers to inject arbitrary web script or HTML via the prompt field to the selecttag helper...

4.3CVSS4.1AI score0.01306EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2012/08/08 12:0 a.m.15 views

Chef Improper Access Control Vulnerability

chef-server-api/app/controllers/users.rb in the API in Chef before 0.9.0 does not require administrative privileges for the create, destroy, and update methods, which allows remote authenticated users to manage user accounts via requests to the /users URI...

6.5CVSS7.3AI score0.01614EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2012/07/26 12:0 a.m.26 views

CVE-2012-3424 rubygem-actionpack: DoS vulnerability in authenticate_or_request_with_http_digest

The decodecredentials method in actionpack/lib/actioncontroller/metal/httpauthentication.rb in Ruby on Rails 3.x before 3.0.16, 3.1.x before 3.1.7, and 3.2.x before 3.2.7 converts Digest Authentication strings to symbols, which allows remote attackers to cause a denial of service by leveraging...

5CVSS5.3AI score0.01905EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2012/06/08 12:0 a.m.30 views

CVE-2012-6685 rubygem-nokogiri: XML eXternal Entity (XXE) flaw

Nokogiri before 1.5.4 is vulnerable to XXE attacks...

7.5CVSS2.4AI score0.02115EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2012/06/06 12:0 a.m.14 views

rack-cache Rubygem Sensitive HTTP Header Caching Weakness

Rack::Cache rack-cache contains a flaw related to the rubygem caching sensitive HTTP headers. This will result in a weakness that may make it easier for an attacker to gain access to a user's session via a specially crafted header...

7.5CVSS2.4AI score0.02359EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2012/05/31 12:0 a.m.56 views

CVE-2012-2661 rubygem-activerecord: SQL injection when processing nested query paramaters

The Active Record component in Ruby on Rails 3.0.x before 3.0.13, 3.1.x before 3.1.5, and 3.2.x before 3.2.4 does not properly implement the passing of request data to a where method in an ActiveRecord class, which allows remote attackers to conduct certain SQL injection attacks via nested query...

5CVSS5.3AI score0.04174EPSS
Exploits2References1Affected Software1
RubySec
RubySec
added 2012/05/31 12:0 a.m.44 views

CVE-2012-2660 rubygem-actionpack: Unsafe query generation

actionpack/lib/actiondispatch/http/request.rb in Ruby on Rails before 3.0.13, 3.1.x before 3.1.5, and 3.2.x before 3.2.4 does not properly consider differences in parameter handling between the Active Record component and the Rack interface, which allows remote attackers to bypass intended...

6.4CVSS7.2AI score0.046EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2012/05/29 12:0 a.m.28 views

Puppet Privilege Escallation

The changeuser method in the SUIDManager lib/puppet/util/suidmanager.rb in Puppet 2.6.x before 2.6.14 and 2.7.x before 2.7.11, and Puppet Enterprise PE Users 1.0, 1.1, 1.2.x, 2.0.x before 2.0.3 does not properly manage group privileges, which allows local users to gain privileges via vectors...

6.9CVSS6.9AI score0.00384EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2012/05/29 12:0 a.m.22 views

Puppet uses predictable filenames, allowing arbitrary file overwrite

Puppet 2.6.x before 2.6.15 and 2.7.x before 2.7.13, and Puppet Enterprise PE Users 1.0, 1.1, 1.2.x, 2.0.x, and 2.5.x before 2.5.1 uses predictable file names when installing Mac OS X packages from a remote source, which allows local users to overwrite arbitrary files or install arbitrary packages...

3.3CVSS6.9AI score0.0035EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2012/05/04 12:0 a.m.23 views

CVE-2012-6109 rubygem-rack: parsing Content-Disposition header DoS

lib/rack/multipart.rb in Rack before 1.1.4, 1.2.x before 1.2.6, 1.3.x before 1.3.7, and 1.4.x before 1.4.2 uses an incorrect regular expression, which allows remote attackers to cause a denial of service infinite loop via a crafted Content-Disposion header...

4.3CVSS5.6AI score0.02717EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2012/04/20 12:0 a.m.27 views

CVE-2012-2125 CVE-2012-2126 rubygems: Two security fixes in v1.8.23

RubyGems before 1.8.23 does not verify an SSL certificate, which allows remote attackers to modify a gem during installation via a man-in-the-middle attack...

5.8CVSS6AI score0.02477EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2012/03/14 12:0 a.m.13 views

CVE-2012-2140 rubygem-mail: arbitrary command execution when using exim or sendmail from commandline

The Mail gem before 2.4.3 for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a 1 sendmail or 2 exim delivery...

7.5CVSS8.1AI score0.04466EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2012/03/14 12:0 a.m.15 views

CVE-2012-2139 rubygem-mail: directory traversal

Directory traversal vulnerability in lib/mail/network/deliverymethods/filedelivery.rb in the Mail gem before 2.4.4 for Ruby allows remote attackers to read arbitrary files via a .. dot dot in the to parameter...

5CVSS5.2AI score0.04923EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2012/03/01 12:0 a.m.36 views

CVE-2012-1099 rubygem-actionpack: XSS in the "select" helper

Cross-site scripting XSS vulnerability in actionpack/lib/actionview/helpers/formoptionshelper.rb in the select helper in Ruby on Rails 3.0.x before 3.0.12, 3.1.x before 3.1.4, and 3.2.x before 3.2.2 allows remote attackers to inject arbitrary web script or HTML via vectors involving certain...

4.3CVSS5.3AI score0.02504EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2012/03/01 12:0 a.m.38 views

CVE-2012-1098 rubygem-activesupport: XSS in SafeBuffer#[] (unescaped safe buffers can be marked as safe)

Cross-site scripting XSS vulnerability in Ruby on Rails 3.0.x before 3.0.12, 3.1.x before 3.1.4, and 3.2.x before 3.2.2 allows remote attackers to inject arbitrary web script or HTML via vectors involving a SafeBuffer object that is manipulated through certain methods...

4.3CVSS4AI score0.02137EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2012/02/29 12:0 a.m.26 views

CVE-2012-6684 rubygem-RedCloth: XSS vulnerability

Cross-site scripting XSS vulnerability in the RedCloth library 4.2.9 for Ruby and earlier allows remote attackers to inject arbitrary web script or HTML via a javascript: URI...

4.3CVSS8AI score0.02253EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2012/02/01 12:0 a.m.20 views

Phusion Passenger Gem for Ruby Arbitrary File Deletion

Phusion Passenger Gem for Ruby contains a flaw that is triggered during application startup. This issue may allow a local attacker to delete arbitrary files via an application process. If the program has completed the start up process this vulnerability is no longer exploitable...

7.5CVSS3.4AI score0.02308EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2011/12/28 12:0 a.m.24 views

CVE-2011-4815 ruby: hash table collisions CPU usage DoS (oCERT-2011-003)

Ruby aka CRuby before 1.8.7-p357 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service CPU consumption via crafted input to an application that maintains a hash table...

7.8CVSS6.1AI score0.04246EPSS
Exploits2References1Affected Software1
RubySec
RubySec
added 2011/12/28 12:0 a.m.27 views

CVE-2011-5036 rubygem-rack: hash table collisions DoS (oCERT-2011-003)

Rack before 1.1.3, 1.2.x before 1.2.5, and 1.3.x before 1.3.6 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service CPU consumption by sending many crafted parameters...

5CVSS4.8AI score0.04016EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2011/12/27 12:0 a.m.29 views

CVE-2011-4838 jruby: hash table collisions DoS (oCERT-2011-003)

JRuby before 1.6.5.1 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service CPU consumption via crafted input to an application that maintains a hash table...

5CVSS6.1AI score0.0436EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2011/10/27 12:0 a.m.14 views

Puppet uses predictable filenames, allowing arbitrary file overwrite

Puppet 2.7.x before 2.7.5, 2.6.x before 2.6.11, and 0.25.x, when running in --edit mode, uses a predictable file name, which allows local users to run arbitrary Puppet code or trick a user into editing arbitrary files...

6.2CVSS7.2AI score0.00338EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2011/10/27 12:0 a.m.23 views

Puppet allows local users to modify the permissions of arbitrary files

Puppet 2.7.x before 2.7.5, 2.6.x before 2.6.11, and 0.25.x allows local users to modify the permissions of arbitrary files via a symlink attack on the SSH authorizedkeys file...

6.3CVSS6.8AI score0.00352EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2011/10/05 12:0 a.m.5 views

Remote Command Execution in Spree search functionality

Spree versions prior to 0.60.2 contain a remote command execution vulnerability in the search functionality. The application fails to properly sanitize input passed via the search:send parameter, which is dynamically invoked using Ruby’s send method. This allows attackers to execute arbitrary she...

10CVSS6AI score0.03818EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2011/09/01 12:0 a.m.23 views

jQuery vulnerable to Cross-Site Scripting (XSS)

Cross-site scripting XSS vulnerability in jQuery before 1.6.3, when using location.hash to select elements, allows remote attackers to inject arbitrary web script or HTML via a crafted tag...

4.3CVSS5.8AI score0.19191EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2011/08/31 12:0 a.m.45 views

CVE-2011-3389 HTTPS: block-wise chosen-plaintext attack against SSL/TLS (BEAST)

The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HT...

7AI score0.73327EPSS
Exploits4References1Affected Software1
RubySec
RubySec
added 2011/08/16 12:0 a.m.22 views

Response Splitting Vulnerability in Ruby on Rails

A response splitting flaw in Ruby on Rails 2.3.x was reported that could allow a remote attacker to inject arbitrary HTTP headers into a response due to insufficient sanitization of the values provided for response content types...

4.3CVSS3.1AI score0.01748EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2011/07/02 12:0 a.m.32 views

Ruby Random Number Generation Local Denial Of Service Vulnerability

The SecureRandom.randombytes function in lib/securerandom.rb in Ruby before 1.8.7-p352 and 1.9.x before 1.9.2-p290 relies on PID values for initialization, which makes it easier for context-dependent attackers to predict the result string by leveraging knowledge of random strings obtained in an...

5CVSS4.8AI score0.0195EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2011/07/02 12:0 a.m.52 views

Ruby Properly initialize the random number generator when forking new process

Ruby before 1.8.6-p114 does not reset the random seed upon forking, which makes it easier for context-dependent attackers to predict the values of random numbers by leveraging knowledge of the number sequence obtained in a different child process, a related issue to CVE-2003-0900...

5CVSS4.3AI score0.02088EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2011/07/02 12:0 a.m.29 views

Ruby Random Number Generation Local Denial Of Service Vulnerability

Ruby before 1.8.7-p352 does not reset the random seed upon forking, which makes it easier for context-dependent attackers to predict the values of random numbers by leveraging knowledge of the number sequence obtained in a different child process, a related issue to CVE-2003-0900. NOTE: this issu...

5CVSS4.2AI score0.02582EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2011/05/13 12:0 a.m.21 views

rubygem-sqlite3 gem uses weak file permissions

The sqlite3-ruby gem in the rubygem-sqlite3 package before 1.2.4-0.5.1 in SUSE Linux Enterprise SLE 11 SP1 uses weak permissions for unspecified files, which allows local users to gain privileges via unknown vectors...

2.1CVSS6.9AI score0.00378EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2011/03/01 12:0 a.m.24 views

Ruby memory corruption in BigDecimal on 64bit platforms

The VpMemAlloc function in bigdecimal.c in the BigDecimal class in Ruby 1.9.2-p136 and earlier, as used on Apple Mac OS X before 10.6.7 and other platforms, does not properly allocate memory, which allows context-dependent attackers to execute arbitrary code or cause a denial of service applicati...

6.8CVSS6.2AI score0.03025EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2011/02/19 12:0 a.m.62 views

CVE-2011-1004 Ruby: Symlink race condition by removing directory trees in fileutils module

The FileUtils.removeentrysecure method in Ruby 1.8.6 through 1.8.6-420, 1.8.7 through 1.8.7-330, 1.8.8dev, 1.9.1 through 1.9.1-430, 1.9.2 through 1.9.2-136, and 1.9.3dev allows local users to delete arbitrary files via a symlink attack...

6.3CVSS6.2AI score0.00385EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2011/02/18 12:0 a.m.30 views

CVE-2011-1005 Ruby: Untrusted codes able to modify arbitrary strings

The safe-level feature in Ruby 1.8.6 through 1.8.6-420, 1.8.7 through 1.8.7-330, and 1.8.8dev allows context-dependent attackers to modify strings via the Exceptiontos method, as demonstrated by changing an intended pathname...

5CVSS6.4AI score0.02772EPSS
Exploits2References1Affected Software1
RubySec
RubySec
added 2011/02/10 12:0 a.m.5 views

Remote Command Execution in Spree search functionality

Spree versions prior to 0.60.2 contain a remote command execution vulnerability in the search functionality. The application fails to properly sanitize input passed via the search:send parameter, which is dynamically invoked using Ruby’s send method. This allows attackers to execute arbitrary she...

10CVSS7.9AI score0.03818EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2011/01/25 12:0 a.m.20 views

Mail Gem for Ruby lib/mail/network/delivery_methods/sendmail.rb Email From: Address Arbitrary Shell Command Injection

Mail Gem for Ruby contains a flaw related to the failure to properly sanitise input passed from an email from address in the 'deliver' function in 'lib/mail/network/deliverymethods/sendmail.rb' before being used as a command line argument. This may allow a remote attacker to inject arbitrary shel...

6.8CVSS3.2AI score0.02706EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2010/11/02 12:0 a.m.21 views

Spree Multiple Script JSON Request Validation Weakness Remote Information Disclosure

Spree contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when the application exchanges data using the JSON service without validating requests, which will disclose sensitive user and order information to a context-dependent attacker when a logged-in...

5CVSS1.6AI score0.02534EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2010/07/02 12:0 a.m.20 views

Ruby on Windows ARGF.inplace_mode Variable Local Overflow

Buffer overflow in Ruby 1.9.x before 1.9.1-p429 on Windows might allow local users to gain privileges via a crafted ARGF.inplacemode value that is not properly handled when constructing the filenames of the backup files...

7.2CVSS7.1AI score0.00406EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2010/06/15 12:0 a.m.31 views

CVE-2010-0541 Ruby WEBrick javascript injection flaw

Cross-site scripting XSS vulnerability in the WEBrick HTTP server in Ruby in Apple Mac OS X 10.5.8, and 10.6 before 10.6.4, allows remote attackers to inject arbitrary web script or HTML via a crafted URI that triggers a UTF-7 error page...

4.3CVSS5.3AI score0.02814EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2010/04/26 12:0 a.m.22 views

CVE-2010-1330 jruby: XSS in the regular expression engine when processing invalid UTF-8 byte sequences

The regular expression engine in JRuby before 1.4.1, when $KCODE is set to 'u', does not properly handle characters immediately after a UTF-8 character, which allows remote attackers to conduct cross-site scripting XSS attacks via a crafted string...

4.3CVSS5.5AI score0.02218EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2010/01/10 12:0 a.m.30 views

CVE-2009-4492 ruby WEBrick log escape sequence

WEBrick 1.3.1 in Ruby 1.8.6 through patchlevel 383, 1.8.7 through patchlevel 248, 1.8.8dev, 1.9.1 through patchlevel 376, and 1.9.2dev writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrar...

7.5CVSS7.4AI score0.15684EPSS
Exploits2References1Affected Software1
RubySec
RubySec
added 2009/12/07 12:0 a.m.22 views

CVE-2009-4124 ruby: Heap-based buffer overflow in the rb_str_justify() function

Heap-based buffer overflow in the rbstrjustify function in string.c in Ruby 1.9.1 before 1.9.1-p376 allows context-dependent attackers to execute arbitrary code via unspecified vectors involving 1 Stringljust, 2 Stringcenter, or 3 Stringrjust. NOTE: some of these details are obtained from third...

10CVSS7.7AI score0.03875EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2009/12/07 12:0 a.m.21 views

jruby-openssl Gem for JRuby fails to do proper certificate validation

A security problem involving peer certificate verification was found where failed verification silently did nothing, making affected applications vulnerable to attackers. Attackers could lead a client application to believe that a secure connection to a rogue SSL server is legitimate. Attackers...

7.5CVSS3.9AI score0.006EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2009/07/10 12:0 a.m.19 views

High Security Vulnerability with authenticate_with_http_digest of Rails

The example code for the digest authentication functionality httpauthentication.rb in Ruby on Rails before 2.3.3 defines an authenticateorrequestwithhttpdigest block that returns nil instead of false when the user does not exist, which allows context-dependent attackers to bypass authentication f...

9.8CVSS7.5AI score0.03377EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2009/06/10 12:0 a.m.26 views

CVE-2009-1904 ruby: DoS vulnerability in BigDecimal

The BigDecimal library in Ruby 1.8.6 before p369 and 1.8.7 before p173 allows context-dependent attackers to cause a denial of service application crash via a string argument that represents a large number, as demonstrated by an attempted conversion to the Float data type...

5CVSS6AI score0.08375EPSS
Exploits2References1Affected Software1
RubySec
RubySec
added 2009/05/12 12:0 a.m.27 views

Ruby DL::dlopen could open a library with tainted library name even if $SAFE > 0

DL::dlopen could open a library with tainted library name even if $SAFE 0...

7.5CVSS1.9AI score0.07766EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2009/01/29 12:0 a.m.15 views

Ruby 'OCSP_basic_verify()' X.509 Certificate Verification Vulnerability

ext/openssl/osslocsp.c in Ruby 1.8 and 1.9 does not properly check the return value from the OCSPbasicverify function, which might allow remote attackers to successfully present an invalid X.509 certificate, possibly involving a revoked certificate...

6.8CVSS4.5AI score0.0264EPSS
Exploits1References1Affected Software1
Total number of security vulnerabilities1230