Lucene search
K
RubygemsRecent

1230 matches found

RubySec
RubySec
added 2023/07/15 12:0 a.m.21 views

rswag vulnerable to arbitrary JSON and YAML file read via directory traversal

rswag before 2.10.1 allows remote attackers to read arbitrary JSON and YAML files via directory traversal, because rswag-api can expose a file that is not the OpenAPI or Swagger specification file of a project...

7.5CVSS6.9AI score0.00958EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2023/07/11 12:0 a.m.14 views

Decidim vulnerable to sensitive data disclosure

Note: added the actual report as a comment. Summary Decidim, a platform for digital citizen participation, uses a third-party library named Ransack for filtering certain database collections e.g., public meetings. By default, this library allows filtering on all data attributes and associations...

7.5CVSS6.9AI score0.00969EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2023/07/11 12:0 a.m.13 views

Decidim Cross-site Scripting vulnerability in the external link redirections

Impact The external link feature is susceptible to Cross-site scripting. This allows a remote attacker to execute JavaScript code in the context of a currently logged-in user. An attacker could use this vulnerability to make other users endorse or support proposals they have no intention of...

8.1CVSS6.8AI score0.00641EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2023/07/11 12:0 a.m.16 views

Decidim Cross-site Scripting vulnerability in the processes filter

Impact The processes filter feature is susceptible to Cross-site scripting. This allows a remote attacker to execute JavaScript code in the context of a currently logged-in user. An attacker could use this vulnerability to make other users endorse or support proposals they have no intention of...

8.1CVSS6.8AI score0.00579EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2023/07/11 12:0 a.m.30 views

Decidim Cross-site Scripting vulnerability in the processes filter

Impact The processes filter feature is susceptible to Cross-site scripting. This allows a remote attacker to execute JavaScript code in the context of a currently logged-in user. An attacker could use this vulnerability to make other users endorse or support proposals they have no intention of...

8.1CVSS6.8AI score0.00579EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2023/07/11 12:0 a.m.19 views

Decidim vulnerable to sensitive data disclosure

Note: added the actual report as a comment. Summary Decidim, a platform for digital citizen participation, uses a third-party library named Ransack for filtering certain database collections e.g., public meetings. By default, this library allows filtering on all data attributes and associations...

7.5CVSS6.9AI score0.00969EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2023/07/11 12:0 a.m.25 views

Decidim Cross-site Scripting vulnerability in the external link redirections

Impact The external link feature is susceptible to Cross-site scripting. This allows a remote attacker to execute JavaScript code in the context of a currently logged-in user. An attacker could use this vulnerability to make other users endorse or support proposals they have no intention of...

8.1CVSS6.8AI score0.00641EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2023/07/06 12:0 a.m.15 views

Sanitize vulnerable to Cross-site Scripting via insufficient neutralization of `style` element content

Impact Using carefully crafted input, an attacker may be able to sneak arbitrary HTML and CSS through Sanitize = 3.0.0, = 6.0.2 performs additional escaping of CSS in style element content, which fixes this issue. Workarounds Users who are unable to upgrade can prevent this issue by using a...

7.1CVSS6AI score0.00603EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2023/07/06 12:0 a.m.24 views

gRPC Reachable Assertion issue

There exists an vulnerability causing an abort to be called in gRPC. The following headers cause gRPC's C++ implementation to abort when called via http2: te: x x != trailers :scheme: x x != http, https grpclbclientstats: x x == anything On top of sending one of those headers, a later header must...

7.5CVSS6.7AI score0.00412EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2023/07/06 12:0 a.m.33 views

gRPC connection termination issue

gRPC contains a vulnerability whereby a client can cause a termination of connection between a HTTP2 proxy and a gRPC server: a base64 encoding error for -bin suffixed headers will result in a disconnection by the gRPC server, but is typically allowed by HTTP2 proxies. We recommend upgrading beyo...

5.3CVSS6.9AI score0.00531EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2023/07/05 12:0 a.m.25 views

Connection confusion in gRPC

When gRPC HTTP2 stack raised a header size exceeded error, it skipped parsing the rest of the HPACK frame. This caused any HPACK table mutations to also be skipped, resulting in a desynchronization of HPACK tables between sender and receiver. If leveraged, say, between a proxy and a backend, this...

7.5CVSS6.8AI score0.00502EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2023/06/29 12:0 a.m.39 views

ReDoS vulnerability in URI

We have released the uri gem version 0.12.2, 0.10.3 that has a security fix for a ReDoS vulnerability. This vulnerability has been assigned the CVE identifier CVE-2023-36617. Details A ReDoS issue was discovered in the URI component through 0.12.1 for Ruby. The URI parser mishandles invalid URLs...

5.3CVSS7AI score0.01698EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2023/06/28 12:0 a.m.12 views

Spina Cross-site Scripting vulnerability

Cross-site Scripting XSS - Stored in GitHub repository spinacms/spina prior to 2.15.1...

4.8CVSS6AI score0.00565EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2023/06/26 12:0 a.m.29 views

jQuery Cross Site Scripting vulnerability

Cross Site Scripting vulnerability in jQuery v.2.2.0 until v.3.5.0 allows a remote attacker to execute arbitrary code via the element...

7.3AI score
Exploits5References1Affected Software1
RubySec
RubySec
added 2023/06/26 12:0 a.m.42 views

Possible XSS via User Supplied Values to redirect_to

The redirectto method in Rails allows provided values to contain characters which are not legal in an HTTP header value. This results in the potential for downstream services which enforce RFC compliance on HTTP response headers to remove the assigned Location header. This vulnerability has been...

4CVSS6.7AI score0.00332EPSS
Exploits2References1Affected Software1
RubySec
RubySec
added 2023/06/12 12:0 a.m.20 views

Doorkeeper Improper Authentication vulnerability

OAuth RFC 8252 says https://www.rfc-editor.org/rfc/rfc8252section-8.6 the authorization server SHOULD NOT process authorization requests automatically without user consent or interaction, except when the identity of the client can be assured. This includes the case where the user has previously...

6.5CVSS6.9AI score0.00716EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2023/06/06 12:0 a.m.20 views

RedCloth Regular Expression Denial of Service issue

A Regular Expression Denial of Service ReDoS issue was discovered in the "sanitizehtml" function of RedCloth gem = v4.0.0. This vulnerability allows attackers to cause a Denial of Service DoS via supplying a crafted payload...

7.5CVSS6.7AI score0.01513EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2023/06/06 12:0 a.m.41 views

avo vulnerable to Stored XSS (Cross Site Scripting) in html content based fields

Summary Some avo fields are vulnerable to XSS when rendering html based content. Details During the analysis of the web application, a rendered field was discovered that did not filter JS / HTML tags in a safe way and can be abused to execute js code on a client side. The trix field uses the trix...

7.3CVSS6.4AI score0.00563EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2023/06/06 12:0 a.m.20 views

avo possible unsafe reflection / partial DoS vulnerability

Summary The polymorphic field type stores the classes to operate on when updating a record with user input, and does not validate them in the back end. This can lead to unexpected behavior, remote code execution, or application crashes when viewing a manipulated record. Details After reviewing th...

8.8CVSS7.7AI score0.0161EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2023/05/26 12:0 a.m.20 views

Server-Side Template Injection in Camaleon CMS

Camaleon CMS prior to 2.7.4 was discovered to contain a Server-Side Template Injection SSTI vulnerability via the formats parameter...

9.8CVSS7.5AI score0.46136EPSS
Exploits6References1Affected Software1
RubySec
RubySec
added 2023/05/23 12:0 a.m.6 views

Cross Site Scripting (XSS) Vulnerability in Fetlife rollout-ui gem v0.5

Cross Site Scripting XSS Vulnerability in Fetlife rollout-ui version 0.5, allows attackers to execute arbitrary code via a crafted url to the delete a feature functionality...

6.1CVSS6.8AI score0.00697EPSS
Exploits2References1Affected Software1
RubySec
RubySec
added 2023/05/01 12:0 a.m.26 views

Race Condition leading to logging errors

In certain setups with threaded web servers, Audited's use of Thread.current can incorrectly attributed audits to the wrong user. Fixed in 5.3.3. In March, @convisoappsec noticed that the library in question had a Race Condition problem, which caused logs to be registered at times with different...

3.1CVSS7AI score0.00494EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2023/04/26 12:0 a.m.39 views

Buffer overflow in sponge queue functions

Impact The Keccak sponge function interface accepts partial inputs to be absorbed and partial outputs to be squeezed. A buffer can overflow when partial data with some specific sizes are queued, where at least one of them has a length of 2^32 - 200 bytes or more. Patches Yes, see commit fdc6fef0...

9.8CVSS6.9AI score0.05193EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2023/04/24 12:0 a.m.23 views

Sensitive Terraform Output Values Printed At Info Logging Level In Kitchen-Terraform

Summary Kitchen-Terraform v7.0.0 introduced a regression which caused all Terraform output values, including sensitive values, to be printed at the info logging level during the kitchen converge action. Prior to v7.0.0, the output values were printed at the debug level to avoid writing sensitive...

3.3CVSS6.8AI score0.00212EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2023/04/21 12:0 a.m.15 views

sidekiq vulnerable to cross-site scripting

sidekiq from 7.0.4 to 7.0.7 is vulnerable to reflected cross-site scripting. A fix was released in version 7.0.8...

9.6CVSS6.9AI score0.02742EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2023/04/20 12:0 a.m.27 views

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) in Pay

Impact A payments info page of Pay is susceptible to reflected Cross-site scripting. An attacker could create a working URL that renders a javascript link to a user on a Rails application that integrates Pay. This URL could be distributed via email to specifically target certain individuals. If t...

7.1CVSS6.5AI score0.0045EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2023/04/11 12:0 a.m.19 views

govuk_tech_docs vulnerable to unescaped HTML on search results page

Impact Pages that are indexed in search results have their entire contents indexed, including any HTML code snippets. These HTML snippets would appear in the search results unsanitised, so it was possible to render arbitrary HTML or run arbitrary scripts. This is a low risk security issue; to...

6.1CVSS6.2AI score0.005EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2023/04/04 12:0 a.m.9 views

Fluent Fluentd and Fluent-ui use default password

An issue was discovered in Fluent Fluentd v.1.8.0 and Fluent-ui v.1.2.2 that allows attackers to gain escilated privileges and execute arbitrary code due to use of a default password...

8.8CVSS9AI score0.00786EPSS
Exploits1References1
RubySec
RubySec
added 2023/04/03 9:0 p.m.8 views

Fluent Fluentd and Fluent-ui use default password

An issue was discovered in Fluent Fluentd v.1.8.0 and Fluent-ui v.1.2.2 that allows attackers to gain escilated privileges and execute arbitrary code due to use of a default password...

8.8CVSS9AI score0.00786EPSS
Exploits1References1
RubySec
RubySec
added 2023/03/31 12:0 a.m.31 views

Ruby Time component ReDos issue

A ReDoS issue was discovered in the Time component through 0.2.1 in Ruby through 3.2.1. The Time parser mishandles invalid URLs that have specific characters. It causes an increase in execution time for parsing strings to Time objects. The fixed versions are 0.1.1 and 0.2.2...

5.3CVSS6.8AI score0.02452EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2023/03/31 12:0 a.m.22 views

Ruby URI component ReDoS issue

A ReDoS issue was discovered in the URI component through 0.12.0 in Ruby through 3.2.1. The URI parser mishandles invalid URLs that have specific characters. It causes an increase in execution time for parsing strings to URI objects. The fixed versions are 0.12.1, 0.11.1, 0.10.2 and 0.10.0.1...

5.3CVSS6.8AI score0.02637EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2023/03/30 12:0 a.m.18 views

unpoly-rails Denial of Service vulnerability

There is a possible Denial of Service DoS vulnerability in the unpoly-rails gem that implements the Unpoly server protocol for Rails applications. Impact This issues affects Rails applications that operate as an upstream of a load balancer's that uses passive health checks. The unpoly-rails gem...

7.5CVSS6.5AI score0.01034EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2023/03/27 12:0 a.m.17 views

GHSL-2022-094: Remote Code Execution in discordrb

The encodefile method may lead to remote code execution RCE if invoked with untrusted user-controlled data...

9.6CVSS7.7AI score0.02546EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2023/03/13 12:0 a.m.33 views

DOM Based Cross-site Scripting in rails-ujs for contenteditable HTML Elements

NOTE: rails-ujs is part of Rails/actionview since 5.1.0. There is a potential DOM based cross-site scripting issue in rails-ujs which leverages the Clipboard API to target HTML elements that are assigned the contenteditable attribute. This has the potential to occur when pasting malicious HTML...

6.3CVSS6.2AI score0.00632EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2023/03/13 12:0 a.m.23 views

Possible Denial of Service Vulnerability in Rack’s header parsing

There is a denial of service vulnerability in the header parsing component of Rack. This vulnerability has been assigned the CVE identifier CVE-2023-27539. Versions Affected: = 2.0.0 Not affected: None. Fixed Versions: 2.2.6.4, 3.0.6.1 Impact Carefully crafted input can cause header parsing in Ra...

5.3CVSS4.5AI score0.01063EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2023/03/13 12:0 a.m.22 views

Possible Deserialization of Untrusted Data Vulnerability in Kredis JSON

There is a deserialization of untrusted data vulnerability in the Kredis JSON deserialization code. This vulnerability has been assigned the CVE identifier CVE-2023-27531. 'Not affected: None.' 'Versions Affected: All.' 'Fixed Versions: 1.3.0.1' Impact Carefully crafted JSON data processed by...

5.3CVSS6.3AI score0.00518EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2023/03/13 12:0 a.m.29 views

Possible XSS Security Vulnerability in SafeBuffer#bytesplice

There is a vulnerability in ActiveSupport if the new bytesplice method is called on a SafeBuffer with untrusted user input. This vulnerability has been assigned the CVE identifier CVE-2023-28120. Versions Affected: All. Not affected: None Fixed Versions: 7.0.4.3, 6.1.7.3 Impact ActiveSupport uses...

5.3CVSS3.4AI score0.00907EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2023/03/03 12:0 a.m.31 views

Possible DoS Vulnerability in Multipart MIME parsing

There is a possible DoS vulnerability in the Multipart MIME parsing code in Rack. This vulnerability has been assigned the CVE identifier CVE-2023-27530. Versions Affected: All. Not affected: None Fixed Versions: 3.0.4.2, 2.2.6.3, 2.1.4.3, 2.0.9.3 Impact The Multipart MIME parsing code in Rack...

7.5CVSS2.6AI score0.0183EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2023/02/24 12:0 a.m.27 views

Code injection in pdf_info

pdfinfo 0.5.3 is vulnerable to Command Execution. An attacker using a specially crafted payload may execute OS commands by using command chaining because during object initalization there is no validation performed and the user provided path is used...

9.8CVSS3.9AI score0.03014EPSS
Exploits2References1
RubySec
RubySec
added 2023/02/14 12:0 a.m.17 views

https://github.com/mruby/mruby/issues/5613

An Untrusted Pointer Dereference was discovered in function mrbvmexec in mruby before 3.1.0-rc. The vulnerability causes a segmentation fault and application crash...

7.5CVSS6.9AI score0.00776EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2023/02/01 12:0 a.m.18 views

CSRF Vulnerability with Rails < 5.2

Clockwork Web is vulnerable to cross-site request forgery CSRF with Rails 5.2. A CSRF attack works by getting an authorized user to visit a malicious website and then performing requests on behalf of the user. In this instance, actions include enabling and disabling jobs...

6.5CVSS2.4AI score0.00358EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2023/01/29 12:0 a.m.17 views

Publify contains Weak Password Requirements

Weak Password Requirements in GitHub repository publify/publify prior to 9.2.10...

8.1CVSS1.6AI score0.007EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2023/01/28 12:0 a.m.19 views

Improper neutralization of `noscript` element content may allow XSS in Sanitize

Impact Using carefully crafted input, an attacker may be able to sneak arbitrary HTML through Sanitize = 5.0.0, = 6.0.1 always removes noscript elements and their contents, even when noscript is in the allowlist. Workarounds Users who are unable to upgrade can prevent this issue by using one of...

6.1CVSS5.9AI score0.00525EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2023/01/18 12:0 a.m.33 views

ReDoS based DoS vulnerability in GlobalID

There is a ReDoS based DoS vulnerability in the GlobalID gem. This vulnerability has been assigned the CVE identifier CVE-2023-22799. Versions Affected: = 0.2.1 Not affected: 0.2.1 Fixed Versions: 1.0.1 Impact There is a possible DoS vulnerability in the model name parsing section of the GlobalID...

7.5CVSS3.7AI score0.01049EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2023/01/18 12:0 a.m.37 views

Denial of service via multipart parsing in Rack

There is a denial of service vulnerability in the multipart parsing component of Rack. This vulnerability has been assigned the CVE identifier CVE-2022-44572. Versions Affected: = 2.0.0 Not affected: None. Fixed Versions: 2.0.9.2, 2.1.4.2, 2.2.6.1, 3.0.4.1 Impact Carefully crafted input can cause...

7.5CVSS5.1AI score0.01617EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2023/01/18 12:0 a.m.32 views

Denial of service via header parsing in Rack

There is a possible denial of service vulnerability in the Range header parsing component of Rack. This vulnerability has been assigned the CVE identifier CVE-2022-44570. Versions Affected: = 1.5.0 Not affected: None. Fixed Versions: 2.0.9.2, 2.1.4.2, 2.2.6.2, 3.0.4.1 Impact Carefully crafted inp...

7.5CVSS4.7AI score0.01626EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2023/01/18 12:0 a.m.36 views

Denial of Service Vulnerability in Rack Content-Disposition parsing

There is a denial of service vulnerability in the Content-Disposition parsing component of Rack. This vulnerability has been assigned the CVE identifier CVE-2022-44571. Versions Affected: = 2.0.0 Not affected: None. Fixed Versions: 2.0.9.2, 2.1.4.2, 2.2.6.1, 3.0.4.1 Impact Carefully crafted input...

7.5CVSS4.1AI score0.01503EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2023/01/18 12:0 a.m.76 views

ReDoS based DoS vulnerability in Action Dispatch

There is a possible regular expression based DoS vulnerability in Action Dispatch related to the If-None-Match header. This vulnerability has been assigned the CVE identifier CVE-2023-22795. Versions Affected: All Not affected: None Fixed Versions: 6.1.7.1, 7.0.4.1 Impact A specially crafted HTTP...

7.5CVSS7.4AI score0.02278EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2023/01/18 12:0 a.m.31 views

ReDoS based DoS vulnerability in Action Dispatch

There is a possible regular expression based DoS vulnerability in Action Dispatch. This vulnerability has been assigned the CVE identifier CVE-2023-22792. Versions Affected: = 3.0.0 Not affected: 3.0.0 Fixed Versions: 6.1.7.1, 7.0.4.1 Impact Specially crafted cookies, in combination with a...

7.5CVSS7.3AI score0.01695EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2023/01/18 12:0 a.m.36 views

Denial of Service Vulnerability in ActiveRecord’s PostgreSQL adapter

There is a potential denial of service vulnerability present in ActiveRecord’s PostgreSQL adapter. This has been assigned the CVE identifier CVE-2022-44566. Versions Affected: All. Not affected: None. Fixed Versions: 6.1.7.1, 7.0.4.1 Impact In ActiveRecord 7.0.4.1 and 6.1.7.1, when a value outsid...

7.5CVSS7.4AI score0.01265EPSS
Exploits1References1Affected Software1
Total number of security vulnerabilities1230