16 matches found
CVE-2017-17405
CVE-2017-17405 is a Ruby Net::FTP command-injection vulnerability where Net::FTP#get, getbinaryfile, gettextfile, put, putbinaryfile, and puttextfile invoke Kernel#open on local files; if the localfile argument begins with a pipe, the following command is executed. The default localfile is the ba...
CVE-2017-10784
CVE-2017-10784 affects Ruby’s WEBrick Basic authentication: an attacker can inject terminal escape sequences into WEBrick logs via a crafted username, potentially affecting the attacker’s terminal emulator. Deb and related advisories confirm the vulnerability exists in WEBrick in Ruby versions pr...
CVE-2017-14033
CVE-2017-14033 is a buffer underrun in the OpenSSL::ASN1 decode path of Ruby’s OpenSSL extension. Reported as a denial of service causing interpreter crash when processing a crafted string. Affected Ruby versions include 2.2.x prior to 2.2.8, 2.3.x prior to 2.3.5, and 2.4.x up to 2.4.1. Mitigatio...
CVE-2017-9225
Oniguruma 6.2.0 (as used in Ruby via oniguruma-mod through Ruby 2.4.1 and mbstring in PHP through 7.1.5) contains CVE-2017-9225, a stack out-of-bounds write in onigenc_unicode_get_case_fold_codes_by_str() and related unicode handling, with Code point 0xFFFFFFFF not properly handled in unicode_unf...
CVE-2017-9229
CVE-2017-9229 affects Oniguruma 6.2.0 (as used by Oniguruma-mod in Ruby up to 2.4.1 and mbstring in PHP up to 7.1.5). A SIGSEGV can occur in left_adjust_char_head() during regular expression compilation due to invalid handling of reg->dmax in forward_search_range(), which may yield an invalid ...
CVE-2017-14064
CVE-2017-14064 affects Ruby before the fixed versions: Ruby 2.2.7 and earlier (2.2.x), 2.3.0–2.3.4, and 2.4.0–2.4.1. Root cause is a strdup-based bug in ext/json/ext/generator/generator.c that stops at the first NUL byte, returning a string of length zero while space_len indicates otherwise, expo...
CVE-2017-0898
CVE-2017-0898 affects Ruby older branches (before 2.4.2, 2.3.5, and 2.2.8) and is caused by a buffer underrun in Kernel.sprintf, leading to heap memory corruption and potential information disclosure from the heap or application instability. The issue is not restricted to a single product; it app...
CVE-2017-17790
CVE-2017-17790 affects Ruby up to 2.4.3 and is caused by the lazy_initialize function in lib/resolv.rb calling Kernel#open, which may allow command injection. The vulnerability can be triggered by a Resolv::Hosts::new argument that begins with a leading '|' character. The description notes this i...
CVE-2016-2339
CVE-2016-2339 involves an exploitable heap overflow in Ruby’s Fiddle::Function.new initialize. The heap buffer arg_types allocation is sized based on the length of the args array; a specially crafted object inside the args array can increase the array size after allocation, causing a heap overflo...
CVE-2016-2337
CVE-2016-2337 fixes a type confusion in Ruby’s TclTkIp._cancel_eval method. An attacker could cause arbitrary code execution by passing a non-String as the retval argument. Public advisories (e.g., MiracleLinux AXSA-2025-10964:04) reference this CVE and note a fix to prevent the type confusion; t...
CVE-2015-9096
CVE-2015-9096 affects Net::SMTP in Ruby prior to 2.4.0, allowing SMTP command injection via CRLF sequences in RCPT TO or MAIL FROM commands, demonstrated around a DATA substring. The vulnerability applies to Ruby’s Net::SMTP implementation and, per the initial description, is fixed in Ruby 2.4.0 ...
CVE-2009-5147
CVE-2009-5147 affects Ruby’s DL::dlopen by allowing libraries with tainted names to be opened on several Ruby releases (1.8, 1.9.x, 2.0.0 pre-patch 648, and 2.1 pre-2.1.8). Connected materials document a regression in later Ruby/fiddle handling (CVE-2015-7551) that ties back to this regression an...
CVE-2014-6438
CVE-2014-6438: The URI.decode_www_form_component method in Ruby before 1.9.2-p330 allows remote attackers to cause a denial of service via a crafted string, due to catastrophic regular expression backtracking and related resource consumption or application crash. The issue affects Ruby versions p...
CVE-2016-2336
CVE-2016-2336 : Type confusion exists in two methods of Ruby’s WIN32OLE class, ole_invoke and ole_query_interface . Attacker-supplied objects of unexpected types can trigger arbitrary code execution, as noted in multiple connected records. The vulnerability affects Ruby’s WIN32OLE interactions, w...
CVE-2017-11465
CVE-2017-11465 concerns Ruby 2.4.1’s UTF-8 parser. The vulnerability lies in the function parser_yyerror (related to parser_tokadd_utf8 in parse.y), which can be triggered by a crafted script to cause a denial of service via invalid read/write and may have other impact, including potential bypass...
CVE-2017-6181
The CVE-2017-6181 entry corresponds to an unbounded recursion flaw in the Onigmo (Oniguruma-mod) regular expression library’s parse_char_class function (regparse.c) used by Ruby 2.4.0. A crafted regular expression can cause a remote attacker to trigger deep recursion and a potential application c...