7 matches found
CVE-2019-15845
CVE-2019-15845 is a Ruby vulnerability where File.fnmatch and File.fnmatch? mishandled strings containing NULL bytes, enabling a remote attacker to access unexpected files and bypass filesystem restrictions in affected Ruby versions (Ruby 2.4.7 and earlier; 2.5.x up to 2.5.6; 2.6.x up to 2.6.4). ...
CVE-2019-16255
CVE-2019-16255 affects Ruby up to 2.4.7, 2.5.x up to 2.5.6, and 2.6.x up to 2.6.4, enabling code injection via the first argument to Shell#[] or Shell#test when data is untrusted. Connected advisories confirm this vulnerability and list affected JRuby/Ruby variants, with remediation by upgrading ...
CVE-2019-16201
CVE-2019-16201 affects Ruby’s WEBrick DigestAuth implementations across multiple Ruby branches (up to 2.4.7, 2.5.x up to 2.5.6, and 2.6.x up to 2.6.4). The issue is a regular-expression Denial of Service caused by backtracking in DigestAuth, requiring a WEBrick server exposed to the Internet or a...
CVE-2019-16254
CVE-2019-16254 (HTTP Response Splitting) affects Ruby WEBrick in versions up to 2.4.7, 2.5.x up to 2.5.6, and 2.6.x up to 2.6.4. The issue arises when untrusted input is inserted into HTTP response headers, enabling CRLF/header injection and potentially malicious content. It is noted as a follow-...
CVE-2015-1855
CVE-2015-1855 affects Ruby’s OpenSSL hostname matching: the OpenSSL extension fails to validate hostnames, allowing server spoofing. Affected: Ruby/OpenSSL before 2.0.0 patchlevel 645; 2.1.x before 2.1.6; 2.2.x before 2.2.2. Root cause: permissive hostname matching (wildcards, IDNA, case, non‑ASC...
CVE-2011-4121
The CVE-2011-4121 entry concerns the OpenSSL extension in Ruby’s Git trunk (versions after 2011-09-01 through 2011-11-03) where private RSA key generation used a constant exponent value of '1'. This flaw could allow a remote attacker to bypass or corrupt integrity of services relying on generated...
CVE-2011-3624
CVE-2011-3624 affects WEBrick::HTTPRequest in Ruby 1.9.2 and 1.8.7 and earlier. The vulnerability arises because these methods do not validate the X-Forwarded-For, X-Forwarded-Host and X-Forwarded-Server headers, which could allow remote attackers to inject arbitrary text into log files or to byp...