RubySec

Providing security resources for the Ruby community

2024

CVE-2024-54133 (actionpack): Possible Content Security Policy bypass in Action Dispatch

posted in •

CVE-2024-53985 (rails-html-sanitizer): rails-html-sanitizer has XSS vulnerability with certain configurations

posted in •

CVE-2024-53986 (rails-html-sanitizer): rails-html-sanitizer has XSS vulnerability with certain configurations

posted in •

CVE-2024-53987 (rails-html-sanitizer): rails-html-sanitizer has XSS vulnerability with certain configurations

posted in •

CVE-2024-53988 (rails-html-sanitizer): rails-html-sanitizer has XSS vulnerability with certain configurations

posted in •

CVE-2024-53989 (rails-html-sanitizer): rails-html-sanitizer has XSS vulnerability with certain configurations

posted in •

CVE-2024-52796 (pwpush): Password Pusher rate limiter can be bypassed by forging proxy headers

posted in •

CVE-2024-45594 (decidim-meetings): decidim-meetings Cross-site scripting vulnerability in the online or hybrid meeting embeds

posted in •

CVE-2024-43415 (decidim-decidim_awesome): Decidim-Awesome has SQL injection in AdminAccountability

posted in •

CVE-2024-21510 (sinatra): Sinatra vulnerable to Reliance on Untrusted Inputs in a Security Decision

posted in •

CVE-2024-49761 (rexml): REXML ReDoS vulnerability

posted in •

CVE-2024-49771 (mpxj): MPXJ has a Potential Path Traversal Vulnerability

posted in •

CVE-2024-48652 (camaleon_cms): camaleon_cms affected by cross site scripting

posted in •

CVE-2024-41128 (actionpack): Possible ReDoS vulnerability in query parameter filtering in Action Dispatch

posted in •

CVE-2024-47887 (actionpack): Possible ReDoS vulnerability in HTTP Token authentication in Action Controller

posted in •

CVE-2024-47888 (actiontext): Possible ReDoS vulnerability in plain_text_for_blockquote_node in Action Text

posted in •

CVE-2024-47889 (actionmailer): Possible ReDoS vulnerability in block_format in Action Mailer

posted in •

CVE-2024-43795 (openc3): OpenC3 Cross-site Scripting in Login functionality (`GHSL-2024-128`)

posted in •

CVE-2024-46977 (openc3): OpenC3 Path Traversal via screen controller (`GHSL-2024-127`)

posted in •

CVE-2024-47529 (openc3): OpenC3 stores passwords in clear text (`GHSL-2024-129`)

posted in •

CVE-2024-41673 (decidim): Decidim has a cross-site scripting vulnerability in the version control page

posted in •

CVE-2024-46488 (sqlite-vec): Heap-based Buffer Overflow in sqlite-vec

posted in •

GHSA-75j2-9gmc-m855 (camaleon_cms): Camaleon CMS vulnerable to stored XSS through user file upload (GHSL-2024-184)

posted in •

GHSA-8fx8-3rg2-79xw (camaleon_cms): Camaleon CMS vulnerable to stored XSS through user file upload (GHSL-2024-184)

posted in •

CVE-2024-47220 (webrick): HTTP Request Smuggling in ruby webrick

posted in •

CVE-2024-45614 (puma): Puma's header normalization allows for client to clobber proxy set headers

posted in •

CVE-2024-7254 (google-protobuf): protobuf-java has potential Denial of Service issue

posted in •

CVE-2024-46986 (camaleon_cms): Camaleon CMS affected by arbitrary file write to RCE (GHSL-2024-182)

posted in •

CVE-2024-46987 (camaleon_cms): Camaleon CMS vulnerable to arbitrary path traversal (GHSL-2024-183)

posted in •

GHSA-7x4w-cj9r-h4v9 (camaleon_cms): Camaleon CMS vulnerable to remote code execution through code injection (GHSL-2024-185)

posted in •

GHSA-r9cr-qmfw-pmrc (camaleon_cms): Camaleon CMS vulnerable to stored XSS through user file upload (GHSL-2024-184)

posted in •

CVE-2024-8796 (devise-two-factor): Devise-Two-Factor Authentication Uses Insufficient Default OTP Shared Secret Length

posted in •

CVE-2024-32034 (decidim-admin): Decidim::Admin vulnerable to cross-site scripting (XSS) in the admin activity log

posted in •

CVE-2024-39910 (decidim): Decidim::Admin vulnerable to cross-site scripting (XSS) in the admin panel with QuillJS WYSWYG editor

posted in •

CVE-2024-45409 (omniauth-saml): omniauth-saml vulnerable to Improper Verification of Cryptographic Signature

posted in •

GHSA-cvp8-5r8g-fhvq (omniauth-saml): omniauth-saml vulnerable to Improper Verification of Cryptographic Signature

posted in •

CVE-2024-45409 (ruby-saml): SAML authentication bypass via Incorrect XPath selector

posted in •

CVE-2024-43791 (request_store): request_store has Incorrect Default Permissions

posted in •

CVE-2024-43398 (rexml): REXML denial of service vulnerability

posted in •

CVE-2024-43380 (fugit): fugit parse and parse_nat stall on lengthy input

posted in •

CVE-2024-42360 (sequenceserver): Command Injection in sequenceserver gem

posted in •

CVE-2024-41123 (rexml): DoS vulnerabilities in REXML

posted in •

CVE-2024-41946 (rexml): DoS vulnerabilities in REXML

posted in •

CVE-2024-7106 (spina): Cross-Site Request Forgery in Spina

posted in •

CVE-2024-39908 (rexml): DoS in REXML

posted in •

CVE-2024-6484 (bootstrap): Bootstrap Cross-Site Scripting (XSS) vulnerability

posted in •

CVE-2024-6531 (bootstrap): Bootstrap Cross-Site Scripting (XSS) vulnerability

posted in •

CVE-2024-27090 (decidim): Decidim vulnerable to data disclosure through the embed feature

posted in •

CVE-2024-27095 (decidim-admin): Decidim cross-site scripting (XSS) in the admin panel

posted in •

CVE-2024-32469 (decidim): Decidim cross-site scripting (XSS) in the pagination

posted in •

CVE-2024-39308 (rails_admin): RailsAdmin Cross-site Scripting vulnerability in the list view

posted in •

CVE-2024-39316 (rack): Rack ReDoS Vulnerability in HTTP Accept Headers Parsing

posted in •

CVE-2024-28103 (actionpack): Missing security headers in Action Pack on non-HTML responses

posted in •

CVE-2024-32464 (actiontext): ActionText ContentAttachment can Contain Unsanitized HTML

posted in •

CVE-2024-37031 (activeadmin): activeadmin vulnerable to stored persistent cross-site scripting (XSS) in dynamic form legends

posted in •

CVE-2024-32978 (kaminari): Insecure File Permissions vulnerability in kaminari

posted in •

CVE-2024-35231 (rack-contrib): Denial of Service in rack-contrib via "profiler_runs" parameter

posted in •

CVE-2024-35176 (rexml): REXML contains a denial of service vulnerability

posted in •

GHSA-r95h-9x8f-r3f7 (nokogiri): Nokogiri updates packaged libxml2 to v2.12.7 to resolve CVE-2024-34459

posted in •

CVE-2024-34341 (actiontext): Arbitrary Code Execution Vulnerability in Trix Editor included in ActionText

posted in •

CVE-2024-32970 (phlex): Phlex vulnerable to Cross-site Scripting (XSS) via maliciously formed HTML attribute names and values

posted in •

CVE-2024-32887 (sidekiq): Reflected XSS in Metrics Web Page

posted in •

CVE-2024-32463 (phlex): Cross-site Scripting (XSS) possible due to improper sanitisation of `href` attributes on `` tags

posted in •

GHSA-g7xq-xv8c-h98c (phlex): Cross-site Scripting (XSS) possible due to improper sanitisation of `href` attributes on `` tags

posted in •

CVE-2024-29034 (carrierwave): CarrierWave content-Type allowlist bypass vulnerability which possibly leads to XSS remained

posted in •

CVE-2024-27280 (stringio): Buffer overread vulnerability in StringIO

posted in •

CVE-2024-27281 (rdoc): RCE vulnerability with .rdoc_options in RDoc

posted in •

CVE-2024-28862 (rotp): ROTP 6.2.2 and 6.2.1 has 0666 permissions for the .rb files.

posted in •

GHSA-vcc3-rw6f-jv97 (nokogiri): Use-after-free in libxml2 via Nokogiri::XML::Reader

posted in •

CVE-2024-28181 (turbo_boost-commands): TurboBoost Commands vulnerable to arbitrary method invocation

posted in •

CVE-2024-28121 (stimulus_reflex): StimulusReflex arbitrary method call

posted in •

CVE-2024-28199 (phlex): Cross-site Scripting (XSS) possible with maliciously formed HTML attribute names and values in Phlex

posted in •

CVE-2023-46950 (sidekiq-unique-jobs): Cross Site Scripting vulnerability in Contribsys Sidekiq

posted in •

CVE-2023-51774 (json-jwt): json-jwt allows bypass of identity checks via a sign/encryption confusion attack

posted in •

CVE-2024-27285 (yard): YARD's default template vulnerable to Cross-site Scripting in generated frames.html

posted in •

CVE-2024-27456 (rack-cors): Rack CORS Middleware has Insecure File Permissions

posted in •

CVE-2024-25126 (rack): Denial of Service Vulnerability in Rack Content-Type Parsing

posted in •

CVE-2024-26141 (rack): Possible DoS Vulnerability with Range Header in Rack

posted in •

CVE-2024-26142 (actionpack): Possible ReDoS vulnerability in Accept header parsing in Action Dispatch

posted in •

CVE-2024-26143 (actionpack): Possible XSS Vulnerability in Action Controller

posted in •

CVE-2024-26144 (activestorage): Possible Sensitive Session Information Leak in Active Storage

posted in •

CVE-2024-26146 (rack): Possible Denial of Service Vulnerability in Rack Header Parsing

posted in •

CVE-2023-47634 (decidim): Race condition in Endorsements

posted in •

CVE-2023-47635 (decidim-templates): Possible CSRF attack at questionnaire templates preview

posted in •

CVE-2023-48220 (devise_invitable): Possibility to circumvent the invitation token expiry period

posted in •

CVE-2023-51447 (decidim): Cross-site scripting (XSS) in the dynamic file uploads

posted in •

CVE-2024-25122 (sidekiq-unique-jobs): sidekiq-unique-jobs UI server vulnerable to XSS & RCE in Redis

posted in •

CVE-2024-25062 (nokogiri): Improper Handling of Unexpected Data Type in Nokogiri

posted in •

GHSA-xc9x-jj77-9p9j (nokogiri): Use-after-free in libxml2 via Nokogiri::XML::Reader

posted in •

CVE-2024-22411 (avo): Cross-site scripting (XSS) in Action messages on Avo

posted in •

CVE-2024-22191 (avo): avo vulnerable to stored cross-site scripting (XSS) in key_value field

posted in •

CVE-2024-0227 (devise-two-factor): Devise-Two-Factor vulnerable to brute force attacks

posted in •

CVE-2024-21647 (puma): Puma HTTP Request/Response Smuggling vulnerability

posted in •

CVE-2024-21636 (view_component): view_component Cross-site Scripting vulnerability

posted in •

CVE-2024-21632 (omniauth-microsoft_graph): Omniauth::MicrosoftGraph Account takeover (nOAuth)

posted in •

2023

CVE-2023-51763 (activeadmin): ActiveAdmin vulnerable to CSV injection

posted in •

CVE-2022-44303 (resque-scheduler): Resque Scheduler Reflected XSS In Delayed Jobs View

posted in •

CVE-2023-50724 (resque): Resque vulnerable to Reflected Cross Site Scripting through pathnames

posted in •

CVE-2023-50725 (resque): Resque vulnerable to reflected XSS in resque-web failed and queues lists

posted in •

CVE-2023-50727 (resque): Resque vulnerable to reflected XSS in Queue Endpoint

posted in •

CVE-2023-50448 (activeadmin): Potential CSV export data leak

posted in •

CVE-2023-26154 (pubnub): pubnub Insufficient Entropy vulnerability

posted in •

CVE-2023-49090 (carrierwave): CarrierWave Content-Type allowlist bypass vulnerability, possibly leading to XSS

posted in •

CVE-2023-5349 (rmagick): memory leak flaw was found in ruby-magick

posted in •

CVE-2024-0241 (encoded_id-rails): encoded_id-rails potential DOS vulnerability due to URIs with extremely long encoded IDs

posted in •

GHSA-3px7-jm2p-6h2c (encoded_id-rails): encoded_id-rails potential DOS vulnerability due to URIs with extremely long encoded IDs

posted in •

CVE-2023-46035 (svg_optimizer): External XML entity (XXE) vulnerability in svg_optimizer rubygem

posted in •

CVE-2023-26153 (geokit-rails): geokit-rails Command Injection vulnerability

posted in •

CVE-2023-5214 (bolt): Puppet Bolt privilege escalation vulnerability

posted in •

CVE-2023-36465 (decidim): Decidim has broken access control in templates

posted in •

CVE-2023-26141 (sidekiq): sidekiq Denial of Service vulnerability

posted in •

CVE-2023-4785 (grpc): Denial of Service Vulnerability in gRPC TCP Server (Posix-compatible platforms)

posted in •

CVE-2023-38037 (activesupport): Possible File Disclosure of Locally Encrypted Files

posted in •

CVE-2023-40175 (puma): Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') in puma

posted in •

GHSA-68xg-gqqm-vgj8 (puma): Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') in puma

posted in •

CVE-2023-33953 (grpc): Excessive Iteration in gRPC

posted in •

GHSA-7vh7-fw88-wj87 (commonmarker): Several quadratic complexity bugs may lead to denial of service in Commonmarker

posted in •

CVE-2023-38697 (protocol-http1): protocol-http1 HTTP Request/Response Smuggling vulnerability

posted in •

CVE-2023-38337 (rswag): rswag vulnerable to arbitrary JSON and YAML file read via directory traversal

posted in •

CVE-2023-32693 (decidim): Decidim Cross-site Scripting vulnerability in the external link redirections

posted in •

CVE-2023-34089 (decidim): Decidim Cross-site Scripting vulnerability in the processes filter

posted in •

CVE-2023-34090 (decidim): Decidim vulnerable to sensitive data disclosure

posted in •

CVE-2023-1428 (grpc): gRPC Reachable Assertion issue

posted in •

CVE-2023-32732 (grpc): gRPC connection termination issue

posted in •

CVE-2023-36823 (sanitize): Sanitize vulnerable to Cross-site Scripting via insufficient neutralization of `style` element content

posted in •

CVE-2023-32731 (grpc): Connection confusion in gRPC

posted in •

CVE-2023-36617 (uri): ReDoS vulnerability in URI

posted in •

CVE-2023-3445 (spina): Spina Cross-site Scripting vulnerability

posted in •

CVE-2020-23064 (jquery-rails): jQuery Cross Site Scripting vulnerability

posted in •

CVE-2023-28362 (actionpack): Possible XSS via User Supplied Values to redirect_to

posted in •

CVE-2023-34246 (doorkeeper): Doorkeeper Improper Authentication vulnerability

posted in •

CVE-2023-31606 (RedCloth): RedCloth Regular Expression Denial of Service issue

posted in •

CVE-2023-34102 (avo): avo possible unsafe reflection / partial DoS vulnerability

posted in •

CVE-2023-34103 (avo): avo vulnerable to Stored XSS (Cross Site Scripting) in html content based fields

posted in •

CVE-2023-30145 (camaleon_cms): Server-Side Template Injection in Camaleon CMS

posted in •

CVE-2024-22047 (audited): Race Condition leading to logging errors

posted in •

GHSA-hjp3-5g2q-7jww (audited): Race Condition leading to logging errors

posted in •

CVE-2022-37454 (sha3): Buffer overflow in sponge queue functions

posted in •

CVE-2023-30618 (kitchen-terraform): Sensitive Terraform Output Values Printed At Info Logging Level In Kitchen-Terraform

posted in •

CVE-2023-1892 (sidekiq): sidekiq vulnerable to cross-site scripting

posted in •

CVE-2023-30614 (pay): Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) in Pay

posted in •

CVE-2024-22048 (govuk_tech_docs): govuk_tech_docs vulnerable to unescaped HTML on search results page

posted in •

GHSA-pxvg-2qj5-37jq (nokogiri): Update packaged libxml2 to v2.10.4 to resolve multiple CVEs

posted in •

GHSA-x2xw-hw8g-6773 (govuk_tech_docs): govuk_tech_docs vulnerable to unescaped HTML on search results page

posted in •

CVE-2023-28755 (uri): Ruby URI component ReDoS issue

posted in •

CVE-2023-28756 (time): Ruby Time component ReDos issue

posted in •

GHSA-48wp-p9qv-4j64 (commonmarker): Commonmarker vulnerable to to several quadratic complexity bugs that may lead to denial of service

posted in •

CVE-2023-28846 (unpoly-rails): unpoly-rails Denial of Service vulnerability

posted in •

CVE-2023-28102 (discordrb): GHSL-2022-094: Remote Code Execution in discordrb

posted in •

CVE-2023-23913 (actionview): DOM Based Cross-site Scripting in rails-ujs for contenteditable HTML Elements

posted in •

CVE-2023-27531 (kredis): Possible Deserialization of Untrusted Data Vulnerability in Kredis JSON

posted in •

CVE-2023-27539 (rack): Possible Denial of Service Vulnerability in Rack’s header parsing

posted in •

CVE-2023-28120 (activesupport): Possible XSS Security Vulnerability in SafeBuffer#bytesplice

posted in •

CVE-2023-27530 (rack): Possible DoS Vulnerability in Multipart MIME parsing

posted in •

CVE-2022-36231 (pdf_info): Code injection in pdf_info

posted in •

CVE-2023-25015 (clockwork_web): CSRF Vulnerability with Rails < 5.2

posted in •

CVE-2023-0569 (publify_core): Publify contains Weak Password Requirements

posted in •

CVE-2023-23627 (sanitize): Improper neutralization of `noscript` element content may allow XSS in Sanitize

posted in •

GHSA-636f-xm5j-pj9m (commonmarker): Several quadratic complexity bugs may lead to denial of service in Commonmarker

posted in •

GHSA-q95h-cqrv-8jv5 (exiftool_vendored): ExifTool vulnerable to arbitrary code execution

posted in •

CVE-2022-44566 (activerecord): Denial of Service Vulnerability in ActiveRecord’s PostgreSQL adapter

posted in •

CVE-2022-44570 (rack): Denial of service via header parsing in Rack

posted in •

CVE-2022-44571 (rack): Denial of Service Vulnerability in Rack Content-Disposition parsing

posted in •

CVE-2022-44572 (rack): Denial of service via multipart parsing in Rack

posted in •

CVE-2023-22792 (actionpack): ReDoS based DoS vulnerability in Action Dispatch

posted in •

CVE-2023-22794 (activerecord): SQL Injection Vulnerability via ActiveRecord comments

posted in •

CVE-2023-22795 (actionpack): ReDoS based DoS vulnerability in Action Dispatch

posted in •

CVE-2023-22796 (activesupport): ReDoS based DoS vulnerability in Active Support’s underscore

posted in •

CVE-2023-22797 (actionpack): Open Redirect Vulnerability in Action Pack

posted in •

CVE-2023-22799 (globalid): ReDoS based DoS vulnerability in GlobalID

posted in •

CVE-2022-47318 (git): Code injection in ruby git

posted in •

CVE-2022-4891 (sisimai): Sisimai Inefficient Regular Expression Complexity vulnerability

posted in •

CVE-2015-10053 (curupira): curupira is vulnerable to SQL injection

posted in •

CVE-2022-1812 (publify_core): Integer overflow in publify_core

posted in •

CVE-2022-2815 (publify_core): Publify Core does not strip metadata from images

posted in •

CVE-2023-0299 (publify_core): Publify Improper Input Validation vulnerability

posted in •

CVE-2020-36644 (inline_svg): Inline SVG vulnerable to Cross-site Scripting

posted in •

CVE-2022-46648 (git): Potential remote code execution in ruby-git

posted in •

CVE-2023-22626 (pghero): Information Disclosure Through EXPLAIN Feature

posted in •

CVE-2024-22049 (httparty): httparty has multipart/form-data request tampering vulnerability

posted in •

GHSA-5pq7-52mg-hr42 (httparty): httparty has multipart/form-data request tampering vulnerability

posted in •

2022

CVE-2017-20159 (keynote): keynote Cross-site Scripting vulnerability

posted in •

CVE-2019-25088 (oxidized-web): Oxidized Web vulnerable to Cross-site Scripting

posted in •

CVE-2020-36624 (text_helpers): text_helpers uses web link to untrusted target with window.opener access

posted in •

CVE-2021-4250 (active_attr): active_attr Improper Resource Shutdown or Release vulnerability

posted in •

CVE-2022-23514 (loofah): Inefficient Regular Expression Complexity in Loofah

posted in •

CVE-2022-23515 (loofah): Improper neutralization of data URIs may allow XSS in Loofah

posted in •

CVE-2022-23516 (loofah): Uncontrolled Recursion in Loofah

posted in •

CVE-2022-23517 (rails-html-sanitizer): Inefficient Regular Expression Complexity in rails-html-sanitizer

posted in •

CVE-2022-23518 (rails-html-sanitizer): Improper neutralization of data URIs may allow XSS in rails-html-sanitizer

posted in •

CVE-2022-23519 (rails-html-sanitizer): Possible XSS vulnerability with certain configurations of rails-html-sanitizer

posted in •

CVE-2022-23520 (rails-html-sanitizer): Possible XSS vulnerability with certain configurations of rails-html-sanitizer

posted in •

CVE-2022-23476 (nokogiri): Unchecked return value from xmlTextReaderExpand

posted in •

CVE-2022-45442 (sinatra): Sinatra vulnerable to Reflected File Download attack

posted in •

CVE-2022-4064 (dalli): Unsanitized input leading to code injection in Dalli

posted in •

CVE-2021-33621 (cgi): HTTP response splitting in CGI

posted in •

CVE-2022-39379 (fluentd): fluentd vulnerable to remote code execution due to insecure deserialization (in non-default configuration)

posted in •

GHSA-2qc6-mcvw-92cw (nokogiri): Update bundled libxml2 to v2.10.3 to resolve multiple CVEs

posted in •

CVE-2022-39281 (fat_free_crm): Fat Free CRM vulnerable to Remote Denial of Service via Tasks endpoint

posted in •

CVE-2022-3171 (google-protobuf): protobuf-java has a potential Denial of Service issue

posted in •

GHSA-mgvv-5mxp-xq67 (sqlite3): SQLite3 addresses vulnerability in packaged version of libsqlite

posted in •

CVE-2022-39224 (arr-pm): arr-pm vulnerable to arbitrary shell execution when extracting or listing files contained in a malicious rpm

posted in •

GHSA-4qw4-jpp4-8gvp (commonmarker): Unbounded resource exhaustion in cmark-gfm autolink extension may lead to denial of service

posted in •

GHSA-qcqv-38jg-2r43 (pageflow): Pageflow vulnerable to insecure direct object reference in membership update endpoint

posted in •

GHSA-wrrw-crp8-979q (pageflow): Pageflow vulnerable to sensitive user data extraction via Ransack query injection

posted in •

CVE-2022-25765 (pdfkit): PDFKit vulnerable to Command Injection

posted in •

CVE-2020-36599 (omniauth): OmniAuth's `lib/omniauth/failure_endpoint.rb` does not escape `message_key` value

posted in •

CVE-2022-35956 (update_by_case): update_by_case before 0.1.3 can be vulnerable to sql injection

posted in •

CVE-2022-31163 (tzinfo): TZInfo relative path traversal vulnerability allows loading of arbitrary files

posted in •

CVE-2020-35305 (gollum): XSS via `filename` parameter to New Page dialog

posted in •

CVE-2022-31160 (jquery-ui-rails): jQuery UI vulnerable to XSS when refreshing a checkboxradio with an HTML-like initial text label

posted in •

CVE-2022-32224 (activerecord): Possible RCE escalation bug with Serialized Columns in Active Record

posted in •

CVE-2022-31115 (opensearch-ruby): Unsafe YAML deserialization in opensearch-ruby

posted in •

CVE-2021-3779 (ruby-mysql): ruby-mysql Client File Read

posted in •

CVE-2022-30122 (rack): Denial of Service Vulnerability in Rack Multipart Parsing

posted in •

CVE-2022-30123 (rack): Possible shell escape sequence injection vulnerability in Rack

posted in •

CVE-2022-33127 (diffy): Improper handling of double quotes in file name in Diffy in Windows environment

posted in •

CVE-2022-31071 (octopoller): Octopoller gem published with world-writable files

posted in •

CVE-2022-31072 (octokit): Octokit gem published with world-writable files

posted in •

CVE-2022-32209 (rails-html-sanitizer): Possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer

posted in •

CVE-2022-31033 (mechanize): Authorization header leak on port redirect in mechanize

posted in •

CVE-2022-32209 (rails-html-sanitizer): Possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer

posted in •

CVE-2022-32511 (jmespath): JMESPath for Ruby using JSON.load instead of JSON.parse

posted in •

CVE-2022-31026 (trilogy): Use of Uninitialized Variable in trilogy

posted in •

CVE-2021-33473 (dragonfly): Arbitrary file write in dragonfly

posted in •

CVE-2022-31000 (solidus_backend): CSRF allows attacker to finalize/unfinalize order adjustments in solidus_backend

posted in •

CVE-2015-2784 (papercrop): papercrop does not properly handle crop input

posted in •

CVE-2019-10226 (fat_free_crm): Fat Free CRM Cross-site Scripting vulnerability

posted in •

CVE-2019-12408 (red-arrow): Missing Initialization of Resource in Apache Arrow

posted in •

CVE-2019-12410 (red-arrow): Missing Initialization of Resource in Apache Arrow

posted in •

CVE-2019-13118 (nokogiri): libxslt Type Confusion vulnerability that affects Nokogiri

posted in •

CVE-2019-14825 (katello): Katello cleartext password storage issue

posted in •

CVE-2019-16751 (devise_token_auth): Devise Token Auth vulnerable to Cross-site Scripting

posted in •

CVE-2019-17268 (omniauth-weibo-oauth2): omniauth-weibo-oauth2 included a code-execution backdoor inserted by a third-party

posted in •

CVE-2019-18197 (nokogiri): Nokogiri affected by libxslt Use of Uninitialized Resource/ Use After Free vulnerability

posted in •

CVE-2019-5815 (nokogiri): Nokogiri implementation of libxslt vulnerable to heap corruption

posted in •

CVE-2019-7615 (elastic-apm): Elastic APM agent for Ruby vulnerable to Improper Certificate Validation

posted in •

CVE-2020-13353 (gitaly): Gitaly Insufficient Session Expiration vulnerability

posted in •

CVE-2020-7385 (metasploit-framework): Metasploit Framework user exposes Metasploit to same deserialization issue that is exploited by that module

posted in •

CVE-2021-25969 (camaleon_cms): Camaleon CMS Stored Cross-site Scripting vulnerability

posted in •

CVE-2021-25970 (camaleon_cms): Camaleon CMS Insufficient Session Expiration vulnerability

posted in •

CVE-2021-25971 (camaleon_cms): Camaleon CMS vulnerable to Uncaught Exception

posted in •

CVE-2021-25972 (camaleon_cms): Camaleon CMS vulnerable to Server-Side Request Forgery

posted in •

CVE-2021-25974 (publify_core): Cross site scripting in publify

posted in •

CVE-2021-25975 (publify_core): Cross site scripting in publify

posted in •

CVE-2021-3517 (nokogiri): Nokogiri contains libxml Out-of-bounds Write vulnerability

posted in •

CVE-2021-3518 (nokogiri): Nokogiri Implements libxml2 version vulnerable to use-after-free

posted in •

CVE-2021-3537 (nokogiri): Nokogiri Implements libxml2 version vulnerable to null pointer dereferencing

posted in •

CVE-2021-35440 (smashing): Smashing Cross-site Scripting vulnerability

posted in •

CVE-2021-39880 (apollo_upload_server): apollo_upload_server has Denial of Service vulnerability

posted in •

CVE-2022-1810 (publify_core): Improper Access Control in publify

posted in •

CVE-2022-1811 (publify_core): Cross site scripting in publify

posted in •

CVE-2022-29181 (nokogiri): Improper Handling of Unexpected Data Type in Nokogiri

posted in •

CVE-2019-25061 (random_password_generator): Insecure PRNG use in random_password_generator

posted in •

GHSA-cgx6-hpwq-fhv5 (nokogiri): Integer Overflow or Wraparound in libxml2 affects Nokogiri

posted in •

CVE-2012-3503 (katello): Katello uses hard coded credential

posted in •

CVE-2014-0084 (openshift-origin-node): openshift-origin-node Improper Input Validation vulnerability

posted in •

CVE-2017-15364 (ccsv): ccsv Double Free vulnerability

posted in •

CVE-2022-0574 (publify_core): Incorrect Authorization in publify

posted in •

CVE-2022-0578 (publify_core): Code injection in publify

posted in •

CVE-2022-1553 (publify_core): Article metadata exposure in publify

posted in •

CVE-2011-0528 (puppet): Puppet does not properly restrict access to node resources

posted in •

CVE-2011-3869 (puppet): Puppet arbitrary file overwrite

posted in •

CVE-2012-1987 (puppet): Puppet Denial of Service and Arbitrary File Write

posted in •

CVE-2012-1988 (puppet): Puppet Arbitrary Command Execution

posted in •

CVE-2016-3072 (katello): Katello SQL Injection vulnerabilities

posted in •

CVE-2017-10784 (webrick): WEBrick RCE Vulnerability

posted in •

CVE-2017-14033 (openssl): Ruby OpenSSL DoS Vulnerability

posted in •

CVE-2018-0499 (xapian-core): xapian-core Cross-site Scripting vulnerability

posted in •

CVE-2018-1000074 (rubygems-update): RubyGems Deserialization of Untrusted Data vulnerability

posted in •

CVE-2018-1000076 (rubygems-update): RubyGems Improper Verification of Cryptographic Signature vulnerability

posted in •

CVE-2018-1000077 (rubygems-update): RubyGems Improper Input Validation vulnerability

posted in •

CVE-2018-1000078 (rubygems-update): RubyGems Cross-site Scripting vulnerability

posted in •

CVE-2018-1000079 (rubygems-update): RubyGems Path Traversal vulnerability

posted in •

CVE-2018-16887 (katello): katello Cross-site Scripting vulnerability

posted in •

CVE-2017-1000026 (mixlib-archive): mixlib-archive Path Traversal vulnerability

posted in •

CVE-2017-10689 (puppet): Tarball permission preservation in puppet

posted in •

CVE-2017-10906 (fluentd): Fluentd Escape Sequence Injection Vulnerability

posted in •

CVE-2017-14506 (geminabox): Gem in a Box vulnerable to Cross-site Scripting

posted in •

CVE-2017-14683 (geminabox): Gem in a Box vulnerable to Cross-site Request Forgery

posted in •

CVE-2017-16355 (passenger): Phusion Passenger information disclosure

posted in •

CVE-2017-2096 (smalruby): smalruby and smalruby-editor vulnerable to OS Command Injection

posted in •

CVE-2017-2662 (katello): katello Improper Privilege Management vulnerability

posted in •

CVE-2017-2667 (hammer_cli_foreman): hammer_cli_foreman Improper Certificate Validation vulnerability

posted in •

CVE-2018-1000073 (rubygems-update): RubyGems Link Following vulnerability

posted in •

CVE-2018-1000075 (rubygems-update): RubyGems Infinite Loop vulnerability

posted in •

CVE-2018-12615 (passenger): Phusion Passenger incorrect permission assignment

posted in •

CVE-2018-14040 (bootstrap-sass): Bootstrap vulnerable to Cross-Site Scripting (XSS)

posted in •

CVE-2018-14623 (katello): katello SQL Injection vulnerability

posted in •

CVE-2018-18260 (camaleon_cms): Camaleon CMS vulnerable to Stored Cross-site Scripting

posted in •

CVE-2018-18385 (asciidoctor): Asciidoctor Infinite Loop vulnerability

posted in •

CVE-2013-2095 (openshift-origin-controller): RubyGem openshift-origin-controller is vulnerable to command injection

posted in •

CVE-2022-28481 (csv-safe): CSV-Safe improperly filters special characters potentially leading to CSV injection

posted in •

CVE-2022-29970 (sinatra): sinatra does not validate expanded path matches

posted in •

CVE-2010-0156 (puppet): Puppet arbitrary files overwrite via a symlink attack

posted in •

CVE-2007-6612 (mongrel): Mongrel vulnerable to directory traversal via double-encoded sequences

posted in •

CVE-2022-22577 (actionpack): Possible XSS Vulnerability in Action Pack

posted in •

CVE-2022-27311 (gibbon): Server side request forgery in gibbon

posted in •

CVE-2022-27777 (actionview): Possible XSS Vulnerability in Action View tag helpers

posted in •

CVE-2011-1497 (actionpack): Cross site scripting in rails/actionpack < 3.0.6

posted in •

CVE-2022-25648 (git): Command injection in ruby-git

posted in •

CVE-2022-29498 (blazer): SQL injection for certain queries with variables

posted in •

CVE-2018-25032 (nokogiri): Out-of-bounds Write in zlib affects Nokogiri

posted in •

CVE-2022-23437 (nokogiri): XML Injection in Xerces Java affects Nokogiri

posted in •

CVE-2022-24836 (nokogiri): Inefficient Regular Expression Complexity in Nokogiri

posted in •

CVE-2022-24839 (nokogiri): Denial of Service (DoS) in Nokogiri on JRuby

posted in •

CVE-2021-43177 (devise-two-factor): Improper one time password handling in devise-two-factor

posted in •

CVE-2022-24795 (yajl-ruby): Reallocation bug can trigger heap memory corruption

posted in •

CVE-2022-21223 (cocoapods-downloader): Command injection in cocoapods-downloader

posted in •

CVE-2022-24440 (cocoapods-downloader): Command injection in cocoapods-downloader

posted in •

CVE-2022-24803 (asciidoctor-include-ext): Command Injection vulnerability in asciidoctor-include-ext

posted in •

CVE-2022-24790 (puma): HTTP Request Smuggling in puma

posted in •

CVE-2022-0759 (kubeclient): Improper Certificate Validation in kubeclient

posted in •

CVE-2021-3589 (foreman_ansible): Missing Authentication for Critical Function in Foreman Ansible

posted in •

CVE-2022-21831 (activestorage): Possible code injection vulnerability in Rails / Active Storage

posted in •

CVE-2024-22051 (commonmarker): Integer overflow in cmark-gfm table parsing extension leads to heap memory corruption

posted in •

GHSA-fmx4-26r3-wxpf (commonmarker): Integer overflow in cmark-gfm table parsing extension leads to heap memory corruption

posted in •

CVE-2022-24722 (view_component): XSS via `translate` method of `ViewComponent::Translatable` in view_component gem

posted in •

CVE-2022-24720 (image_processing): Remote shell execution vulnerability when applying commands from user input

posted in •

CVE-2021-30560 (nokogiri): Update packaged libxml2 (2.9.12 → 2.9.13) and libxslt (1.1.34 → 1.1.35)

posted in •

CVE-2014-0177 (hub): Hub Package Arbitrary File Overwrite

posted in •

CVE-2022-23633 (actionpack): Possible exposure of information vulnerability in Action Pack

posted in •

CVE-2022-23634 (puma): Information Exposure with Puma when used with Rails

posted in •

CVE-2022-0524 (publify_core): Business Logic Errors in Publify

posted in •

CVE-2022-23837 (sidekiq): Denial of service in sidekiq

posted in •

CVE-2021-22569 (google-protobuf): A potential Denial of Service issue in protobuf-java

posted in •

CVE-2021-43846 (solidus_frontend): CSRF forgery protection bypass in solidus_frontend

posted in •

2021

CVE-2021-43840 (message_bus): Path traversal when MessageBus::Diagnostics is enabled

posted in •

CVE-2021-44528 (actionpack): Possible Open Redirect in Host Authorization Middleware

posted in •

CVE-2021-28680 (devise_masquerade): Improper Privilege Management in devise_masquerade

posted in •

CVE-2021-43809 (bundler): Local Code Execution through Argument Injection via dash leading git url parameter in Gemfile

posted in •

CVE-2021-43805 (solidus_core): ReDos vulnerability on guest checkout email validation

posted in •

CVE-2021-27023 (puppet): Unsafe HTTP Redirect in Puppet Agent and Puppet Server

posted in •

CVE-2021-27025 (puppet): Silent Configuration Failure in Puppet Agent

posted in •

CVE-2021-41816 (cgi): Buffer Overrun in CGI.escape_html

posted in •

CVE-2021-41819 (cgi): Cookie Prefix Spoofing in CGI::Cookie.parse

posted in •

CVE-2021-41274 (solidus_auth_devise): Authentication Bypass by CSRF Weakness

posted in •

CVE-2021-41275 (spree_auth_devise): Authentication Bypass by CSRF Weakness

posted in •

GHSA-5629-8855-gf4g (solidus_core): Authentication Bypass by CSRF Weakness

posted in •

CVE-2021-41263 (rails_multisite): Secure/signed cookies share secrets between sites in a multi-site application

posted in •

CVE-2021-41817 (date): Regular Expression Denial of Service Vulnerability of Date Parsing Methods

posted in •

CVE-2021-25973 (publify_core): Improper Authorization in Publify

posted in •

CVE-2021-41186 (fluentd): ReDoS vulnerability in parser_apache2

posted in •

CVE-2021-41182 (jquery-ui-rails): XSS in the `altField` option of the Datepicker widget in jquery-ui

posted in •

CVE-2021-41183 (jquery-ui-rails): XSS in `*Text` options of the Datepicker widget in jquery-ui

posted in •

CVE-2021-41184 (jquery-ui-rails): XSS in the `of` option of the `.position()` util in jquery-ui

posted in •

CVE-2021-41136 (puma): Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') in puma

posted in •

CVE-2021-30151 (sidekiq): Cross-site Scripting in Sidekiq

posted in •

CVE-2021-33575 (ruby-jss): Remote code execution in ruby-jss

posted in •

CVE-2021-41098 (nokogiri): Improper Restriction of XML External Entity Reference (XXE) in Nokogiri on JRuby

posted in •

CVE-2021-23435 (clearance): Open Redirect in clearance

posted in •

CVE-2021-39197 (better_errors): Older releases of better_errors open to Cross-Site Request Forgery attack

posted in •

CVE-2021-22942 (actionpack): Possible Open Redirect in Host Authorization Middleware

posted in •

CVE-2021-28796 (qiita-markdown): Cross-Site Scripting in Qiita::Markdown

posted in •

CVE-2021-28833 (qiita-markdown): XSS in qiita-markdown

posted in •

CVE-2021-32740 (addressable): Regular Expression Denial of Service in Addressable templates

posted in •

CVE-2021-35514 (narou): Code injection in Narou

posted in •

CVE-2021-20259 (foreman_fog_proxmox): Exposure of Sensitive Information to an Unauthorized Actor in foreman_fog_proxmox

posted in •

CVE-2021-33564 (dragonfly): Remote code execution in Dragonfly

posted in •

CVE-2020-13163 (em-imap): Improper certificate validation in em-imap

posted in •

CVE-2020-13482 (em-http-request): Improper Certificate Validation in EM-HTTP-Request

posted in •

CVE-2020-7659 (reel): HTTP Request Smuggling in reel

posted in •

CVE-2020-7671 (goliath): HTTP Request Smuggling in goliath

posted in •

CVE-2021-32823 (bindata): Potential Denial-of-Service in bindata

posted in •

GHSA-7rrm-v45f-jp64 (nokogiri): Update packaged dependency libxml2 from 2.9.10 to 2.9.12

posted in •

CVE-2021-29509 (puma): Keepalive Connections Causing Denial Of Service in puma

posted in •

CVE-2021-22885 (actionpack): Possible Information Disclosure / Unintended Method Execution in Action Pack

posted in •

CVE-2021-22902 (actionpack): Possible Denial of Service vulnerability in Action Dispatch

posted in •

CVE-2021-22903 (actionpack): Possible Open Redirect Vulnerability in Action Pack

posted in •

CVE-2021-22904 (actionpack): Possible DoS Vulnerability in Action Controller Token Authentication

posted in •

CVE-2021-23383 (handlebars-source): Prototype Pollution in handlebars

posted in •

CVE-2021-31799 (rdoc): RDoc OS command injection vulnerability

posted in •

CVE-2021-31671 (pgsync): Connection security vulnerability with schema sync

posted in •

CVE-2016-11086 (oauth): Improper Certificate Validation in oauth ruby gem

posted in •

CVE-2021-29435 (trestle-auth): Cross-Site Request Forgery (CSRF) in trestle-auth

posted in •

CVE-2020-24393 (tweetstream): Improper Certificate Validation in TweetStream

posted in •

CVE-2020-7942 (puppet): Improper Certificate Validation in Puppet

posted in •

CVE-2021-23369 (handlebars-source): Remote code execution in handlebars when compiling templates

posted in •

CVE-2021-28965 (rexml): XML round-trip vulnerability in REXML

posted in •

CVE-2021-28966 (tmpdir): Path traversal in Tempfile on Windows

posted in •

CVE-2020-24392 (twitter-stream): Improper Certificate Validation in twitter-stream

posted in •

CVE-2021-28834 (kramdown): Remote code execution in Kramdown

posted in •

CVE-2019-25025 (activerecord-session_store): activerecord-session_store Timing Attack

posted in •

CVE-2021-22880 (activerecord): Possible DoS Vulnerability in Active Record PostgreSQL adapter

posted in •

CVE-2021-22881 (actionpack): Possible Open Redirect in Host Authorization Middleware

posted in •

CVE-2021-21288 (carrierwave): Server-side request forgery in CarrierWave

posted in •

CVE-2021-21305 (carrierwave): Code Injection vulnerability in CarrierWave::RMagick

posted in •

CVE-2021-21289 (mechanize): Mechanize ruby gem Command Injection vulnerability

posted in •

CVE-2020-26298 (redcarpet): Injection/XSS in Redcarpet

posted in •

2020

CVE-2020-26247 (nokogiri): Nokogiri::XML::Schema trusts input by default, exposing risk of an XXE vulnerability

posted in •

CVE-2020-26254 (omniauth-apple): omniauth-apple allows attacker to fake their email address during authentication

posted in •

CVE-2020-26222 (dependabot-omnibus): Remote code execution in dependabot-core branch names when cloning

posted in •

CVE-2020-26223 (spree_api): Authorization bypass in Spree

posted in •

CVE-2020-15240 (omniauth-auth0): Regression in JWT Signature Validation

posted in •

CVE-2020-15269 (spree): Ensure that doorkeeper_token is valid when authenticating requests in API v2 calls

posted in •

CVE-2020-7670 (agoo): HTTP Request Smuggling in Agoo

posted in •

CVE-2020-8264 (actionpack): Possible XSS Vulnerability in Action Pack in Development Mode

posted in •

CVE-2020-15237 (shrine): Possible timing attack in derivation_endpoint

posted in •

CVE-2020-36327 (bundler): Dependency Confusion in Bundler with Implicit Private Dependencies

posted in •

CVE-2020-25613 (webrick): Potential HTTP Request Smuggling Vulnerability in WEBrick

posted in •

GHSA-vp9c-fpxx-744v (personnummer): Validation bypass vulnerability

posted in •

CVE-2020-25739 (gon): Gon gem lack of escaping certain input when outputting as JSON

posted in •

CVE-2020-15169 (actionview): Potential XSS vulnerability in Action View

posted in •

CVE-2012-6708 (jquery-rails): Cross-Site Scripting in jquery

posted in •

CVE-2020-15109 (solidus_frontend): Ability to change order address without triggering address validations in solidus

posted in •

CVE-2020-16252 (field_test): CSRF Vulnerability with Non-Session Based Authentication

posted in •

CVE-2020-16253 (pghero): CSRF Vulnerability with Non-Session Based Authentication

posted in •

CVE-2020-16254 (chartkick): CSS injection with width and height options

posted in •

CVE-2020-15133 (faye-websocket): Missing TLS certificate verification in faye-websocket

posted in •

CVE-2020-15134 (faye): Missing TLS certificate verification

posted in •

CVE-2020-14001 (kramdown): Unintended read access in kramdown gem

posted in •

CVE-2020-8185 (actionpack): Untrusted users able to run pending migrations in production

posted in •

CVE-2020-4054 (sanitize): Cross-site scripting vulnerability via `` or `` element in Sanitize

posted in •

CVE-2020-8184 (rack): Percent-encoded cookies can be used to overwrite existing prefixed cookie names

posted in •

CVE-2020-7663 (websocket-extensions): Regular Expression Denial of Service in websocket-extensions (RubyGem)

posted in •

CVE-2020-11082 (kaminari): Cross-Site Scripting in Kaminari via `original_script_name` parameter

posted in •

CVE-2020-11076 (puma): HTTP Smuggling via Transfer-Encoding Header in Puma

posted in •

CVE-2020-11077 (puma): HTTP Smuggling via Transfer-Encoding Header in Puma

posted in •

CVE-2020-7656 (jquery-rails): Cross-Site Scripting in jquery

posted in •

CVE-2020-8162 (activestorage): Circumvention of file size limits in ActiveStorage

posted in •

CVE-2020-8164 (actionpack): Possible Strong Parameters Bypass in ActionPack

posted in •

CVE-2020-8165 (activesupport): Potentially unintended unmarshalling of user-provided objects in MemCacheStore and RedisCacheStore

posted in •

CVE-2020-8166 (actionpack): Ability to forge per-form CSRF tokens given a global CSRF token

posted in •

CVE-2020-8167 (actionview): CSRF Vulnerability in rails-ujs

posted in •

CVE-2020-8163 (actionview): Potential remote code execution of user-provided local names in ActionView

posted in •

CVE-2020-8161 (rack): Directory traversal in Rack::Directory app bundled with Rack

posted in •

CVE-2020-11052 (sorcery): Improper Restriction of Excessive Authentication Attempts in Sorcery

posted in •

CVE-2020-8159 (actionpack-page_caching): Arbitrary file write/potential remote code execution in actionpack-page_caching

posted in •

CVE-2020-8151 (activeresource): activeresource Gem for Ruby lib/active_resource/base.rb element_path Lack of Encoding

posted in •

CVE-2020-10187 (doorkeeper): Doorkeeper application secret information disclosure vulnerability

posted in •

CVE-2015-4411 (bson): Potential denial of service in bson rubygem

posted in •

CVE-2020-11020 (faye): Authentication and extension bypass in Faye

posted in •

CVE-2020-11022 (jquery-rails): Potential XSS vulnerability in jQuery

posted in •

CVE-2020-11023 (jquery-rails): Potential XSS vulnerability in jQuery

posted in •

CVE-2020-10663 (json): json Gem for Ruby Unsafe Object Creation Vulnerability (additional fix)

posted in •

CVE-2020-5267 (actionview): Possible XSS vulnerability in ActionView

posted in •

CVE-2020-36190 (rails_admin): rails_admin ruby gem XSS vulnerability

posted in •

CVE-2020-5257 (administrate): Sort order SQL injection via `direction` parameter in administrate

posted in •

CVE-2020-5243 (user_agent_parser): Denial of Service in uap-core when processing crafted User-Agent strings

posted in •

CVE-2020-5249 (puma): HTTP Response Splitting (Early Hints) in Puma

posted in •

CVE-2020-5247 (puma): HTTP Response Splitting vulnerability in puma

posted in •

CVE-2019-10780 (bibtex-ruby): OS command injection in BibTeX-Ruby

posted in •

CVE-2020-7595 (nokogiri): libxml2 2.9.10 has an infinite loop in a certain end-of-file situation

posted in •

CVE-2020-5241 (matestack-ui-core): matestack-ui-core is vulnerable to XSS/Script injection

posted in •

CVE-2020-7981 (geocoder): Geocoder gem for Ruby contains possible SQL injection vulnerability

posted in •

CVE-2020-5216 (secure_headers): secure_headers header injection due to newline

posted in •

CVE-2020-5217 (secure_headers): secure_headers directive injection using semicolon

posted in •

CVE-2014-3211 (publify_core): Publify vulnerable to DoS attack

posted in •

2019

CVE-2019-19919 (bootstrap-wysihtml5-rails): Prototype Pollution in handlebars

posted in •

CVE-2019-16782 (rack): Possible information leak / session hijack vulnerability

posted in •

CVE-2019-16779 (excon): Race condition when using persistent connections

posted in •

CVE-2019-16770 (puma): Keepalive thread overload/DoS in puma

posted in •

CVE-2019-18978 (rack-cors): rack-cors directory traversal via path

posted in •

CVE-2019-18848 (json-jwt): json-jwt improper input validation due to lack of element count when splitting string

posted in •

CVE-2019-18841 (chartkick): Prototype Pollution in Chartkick.js 3.1.x

posted in •

CVE-2019-13117 (nokogiri): Nokogiri gem, via libxslt, is affected by multiple vulnerabilities

posted in •

CVE-2019-18409 (ruby_parser-legacy): ruby_parser-legacy world writable files allow local privilege escalation

posted in •

CVE-2019-15587 (loofah): Loofah XSS Vulnerability

posted in •

CVE-2019-17383 (netaddr): netaddr world-writeable file permissions

posted in •

CVE-2024-22050 (iodine): Malicious URL drafting attack against iodines static file server may allow path traversal

posted in •

GHSA-85rf-xh54-whp3 (iodine): iodine path traversal via malicious URL drafting attack

posted in •

CVE-2019-16676 (simple_form): simple_form Gem for Ruby Incorrect Access Control for forms based on user input

posted in •

CVE-2019-16145 (padrino-contrib): padrino-contrib XSS via caption parameter of breadcrumbs helper

posted in •

CVE-2019-16377 (consul): Consul gem insufficient authentication check - Multiple powers in one controller are not always checked correctly

posted in •

CVE-2019-16892 (rubyzip): Denial of Service in rubyzip ("zip bombs")

posted in •

CVE-2019-16109 (devise): Devise Gem for Ruby confirmation token validation with a blank string

posted in •

CVE-2020-8130 (rake): OS Command Injection in Rake

posted in •

CVE-2018-20975 (fat_free_crm): fat_free_crm XSS via query parameter of tags_helper method

posted in •

CVE-2019-15224 (omniauth_amazon): Code execution backdoor in omniauth_amazon

posted in •

CVE-2019-15224 (rest-client): Code execution backdoor in rest-client

posted in •

CVE-2019-5477 (rexical): Rexical Command Injection Vulnerability

posted in •

CVE-2018-20857 (samlr): samlr XML nodes comment attack

posted in •

CVE-2019-14281 (datagrid): Code execution backdoor in datagrid

posted in •

CVE-2019-14282 (simple_captcha2): Code backdoor in simple_captcha2

posted in •

CVE-2019-1010191 (marginalia): SQL injection vulnerability via Marginalia::Comment

posted in •

CVE-2019-1010306 (slanger): Arbitrary command execution in slanger

posted in •

CVE-2019-13589 (paranoid2): Code backdoor in paranoid2

posted in •

CVE-2019-13574 (mini_magick): Remote command execution via filename

posted in •

CVE-2019-13354 (strong_password): strong_password Ruby gem malicious version causing Remote Code Execution vulnerability

posted in •

CVE-2019-1020001 (yard): Arbitrary path traversal and file access via `yard server`

posted in •

GHSA-xfhh-rx56-rxcr (yard): Possible arbitrary path traversal and file access via `yard server`

posted in •

CVE-2019-13146 (field_test): Arbitrary Variants Via Query Parameters

posted in •

CVE-2019-11027 (ruby-openid): ruby-openid SSRF via claimed_id request

posted in •

CVE-2019-12732 (chartkick): XSS Vulnerability in Chartkick Ruby Gem

posted in •

CVE-2019-11068 (nokogiri): Nokogiri gem, via libxslt, is affected by improper access control vulnerability

posted in •

CVE-2019-11358 (jquery-rails): Prototype pollution attack through jQuery $.extend

posted in •

CVE-2019-16060 (airbrake-ruby): Blacklist keys are no longer being filtered in airbrake-ruby

posted in •

CVE-2019-10842 (bootstrap-sass): Remote code execution in bootstrap-sass

posted in •

CVE-2019-9837 (doorkeeper-openid_connect): Doorkeeper::OpenidConnect Open Redirect

posted in •

CVE-2019-5418 (actionview): File Content Disclosure in Action View

posted in •

CVE-2019-5419 (actionview): Denial of Service Vulnerability in Action View

posted in •

CVE-2019-5420 (railties): Possible Remote Code Execution Exploit in Rails Development Mode

posted in •

CVE-2018-6517 (chloride): Improper handling of ssh known_hosts file with Chloride

posted in •

CVE-2019-8320 (rubygems-update): Delete directory using symlink when decompressing tar

posted in •

CVE-2019-8321 (rubygems-update): Escape sequence injection vulnerability in verbose

posted in •

CVE-2019-8322 (rubygems-update): Escape sequence injection vulnerability in gem owner

posted in •

CVE-2019-8323 (rubygems-update): Escape sequence injection vulnerability in api response handling

posted in •

CVE-2019-8324 (rubygems-update): Installing a malicious gem may lead to arbitrary code execution

posted in •

CVE-2019-8325 (rubygems-update): Escape sequence injection vulnerability in errors

posted in •

CVE-2019-8331 (twitter-bootstrap-rails): twitter-bootstrap-rails vulnerable to Cross-Site Scripting (XSS)

posted in •

CVE-2019-5421 (devise): Devise Gem for Ruby Time-of-check Time-of-use race condition with lockable module

posted in •

CVE-2018-20676 (bootstrap): XSS vulnerability that affects bootstrap

posted in •

CVE-2018-20677 (bootstrap): bootstrap Cross-site Scripting vulnerability

posted in •

2018

CVE-2018-16476 (activejob): Broken Access Control vulnerability in Active Job

posted in •

CVE-2018-16477 (activestorage): Bypass vulnerability in Active Storage

posted in •

CVE-2018-1000855 (easymon): Reflected XSS in Firefox in check endpoint

posted in •

CVE-2018-16470 (rack): Possible DoS vulnerability in Rack

posted in •

CVE-2018-16471 (rack): Possible XSS vulnerability in Rack

posted in •

CVE-2018-16468 (loofah): Loofah XSS Vulnerability

posted in •

CVE-2018-1000842 (fat_free_crm): fat_free_crm gem XSS vulnerability via query parameter

posted in •

CVE-2018-18476 (mysql-binuuid-rails): mysql-binuuid-rails allows SQL Injection by removing default string escaping

posted in •

CVE-2018-16395 (openssl): Incorrect value comparison in Ruby openssl

posted in •

CVE-2018-14404 (nokogiri): Nokogiri gem, via libxml2, is affected by multiple vulnerabilities

posted in •

CVE-2018-17567 (jekyll): Jekyll _config.yml privilege escalation

posted in •

CVE-2018-14643 (smart_proxy_dynflow): smart_proxy_dynflow gem authentication bypass in Foreman remote execution feature

posted in •

CVE-2018-14041 (bootstrap): Bootstrap vulnerable to Cross-Site Scripting (XSS)

posted in •

CVE-2018-14042 (bootstrap): Bootstrap Cross-site Scripting vulnerability

posted in •

CVE-2018-3779 (active-support): Malicious ruby gem - active-support

posted in •

CVE-2018-3777 (restforce): Insufficient URI encoding in restforce

posted in •

CVE-2018-1000211 (doorkeeper): Doorkeeper gem does not revoke token for public clients

posted in •

CVE-2018-14040 (bootstrap): XSS vulnerabilities via data-parent, data-target, data-container in bootstrap

posted in •

CVE-2018-1000201 (ffi): ruby-ffi DDL loading issue on Windows OS

posted in •

CVE-2018-3760 (sprockets): Path Traversal in Sprockets

posted in •

CVE-2018-1000544 (rubyzip): Directory Traversal in rubyzip

posted in •

CVE-2018-12026 (passenger): SpawningKit exploits

posted in •

CVE-2018-12027 (passenger): Insecure Permissions in Phusion Passenger

posted in •

CVE-2018-12028 (passenger): Incorrect Access Control in Phusion Passenger

posted in •

CVE-2018-12029 (passenger): CHMOD race vulnerability

posted in •

CVE-2018-11627 (sinatra): XSS via the 400 Bad Request page

posted in •

CVE-2018-3769 (grape): ruby-grape Gem has XSS via "format" parameter

posted in •

CVE-2018-3759 (private_address_check): private_address_check Ruby Gem Time-of-check Time-of-use race condition

posted in •

CVE-2018-1000539 (json-jwt): Auth tag forgery vulnerability with AES-GCM encrypted JWT

posted in •

CVE-2019-3881 (bundler): Insecure path handling in Bundler

posted in •

CVE-2017-18258 (nokogiri): Moderate severity vulnerability that affects nokogiri

posted in •

CVE-2018-8048 (nokogiri): Revert libxml2 behavior in Nokogiri gem that could cause XSS

posted in •

CVE-2018-3741 (rails-html-sanitizer): XSS vulnerability in rails-html-sanitizer

posted in •

CVE-2018-3740 (sanitize): HTML injection/XSS in Sanitize

posted in •

CVE-2018-8048 (loofah): Loofah XSS Vulnerability

posted in •

CVE-2018-1000119 (rack-protection): rack-protection gem timing attack vulnerability when validating CSRF token

posted in •

CVE-2017-11428 (ruby-saml): Authentication bypass via incorrect XML canonicalization and DOM traversal

posted in •

CVE-2017-11430 (omniauth-saml): omniauth-saml authentication bypass via incorrect XML canonicalization and DOM traversal

posted in •

CVE-2018-1000088 (doorkeeper): Doorkeeper gem has stored XSS on authorization consent view

posted in •

CVE-2018-7261 (radiant): Multiple persistent XSS vulnerabilities in Radiant CMS

posted in •

CVE-2018-7212 (rack-protection): Path traversal is possible via backslash characters on Windows.

posted in •

CVE-2017-15412 (nokogiri): Nokogiri gem, via libxml, is affected by DoS vulnerabilities

posted in •

CVE-2017-16932 (nokogiri): Nokogiri gem, via libxml, is affected by DoS vulnerabilities

posted in •

CVE-2017-0889 (paperclip): Paperclip ruby gem suffers from a Server-Side Request Forgery (SSRF) vulnerability in the Paperclip::UriAdapter and Paperclip::HttpUrlProxyAdapter class.

posted in •

CVE-2015-9251 (jquery-rails): Cross-Site Scripting (XSS) in jquery

posted in •

CVE-2016-10707 (jquery-rails): Denial of Service in jquery

posted in •

CVE-2017-12097 (delayed_job_web): delayed_job_web ruby gem XSS vulnerability via `queues` parameter

posted in •

CVE-2017-12098 (rails_admin): rails_admin ruby gem XSS vulnerability

posted in •

CVE-2018-7212 (sinatra): sinatra ruby gem path traversal via backslash characters on Windows

posted in •

CVE-2018-5216 (radiant): Radiant CMS 1.1.4 Markdown admin/pages/*/edit part_body_content cross site scripting

posted in •

2017

CVE-2017-17718 (net-ldap): No validation of hostname certificate in net-ldap

posted in •

CVE-2017-17042 (yard): Potential arbitrary file read vulnerability in yard server

posted in •

CVE-2014-9489 (gollum): gollum and gollum-lib allow remote authenticated users to execute arbitrary code

posted in •

CVE-2017-1000248 (redis-store): Unsafe objects can be loaded from Redis

posted in •

CVE-2017-7475 (cairo): cairo NULL pointer dereference

posted in •

CVE-2017-16792 (geminabox): Stored XSS in "geminabox" via injection in Gemspec "homepage" value

posted in •

CVE-2017-0905 (recurly): SSRF vulnerability in Recurly gem's Resource#find.

posted in •

CVE-2017-0909 (private_address_check): private_address_check Ruby Gem Blacklist Bypass privilege escalation

posted in •

CVE-2017-0904 (private_address_check): private_address_check Ruby Gem Resolv.getaddresses Server-Side Request Forgery

posted in •

CVE-2017-16516 (yajl-ruby): Flaw in yajl-ruby gem may cause a DoS

posted in •

CVE-2017-16229 (ox): ox ruby gem stack overflow in sax_parse

posted in •

CVE-2017-15928 (ox): ox ruby gem segmentation fault via parse_obj

posted in •

CVE-2006-4111 (rails): High severity vulnerability that affects rails

posted in •

CVE-2006-4112 (rails): High severity vulnerability that affects rails.

posted in •

CVE-2007-3227 (rails): Moderate severity vulnerability that affects rails

posted in •

CVE-2007-5379 (rails): Moderate severity vulnerability that affects rails

posted in •

CVE-2007-5380 (rails): Moderate severity vulnerability that affects rails

posted in •

CVE-2007-6077 (rails): Moderate severity vulnerability that affects rails

posted in •

CVE-2008-4094 (activerecord): High severity vulnerability that affects rails

posted in •

CVE-2008-5189 (rails): Moderate severity vulnerability that affects rails

posted in •

CVE-2008-7248 (actionpack): Improper Input Validation in rails

posted in •

CVE-2009-2422 (rails): High severity vulnerability that affects rails

posted in •

CVE-2009-3009 (activesupport): Moderate severity XSS vulnerability that affects rails

posted in •

CVE-2009-3086 (activesupport): actionpack and activesupport vulnerable to information leaks

posted in •

CVE-2009-3287 (thin): High severity vulnerability that affects thin

posted in •

CVE-2009-4214 (rails): Moderate severity XSS vulnerability that affects rails

posted in •

CVE-2010-3933 (activerecord): Security Vulnerability in Nested Attributes code in Ruby On Rails 2.3.9 and 3.0.0

posted in •

CVE-2010-5312 (jquery-ui-rails): Cross-site Scripting in jquery-ui

posted in •

CVE-2011-0446 (actionview): XSS vulnerabilities in the mail_to helper in rails/actionview

posted in •

CVE-2011-0447 (actionpack): CSRF Protection Bypass in Ruby on Rails

posted in •

CVE-2011-0448 (activerecord): Potential SQL Injection with limit in rails/activerecord

posted in •

CVE-2011-0449 (actionpack): Filter Problems on Case-Insensitive Filesystems in rails/actionpack

posted in •

CVE-2011-2197 (activesupport): Potential XSS Vulnerability in Ruby on Rails Applications

posted in •

CVE-2011-2929 (actionpack): Filter Skipping Vulnerability in Ruby on Rails 3.0/actionpack

posted in •

CVE-2011-2930 (activerecord): SQL Injection Vulnerability in quote_table_name in rails/activerecord

posted in •

CVE-2011-2931 (actionpack): XSS Vulnerability in strip_tags helper in rails/actionpack

posted in •

CVE-2011-2932 (activesupport): UTF-8 escaping vulnerability in rails/activesupport

posted in •

CVE-2011-3187 (actionpack): Ruby on rails 3.0.5 Remote_IP.rb Input Validation in rails/actionpack

posted in •

CVE-2011-4319 (actionpack): Cross-site Scripting vulnerability in i18n translations helper method

posted in •

CVE-2012-1989 (puppet): Arbitrary File Write Access in Puppet

posted in •

CVE-2012-2660 (actionpack): Unsafe Query Generation Risk in Ruby on Rails

posted in •

CVE-2012-2694 (actionpack): Unsafe Query Generation Risk in Ruby on Rails

posted in •

CVE-2012-2695 (activerecord): SQL Injection Vulnerability in Ruby on Rails

posted in •

CVE-2012-3408 (puppet): Agent Imprersonation in Puppet

posted in •

CVE-2012-3865 (puppet): Arbitrary file delete/D.O.S on Puppet Master

posted in •

CVE-2012-3866 (puppet): last_run_report.yaml is world readable

posted in •

CVE-2012-3867 (puppet): Insufficient input validation

posted in •

CVE-2012-6662 (jquery-ui-rails): Moderate severity vulnerability that affects jquery-ui

posted in •

CVE-2012-6684 (redcloth): RedCloth Cross-site Scripting vulnerability

posted in •

CVE-2013-1655 (puppet): Unauthenticated Remote Code Execution Vulnerability

posted in •

CVE-2013-1812 (ruby-openid): Vulnerable to XIE DoS attacks

posted in •

CVE-2013-3567 (puppet): Unauthenticated Remote Code Execution Vulnerability

posted in •

CVE-2013-4761 (puppet): Puppet `resource_type` Remote Code Execution Vulnerability

posted in •

CVE-2014-0081 (rails): Rails vulnerable to Cross-site Scripting

posted in •

CVE-2014-3248 (puppet): Moderate severity vulnerability that affects facter, hiera, mcollective-client, and puppet

posted in •

CVE-2016-7798 (openssl): Incorrect handling of initialization vector in the GCM mode in OpenSSL

posted in •

CVE-2017-0903 (rubygems-update): Unsafe Object Deserialization Vulnerability in RubyGems

posted in •

CVE-2017-9050 (nokogiri): Nokogiri gem, via libxml, is affected by DoS and RCE vulnerabilities

posted in •

CVE-2017-0899 (rubygems-update): RubyGems ANSI escape sequence vulnerability

posted in •

CVE-2017-0900 (rubygems-update): RubyGems DoS vulnerability in the query command

posted in •

CVE-2017-0901 (rubygems-update): RubyGems vulnerability in the gem installer that allowed a malicious gem to overwrite arbitrary files

posted in •

CVE-2017-0902 (rubygems-update): RubyGems DNS request hijacking vulnerability

posted in •

CVE-2017-16833 (gemirro): Stored XSS in "gemirro" via injection in Gemspec "homepage" value

posted in •

CVE-2016-1000221 (logstash-core): Logstash Logs Sensitive Information

posted in •

CVE-2017-5029 (nokogiri): Nokogiri gem contains two upstream vulnerabilities in libxslt 1.1.29

posted in •

CVE-2017-1002201 (haml): haml failure to escape single quotes

posted in •

CVE-2017-8418 (rubocop): RuboCop gem Insecure use of /tmp

posted in •

CVE-2017-7540 (safemode): Safemode Gem for Ruby is vulnerable to bypassing safe mode limitations

posted in •

CVE-2016-4658 (nokogiri): Nokogiri gem contains several vulnerabilities in libxml2 and libxslt

posted in •

CVE-2017-5946 (rubyzip): Directory traversal vulnerability in rubyzip

posted in •

CVE-2017-18076 (omniauth): omniauth leaks authenticity token in callback params

posted in •

2016

CVE-2016-10522 (rails_admin): CSRF vulnerability in rails_admin

posted in •

CVE-2016-10345 (passenger): Predictable tmp File Path Vulnerability in Phusion Passenger

posted in •

CVE-2016-7954 (bundler): Allows an attacker to inject arbitrary code into your application via any secondary Gem source declared in your Gemfile

posted in •

CVE-2016-7103 (jquery-ui-rails): XSS Vulnerability on closeText option of Dialog jQuery UI

posted in •

CVE-2016-10173 (minitar): Minitar Directory Traversal Vulnerability

posted in •

CVE-2016-6582 (doorkeeper): Doorkeeper gem does not revoke tokens & uses wrong auth/auth method

posted in •

CVE-2016-6316 (actionview): Possible XSS Vulnerability in Action View

posted in •

CVE-2016-6317 (activerecord): Unsafe Query Generation Risk in Active Record

posted in •

CVE-2016-10735 (bootstrap): XSS vulnerability via data-target in bootstrap

posted in •

CVE-2016-5697 (ruby-saml): XML signature wrapping attack

posted in •

CVE-2016-10362 (logstash-core): Logstash Logs Sensitive Information

posted in •

CVE-2015-8806 (nokogiri): Denial of service or RCE from libxml2 and libxslt

posted in •

CVE-2016-4442 (rack-mini-profiler): rack-mini-profiler may disclose information to unauthorized users

posted in •

CVE-2016-2785 (puppet): Puppet Improper Access Control

posted in •

CVE-2016-10194 (festivaltts4r): festivaltts4r Gem for Ruby Arbitrary Command Execution

posted in •

CVE-2016-3693 (safemode): Safemode Gem for Ruby is vulnerable to information disclosure

posted in •

CVE-2016-10193 (espeak-ruby): espeak-ruby Gem for Ruby Arbitrary Command Execution

posted in •

CVE-2016-3098 (administrate): Cross-site request forgery (CSRF) vulnerability in administrate gem

posted in •

CVE-2016-2097 (actionview): Possible Information Leak Vulnerability in Action View

posted in •

CVE-2016-2098 (actionpack): Possible remote code execution vulnerability in Action Pack

posted in •

CVE-2015-7576 (actionpack): Timing attack vulnerability in basic authentication in Action Controller.

posted in •

CVE-2015-7577 (activerecord): Nested attributes rejection proc bypass in Active Record

posted in •

CVE-2015-7578 (rails-html-sanitizer): Possible XSS vulnerability in rails-html-sanitizer

posted in •

CVE-2015-7579 (rails-html-sanitizer): XSS vulnerability in rails-html-sanitizer

posted in •

CVE-2015-7580 (rails-html-sanitizer): Possible XSS vulnerability in rails-html-sanitizer

posted in •

CVE-2015-7581 (actionpack): Object leak vulnerability for wildcard controller routes in Action Pack

posted in •

CVE-2016-0751 (actionpack): Possible Object Leak and Denial of Service attack in Action Pack

posted in •

CVE-2016-0752 (actionview): Possible Information Leak Vulnerability in Action View

posted in •

CVE-2016-0753 (activemodel): Possible Input Validation Circumvention in Active Model

posted in •

CVE-2015-7499 (nokogiri): Nokogiri gem contains a heap-based buffer overflow vulnerability in libxml2

posted in •

CVE-2015-8314 (devise): Devise Gem for Ruby Unauthorized Access Using Remember Me Cookie

posted in •

CVE-2015-7565 (ember-source): Ember.js XSS Vulnerability with User-Supplied JSON

posted in •

CVE-2017-1000043 (mapbox-rails): mapbox-rails Content Injection via TileJSON Name

posted in •

OSVDB-132871 (mapbox-rails): mapbox-rails Content Injection via TileJSON Name

posted in •

OSVDB-132800 (auto_select2): auto_select2 Gem for Ruby allows arbitrary search execution

posted in •

CVE-2015-7541 (colorscore): colorscore Gem for Ruby lib/colorscore/histogram.rb Arbitrary Command Injection

posted in •

2015

OSVDB-132234 (rack-attack): rack-attack Gem for Ruby missing normalization before request path processing

posted in •

CVE-2015-5312 (nokogiri): Nokogiri gem contains several vulnerabilities in libxml2

posted in •

CVE-2015-8969 (git-fastclone): git-fastclone Shell Metacharacter Injection Arbitrary Command Execution

posted in •

CVE-2015-8968 (git-fastclone): git-fastclone permits arbitrary shell command execution from .gitmodules

posted in •

CVE-2015-9097 (mail): CVE-2015-9097 rubygem-mail: SMTP injection via recipient email addresses

posted in •

CVE-2015-7519 (passenger): Phusion Passenger Server allows to overwrite headers in some cases

posted in •

OSVDB-131671 (mustache-js-rails): mustache.js - quoteless attributes in templates can lead to XSS

posted in •

CVE-2017-1000042 (mapbox-rails): mapbox-rails Content Injection via TileJSON attribute

posted in •

OSVDB-129854 (mapbox-rails): mapbox-rails Content Injection via TileJSON attribute

posted in •

CVE-2015-7314 (gollum): gollum Upload File Functionality Permits Arbitrary File Access

posted in •

CVE-2015-7225 (devise-two-factor): devise-two-factor 1.1.0 and earlier vulnerable to replay attacks

posted in •

OSVDB-131671 (handlebars-source): handlebars.js - quoteless attributes in templates can lead to XSS

posted in •

CVE-2015-5619 (logstash-core): Logstash: Man-In-The Middle attack

posted in •

OSVDB-125699 (spree): Spree RABL templates rendering allows Arbitrary Code Execution and File Disclosure

posted in •

CVE-2015-5378 (logstash-core): Logstash: SSL/TLS FREAK Attack

posted in •

CVE-2015-8857 (uglifier): uglifier incorrectly handles non-boolean comparisons during minification

posted in •

OSVDB-126747 (uglifier): uglifier incorrectly handles non-boolean comparisons during minification

posted in •

OSVDB-125701 (spree): Spree RABL templates rendering allows Arbitrary Code Execution and File Disclosure

posted in •

OSVDB-126331 (sidekiq-pro): Sidekiq Pro Gem for Ruby CSRF in Job Filtering

posted in •

CVE-2017-11173 (rack-cors): rack-cors Gem Missing Anchor permits unauthorized CORS requests

posted in •

OSVDB-125675 (sidekiq): Sidekiq Gem for Ruby Multiple Unspecified CSRF

posted in •

OSVDB-124383 (ruby-saml): Ruby-Saml Gem is vulnerable to entity expansion attacks

posted in •

CVE-2015-5147 (redcarpet): redcarpet Gem for Ruby html.c header_anchor() Function Stack Overflow

posted in •

CVE-2015-1840 (jquery-ujs): CSRF Vulnerability in jquery-ujs

posted in •

CVE-2015-3224 (web-console): IP whitelist bypass in Web Console

posted in •

CVE-2015-3225 (rack): Potential Denial of Service Vulnerability in Rack

posted in •

CVE-2015-3226 (activesupport): XSS Vulnerability in ActiveSupport::JSON.encode

posted in •

CVE-2015-3227 (activesupport): Possible Denial of Service attack in Active Support

posted in •

CVE-2015-4619 (spina): Cross-site request forgery (CSRF) vulnerability in Spina gem

posted in •

CVE-2015-4020 (rubygems-update): RubyGems remote_fetcher.rb api_endpoint() Function Missing SRV Record Hostname Validation Request Hijacking

posted in •

CVE-2015-2963 (paperclip): Paperclip Gem for Ruby vulnerable to content type spoofing

posted in •

CVE-2015-4410 (moped): Data Injection Vulnerability in moped Rubygem

posted in •

CVE-2015-4412 (bson): Data Injection Vulnerability in bson Rubygem

posted in •

OSVDB-125676 (sidekiq): Sidekiq Gem for Ruby web/views/queue.erb Element Reflected XSS

posted in •

CVE-2015-9284 (omniauth): CSRF vulnerability in OmniAuth's request phase

posted in •

CVE-2015-3900 (rubygems-update): CVE-2015-3900 rubygems: DNS hijacking vulnerability in api_endpoint()

posted in •

OSVDB-126329 (sidekiq-pro): Sidekiq Pro Gem for Ruby web/views/batch.erb Class and ErrorMessage Elements Reflected XSS

posted in •

CVE-2015-3649 (open-uri-cached): open-uri-cached Gem for Ruby Unsafe Temporary File Creation Local Privilege Escalation

posted in •

CVE-2015-20108 (ruby-saml): ruby-saml gem is vulnerable to XPath injection

posted in •

CVE-2015-3448 (rest-client): rest-client ruby gem logs sensitive information

posted in •

OSVDB-124991 (ruby-saml): Ruby-Saml Gem is vulnerable to XPath Injection

posted in •

OSVDB-125678 (sidekiq): Sidekiq Gem for Ruby web/views/queue.erb msg.display_class Element XSS

posted in •

OSVDB-120857 (refile): refile Gem for Ruby contains a remote code execution vulnerability

posted in •

CVE-2015-1819 (nokogiri): Nokogiri gem contains several vulnerabilities in libxml2 and libxslt

posted in •

CVE-2015-1866 (ember-source): Ember.js XSS Vulnerability With {{view "select"}} Options

posted in •

OSVDB-120415 (redcarpet): redcarpet Gem for Ruby markdown.c parse_inline() Function XSS

posted in •

CVE-2015-1820 (rest-client): CVE-2015-1820 rubygem-rest-client: session fixation vulnerability Set-Cookie headers present in an HTTP 30x redirection responses

posted in •

CVE-2015-1828 (http): HTTPS MitM vulnerability in http.rb

posted in •

OSVDB-119205 (spree): Spree API Information Disclosure CSRF

posted in •

CVE-2015-2179 (xaviershay-dm-rails): xaviershay-dm-rails Gem for Ruby exposes sensitive information via the process table

posted in •

CVE-2015-1585 (fat_free_crm): Fat Free CRM Gem being vulnerable to CSRF-type attacks

posted in •

CVE-2015-1426 (facter): Puppet Labs Facter allows local users to obtains sensitive Amazon EC2 IAM instance metadata by reading a fact for an Amazon EC2 node.

posted in •

OSVDB-118830 (doorkeeper): Doorkeeper Gem for Ruby stores sensitive information in production logs

posted in •

OSVDB-117903 (ruby-saml): Ruby-Saml Gem is vulnerable to arbitrary code execution

posted in •

2014

CVE-2014-8144 (doorkeeper): Cross-site request forgery (CSRF) vulnerability in doorkeeper 1.4.0 and earlier.

posted in •

CVE-2014-9490 (sentry-raven): sentry-raven Gem for Ruby contains a flaw that can result in a denial of service

posted in •

CVE-2014-9489 (gollum-grit_adapter): gollum-grit_adapter Search Functionality Allows Arbitrary Command Execution

posted in •

CVE-2014-7829 (actionpack): Arbitrary file existence disclosure in Action Pack

posted in •

CVE-2014-7818 (actionpack): Arbitrary file existence disclosure in Action Pack

posted in •

CVE-2014-7819 (sprockets): CVE-2014-7819 rubygem-sprockets: arbitrary file existence disclosure

posted in •

OSVDB-126330 (sidekiq-pro): Sidekiq Pro Gem for Ruby web/views/batch{,es}.erb Description Element XSS

posted in •

OSVDB-112346 (web-console): Web Console Gem for Ruby contains an unspecified flaw

posted in •

CVE-2014-10077 (i18n): i18n Gem for Ruby lib/i18n/core_ext/hash.rb Hash#slice() Function Hash Handling DoS

posted in •

OSVDB-112683 (as): as Gem for Ruby Process List Local Plaintext Credentials Disclosure

posted in •

OSVDB-110796 (flavour_saver): FlavourSaver handlebars helper remote code execution.

posted in •

OSVDB-110439 (dragonfly): Dragonfly Gem for Ruby Image Uploading & Processing Remote Command Execution

posted in •

CVE-2014-5441 (fat_free_crm): Fat Free CRM Gem contains a javascript cross-site scripting (XSS) vulnerability

posted in •

CVE-2014-3514 (activerecord): Data Injection Vulnerability in Active Record

posted in •

CVE-2013-0334 (bundler): CVE-2013-0334 rubygem-bundler: 'bundle install' may install a gem from a source other than expected

posted in •

CVE-2014-5004 (brbackup): brbackup Gem for Ruby Process List Local Plaintext Password Disclosure

posted in •

OSVDB-108899 (brbackup): brbackup Gem for Ruby /lib/brbackup.rb name Parameter SQL Injection

posted in •

OSVDB-108900 (brbackup): brbackup Gem for Ruby dbuser Variable Shell Metacharacter Injection Remote Command Execution

posted in •

CVE-2014-3482 (activerecord): CVE-2014-3482 rubygem-activerecord: SQL injection vulnerability in 'bitstring' quoting

posted in •

CVE-2014-3483 (activerecord): CVE-2014-3483 rubygem-activerecord: SQL injection vulnerability in 'range' quoting

posted in •

CVE-2014-10075 (karo): karo Gem for Ruby db.rb Metacharacter Handling Remote Command Execution

posted in •

CVE-2014-4991 (codders-dataset): codders-dataset Gem for Ruby lib/dataset/database/mysql.rb and lib/dataset/database/postgresql.rb Process Table Local Plaintext Credential Disclosure

posted in •

CVE-2014-4992 (cap-strap): cap-strap Gem for Ruby Process Table Local Plaintext Credential Disclosure

posted in •

CVE-2014-4993 (backup_checksum): backup_checksum Gem for Ruby /lib/backup/cli/utility.rb Process List Local Plaintext Password Disclosure

posted in •

CVE-2014-4994 (gyazo): gyazo Gem for Ruby client.rb Metacharacter Handling Remote Command Execution

posted in •

CVE-2014-4995 (VladTheEnterprising): VladTheEnterprising Gem for Ruby /tmp/my.cnf.#{target_host} Symlink Multiple Impact

posted in •

CVE-2014-4996 (VladTheEnterprising): VladTheEnterprising Gem for Ruby /tmp/my.cnf.#{target_host} Symlink Multiple Impact

posted in •

CVE-2014-4997 (point-cli): point-cli Gem for Ruby /lib/commands/setup.rb Process Table Local Plaintext Credential Disclosure

posted in •

CVE-2014-4998 (lean-ruport): lean-ruport Gem for Ruby /test/tc_database.rb Process Table Local Plaintext MySQL Password Disclosure

posted in •

CVE-2014-4999 (kajam): kajam Gem for Ruby /dataset/lib/dataset/database/postgresql.rb Process List Local Plaintext Password Disclosure

posted in •

CVE-2014-5000 (lawn-login): lawn-login Gem for Ruby /lib/lawn.rb Process Table Local Plaintext Password Disclosure

posted in •

CVE-2014-5001 (kcapifony): kcapifony Gem for Ruby /lib/ksymfony1.rb Process List Local Plaintext Password Disclosure

posted in •

CVE-2014-5002 (lynx): lynx Gem for Ruby command/basic.rb Process Table Local Plaintext Password Disclosure

posted in •

CVE-2014-5003 (ciborg): ciborg Gem for Ruby default.rb /tmp/perlbrew-installer Local Symlink File Overwrite

posted in •

OSVDB-108530 (kajam): kajam Gem for Ruby /dataset/lib/dataset/database/postgresql.rb Metacharacter Handling Remote Command Execution

posted in •

OSVDB-108570 (backup_checksum): backup_checksum Gem for Ruby /lib/backup/cli/utility.rb Metacharacter Handling Remote Command Execution

posted in •

OSVDB-108572 (kcapifony): kcapifony Gem for Ruby /lib/ksymfony1.rb Metacharacter Handling Remote Command Execution

posted in •

OSVDB-108573 (karo): karo Gem for Ruby db.rb Metacharacter Handling Remote Command Execution

posted in •

OSVDB-108575 (cap-strap): cap-strap Gem for Ruby Hardcoded Password Crypt Hash Salt Weakness

posted in •

OSVDB-108579 (lynx): lynx Gem for Ruby lib/lynx/pipe/run.rb Remote Command Execution

posted in •

OSVDB-108585 (lingq): lingq Gem for Ruby client.rb Metacharacter Handling Remote Command Execution

posted in •

OSVDB-108593 (kompanee-recipes): kompanee-recipes Gem for Ruby /lib/kompanee-recipes/heroku.rb Multiple Variable Handling Remote Command Execution Weakness

posted in •

OSVDB-108594 (gnms): gnms Gem for Ruby /lib/cmd_parse.rb ip Variable Shell Metacharacter Handling Remote Command Injection

posted in •

OSVDB-107783 (screen_capture): Screen Capture Gem for Ruby screen_capture.rb URL Handling Arbitrary Command Execution

posted in •

CVE-2014-0130 (actionpack): Directory Traversal Vulnerability With Certain Route Configurations

posted in •

OSVDB-118481 (nokogiri): Nokogiri Gem for JRuby XML Document Root Element Handling Memory Consumption Remote DoS

posted in •

OSVDB-106279 (jruby-sandbox): jruby-sandbox Java Class Importation Sandbox Bypass

posted in •

CVE-2014-2888 (sfpagent): sfpagent Gem for Ruby JSON[body] Module Name Remote Command Execution

posted in •

CVE-2014-0156 (awesome_spawn): OS command injection flaw in awesome_spawn

posted in •

CVE-2014-4920 (twitter-bootstrap-rails): Reflective XSS Vulnerability in twitter-bootstrap-rails

posted in •

CVE-2014-0135 (kafo): CVE-2014-0135 rubygem-kafo: temporary file creation vulnerability when creating /tmp/default_values.yaml

posted in •

CVE-2014-2322 (Arabic-Prawn): Arabic Prawn Gem for Ruby lib/string_utf_support.rb User Input Handling Remote Command Injection

posted in •

CVE-2014-0036 (rbovirt): CVE-2014-0036 rubygem-rbovirt: unsafe use of rest-client

posted in •

CVE-2014-0080 (activerecord): CVE-2014-0080 rubygem-activerecord: PostgreSQL array data injection vulnerability

posted in •

CVE-2014-0081 (actionpack): CVE-2014-0081 rubygem-actionpack: number_to_currency, number_to_percentage and number_to_human XSS vulnerability

posted in •

CVE-2014-0082 (actionpack): CVE-2014-0082 rubygem-actionpack: Action View string handling denial of service

posted in •

CVE-2014-0083 (net-ldap): CVE-2014-0083 rubygem-net-ldap: SSHA passwords generated by the net-ldap Ruby gem use a weak salt

posted in •

CVE-2014-0046 (ember-source): Ember.js XSS Vulnerability With {{link-to}} Helper in Non-block Form

posted in •

OSVDB-103151 (paperclip): Paperclip: Access Restriction Bypass

posted in •

CVE-2014-1832 (passenger): CVE-2014-1831 CVE-2014-1832 rubygem-passenger: insecure use of temporary files

posted in •

CVE-2014-1831 (passenger): CVE-2014-1831 CVE-2014-1832 rubygem-passenger: insecure use of temporary files

posted in •

CVE-2014-0013 (ember-source): Ember.js Potential XSS Exploit With User-Supplied Data When Binding Primitive Values

posted in •

CVE-2014-0014 (ember-source): Ember.js Potential XSS Exploit With User-Supplied Data When Using {{group}} Helper

posted in •

CVE-2014-1834 (echor): echor Gem for Ruby backplane.rb perform_request Function Arbitrary Command Execution

posted in •

CVE-2014-1835 (echor): echor Gem for Ruby Process Listing Local Plaintext Credential Disclosure

posted in •

CVE-2014-1234 (paratrooper-newrelic): Paratrooper-newrelic Gem for Ruby Process Listing API Key Local Disclosure

posted in •

2013

OSVDB-101577 (flukso4r): flukso4r Gem for Ruby /lib/flukso/R.rb Arbitrary Command Execution

posted in •

CVE-2014-1233 (paratrooper-pingdom): paratrooper-pingdom Gem for Ruby /lib/paratrooper-pingdom.rb API Login Credentials Local Disclosure

posted in •

CVE-2013-7222 (fat_free_crm): Fat Free CRM Gem for Ruby lack of support for cycling the Rails session secret

posted in •

CVE-2013-7223 (fat_free_crm): Fat Free CRM Gem for Ruby contains multiple cross-site request forgery (CSRF) vulnerabilities

posted in •

CVE-2013-7224 (fat_free_crm): Fat Free CRM Gem for Ruby allows remote attackers to obtain sensitive informations

posted in •

CVE-2013-7225 (fat_free_crm): Fat Free CRM Gem for Ruby allows remote attackers to inject or manipulate SQL queries

posted in •

CVE-2013-7249 (fat_free_crm): Fat Free CRM Gem for Ruby allows remote attackers to obtain sensitive informations

posted in •

CVE-2013-6460 (nokogiri): CVE-2013-6460 rubygem-nokogiri: DoS while parsing XML documents

posted in •

CVE-2013-6461 (nokogiri): CVE-2013-6461 rubygem-nokogiri: DoS while parsing XML entities

posted in •

CVE-2013-7111 (bio-basespace-sdk): Bio Basespace SDK Gem for Ruby Command Line API Key Disclosure

posted in •

CVE-2013-7086 (webbynode): Webbynode Gem for Ruby notify.rb growlnotify Message Handling Arbitrary Command Execution

posted in •

CVE-2013-4491 (actionpack): Reflective XSS Vulnerability in Ruby on Rails

posted in •

CVE-2013-4492 (i18n): i18n missing translation error message XSS

posted in •

CVE-2013-6414 (actionpack): Denial of Service Vulnerability in Action View

posted in •

CVE-2013-6415 (actionpack): XSS Vulnerability in number_to_currency

posted in •

CVE-2013-6416 (actionpack): XSS Vulnerability in simple_format helper

posted in •

CVE-2013-6417 (actionpack): Incomplete fix to CVE-2013-0155 (Unsafe Query Generation Risk)

posted in •

CVE-2013-6421 (sprout): sprout Gem for Ruby archive_unpacker.rb unpack_zip() Function Multiple Parameter Arbitrary Code Execution

posted in •

CVE-2013-4593 (omniauth-facebook): omniauth-facebook Gem for Ruby Insecure Access Token Handling Authentication Bypass

posted in •

CVE-2013-4562 (omniauth-facebook): omniauth-facebook Gem for Ruby Unspecified CSRF

posted in •

CVE-2013-4489 (gitlab-grit): GitLab Grit Gem for Ruby contains a flaw

posted in •

CVE-2013-4478 (sup): Sup wrongly handled the filename of attachments

posted in •

CVE-2013-4479 (sup): Sup did not sanitize the content-type of attachments

posted in •

CVE-2013-4457 (cocaine): Cocaine Gem for Ruby contains a flaw

posted in •

CVE-2013-4389 (actionmailer): CVE-2013-4389 rubygem-actionmailer: email address processing DoS

posted in •

CVE-2013-4413 (wicked): Wicked Gem for Ruby contains a flaw

posted in •

CVE-2013-7463 (aescrypt): Vulnerability in aescrypt because IV is not randomized

posted in •

CVE-2013-4363 (rubygems-update): CVE-2013-4363 rubygems: version regex algorithmic complexity vulnerability, incomplete CVE-2013-4287 fix

posted in •

CVE-2013-6459 (will_paginate): CVE-2013-6459 rubygem-will_paginate: XSS vulnerabilities

posted in •

CVE-2013-4287 (rubygems-update): CVE-2013-4287 rubygems: version regex algorithmic complexity vulnerability

posted in •

CVE-2013-5671 (fog-dragonfly): fog-dragonfly Gem for Ruby imagemagickutils.rb Remote Command Execution

posted in •

CVE-2013-4318 (features): Features Gem for Ruby /tmp/out.html Local XSS

posted in •

CVE-2013-5647 (sounder): Sounder Gem for Ruby File Name Handling Arbitrary Command Execution

posted in •

OSVDB-96425 (redis-namespace): redis-namespace Gem for Ruby contains a flaw in the method_missing implementation

posted in •

CVE-2013-4203 (rgpg): rgpg Gem for Ruby lib/rgpg/gpg_helper.rb Remote Command Execution

posted in •

OSVDB-114435 (devise): CSRF token fixation attacks in Devise

posted in •

CVE-2013-4170 (ember-source): Ember.js Potential XSS Exploit When Binding `tagName` to User-Supplied Data

posted in •

CVE-2014-2538 (rack-ssl): CVE-2014-2538 rubygem rack-ssl: URL error display XSS

posted in •

OSVDB-94679 (enum_column3): enum_column3 Gem for Ruby Symbol Creation Remote DoS

posted in •

CVE-2013-4136 (passenger): CVE-2013-4136 rubygem-passenger: insecure temporary directory usage due toreuse of existing server instance directories

posted in •

CVE-2013-2119 (passenger): CVE-2013-2119 rubygem-passenger: incorrect temporary file usage

posted in •

CVE-2013-2105 (show_in_browser): Show In Browser Gem for Ruby /tmp/browser.html Arbitrary Script Injection

posted in •

CVE-2013-2090 (cremefraiche): Creme Fraiche Gem for Ruby File Name Shell Metacharacter Injection Arbitrary Command Execution

posted in •

CVE-2013-1948 (md2pdf): md2pdf Gem for Ruby md2pdf/converter.rb File Name Shell Metacharacter Injection Arbitrary Command Execution

posted in •

CVE-2013-1933 (karteek-docsplit): Karteek Docsplit Gem for Ruby text_extractor.rb File Name Shell Metacharacter Injection Arbitrary Command Execution

posted in •

CVE-2013-1947 (kelredd-pruview): kelredd-pruview Gem for Ruby /lib/pruview/document.rb File Name Shell Metacharacter Injection Arbitrary Command Execution

posted in •

CVE-2013-1911 (ldoce): ldoce Gem for Ruby MP3 URL Shell Metacharacter Injection Arbitrary Command Execution

posted in •

CVE-2013-1898 (thumbshooter): Thumbshooter Gem for Ruby thumbshooter.rb URL Shell Metacharacter Injection Arbitrary Command Execution

posted in •

CVE-2013-1854 (activerecord): CVE-2013-1854 rubygem-activerecord: attribute_dos Symbol DoS vulnerability

posted in •

CVE-2013-1855 (actionpack): CVE-2013-1855 rubygem-actionpack: css_sanitization: XSS vulnerability in sanitize_css

posted in •

CVE-2013-1856 (activesupport): XML Parsing Vulnerability affecting JRuby users

posted in •

CVE-2013-1857 (actionpack): CVE-2013-1857 rubygem-actionpack: sanitize_protocol: XSS Vulnerability in the helper of Ruby on Rails

posted in •

CVE-2013-1875 (command_wrap): command_wrap Gem for Ruby URI Handling Arbitrary Command Injection

posted in •

CVE-2013-2615 (fastreader): fastreader Gem for Ruby URI Handling Arbitrary Command Injection

posted in •

CVE-2013-2616 (mini_magick): MiniMagick Gem for Ruby URI Handling Arbitrary Command Injection

posted in •

CVE-2013-2617 (curl): CVE-2013-2617 rubygem-curl: insufficient URL escaping command injection

posted in •

CVE-2013-2513 (flash_tool): flash_tool Gem for Ruby File Download Handling Arbitrary Command Execution

posted in •

CVE-2013-2512 (ftpd): ftpd Gem for Ruby Shell Character Handling Remote Command Injection

posted in •

CVE-2013-2516 (fileutils): fileutils Gem for Ruby file_utils.rb Crafted URL Handling Remote Command Execution

posted in •

OSVDB-114854 (activerecord-jdbc-adapter): ActiveRecord-JDBC-Adapter (AR-JDBC) lib/arjdbc/jdbc/adapter.rb sql.gsub() Function SQL Injection

posted in •

CVE-2013-0162 (ruby_parser): CVE-2013-0162 rubygem-ruby_parser: incorrect temporary file usage

posted in •

CVE-2013-1607 (pdfkit): PDFKit Gem for Ruby PDF File Generation Parameter Handling Remote Code Execution

posted in •

CVE-2013-1656 (spree): Spree controller Parameter Arbitrary Ruby Object Instantiation Command Execution

posted in •

CVE-2013-2506 (spree_auth_devise): Spree app/models/spree/user.rb Mass Role Assignment Remote Privilege Escalation

posted in •

CVE-2013-1756 (fog-dragonfly): Dragonfly Gem for Ruby Crafted Request Parsing Remote Code Execution

posted in •

CVE-2013-0269 (json): CVE-2013-0269 rubygem-json: Denial of Service and SQL Injection

posted in •

OSVDB-115090 (bundler): Bundler Gem for Ruby Missing SSL Certificate Validation MitM Spoofing

posted in •

OSVDB-115091 (bundler): Bundler Gem for Ruby Redirection Remote HTTP Basic Authentication Credential Disclosure

posted in •

CVE-2013-0276 (activerecord): CVE-2013-0276 rubygem-activerecord/rubygem-activemodel: circumvention of attr_protected

posted in •

CVE-2013-0277 (activerecord): CVE-2013-0277 rubygem-activerecord: Serialized Attributes YAML Vulnerability with Rails 2.3 and 3.0

posted in •

CVE-2013-0262 (rack): CVE-2013-0262 rubygem-rack: Path sanitization information disclosure

posted in •

CVE-2013-0263 (rack): CVE-2013-0263 rubygem-rack: Timing attack in cookie sessions

posted in •

CVE-2013-0256 (rdoc): CVE-2013-0256 rubygem-rdoc: Cross-site scripting in the documentation created by Darkfish Rdoc HTML generator / template

posted in •

CVE-2013-0233 (devise): Devise Database Type Conversion Crafted Request Parsing Security Bypass

posted in •

CVE-2013-0333 (activesupport): CVE-2013-0333 rubygem-activesupport: json to yaml parsing

posted in •

CVE-2013-1801 (httparty): httparty Gem for Ruby Type Casting Parameter Parsing Remote Code Execution

posted in •

CVE-2013-0184 (rack): CVE-2013-0184 rubygem-rack: Rack::Auth::AbstractRequest DoS

posted in •

CVE-2013-0175 (multi_xml): multi_xml Gem for Ruby XML Parameter Parsing Remote Command Execution

posted in •

CVE-2013-0285 (nori): Ruby Gem nori Parameter Parsing Remote Code Execution

posted in •

CVE-2013-1800 (crack): CVE-2013-1800 rubygem-crack: YAML parameter parsing vulnerability

posted in •

CVE-2013-0155 (activerecord): CVE-2013-0155 rubygem-actionpack, rubygem-activerecord: Unsafe Query Generation Risk in Ruby on Rails

posted in •

CVE-2013-0156 (actionpack): CVE-2013-0156 rubygem-activesupport: Multiple vulnerabilities in parameter parsing in ActionPack

posted in •

CVE-2013-1802 (extlib): extlib Gem for Ruby Type Casting Parameter Parsing Remote Code Execution

posted in •

CVE-2013-0183 (rack): CVE-2013-0183 rubygem-rack: receiving excessively long lines triggers out-of-memory error

posted in •

2012

CVE-2012-6496 (activerecord): Ruby on Rails find_by_* Methods Authlogic SQL Injection Bypass

posted in •

CVE-2012-6497 (authlogic): Ruby on Rails Authlogic Gem secret_token.rb Known secret_token Value Weakness

posted in •

CVE-2013-0284 (newrelic_rpm): Ruby on Rails newrelic_rpm Gem Discloses Sensitive Information

posted in •

CVE-2012-5604 (ldap_fluff): CVE-2012-5604 rubygem-ldap_fluff: CloudForms authentication bypass when handling anonymous LDAP bind

posted in •

CVE-2012-2125 (rubygems-update): CVE-2012-2125 CVE-2012-2126 rubygems: Two security fixes in v1.8.23

posted in •

CVE-2012-6134 (omniauth-oauth2): Ruby on Rails omniauth-oauth2 Gem CSRF vulnerability

posted in •

OSVDB-90945 (loofah): Loofah HTML and XSS injection vulnerability

posted in •

CVE-2012-3463 (actionpack): CVE-2012-3463 rubygem-actionpack: potential XSS vulnerability in select_tag prompt

posted in •

CVE-2012-3464 (activesupport): CVE-2012-3464 rubygem-actionpack: potential XSS vulnerability

posted in •

CVE-2012-3465 (actionpack): CVE-2012-3465 rubygem-actionpack: XSS Vulnerability in strip_tags

posted in •

CVE-2010-5142 (chef): Chef Improper Access Control Vulnerability

posted in •

CVE-2012-3424 (actionpack): CVE-2012-3424 rubygem-actionpack: DoS vulnerability in authenticate_or_request_with_http_digest

posted in •

OSVDB-125712 (spree): Product Scopes could allow for unauthenticated remote command execution

posted in •

OSVDB-125713 (spree): Potential XSS vulnerability related to the analytics dashboard

posted in •

CVE-2012-6685 (nokogiri): CVE-2012-6685 rubygem-nokogiri: XML eXternal Entity (XXE) flaw

posted in •

CVE-2012-2671 (rack-cache): rack-cache Rubygem Sensitive HTTP Header Caching Weakness

posted in •

CVE-2012-2660 (activerecord): CVE-2012-2660 rubygem-actionpack: Unsafe query generation

posted in •

CVE-2012-2661 (activerecord): CVE-2012-2661 rubygem-activerecord: SQL injection when processing nested query paramaters

posted in •

CVE-2012-1053 (puppet): Puppet Privilege Escallation

posted in •

CVE-2012-1906 (puppet): Puppet uses predictable filenames, allowing arbitrary file overwrite

posted in •

OSVDB-96396 (activemodel): Don't allow confirmation to pass if confirmation value is nil and doesn't match value.

posted in •

CVE-2012-6109 (rack): CVE-2012-6109 rubygem-rack: parsing Content-Disposition header DoS

posted in •

CVE-2012-2126 (rubygems-update): CVE-2012-2125 CVE-2012-2126 rubygems: Two security fixes in v1.8.23

posted in •

CVE-2012-2139 (mail): CVE-2012-2139 rubygem-mail: directory traversal

posted in •

CVE-2012-2140 (mail): CVE-2012-2140 rubygem-mail: arbitrary command execution when using exim or sendmail from commandline

posted in •

CVE-2012-1098 (activesupport): CVE-2012-1098 rubygem-activesupport: XSS in SafeBuffer#[] (unescaped safe buffers can be marked as safe)

posted in •

CVE-2012-1099 (actionpack): CVE-2012-1099 rubygem-actionpack: XSS in the "select" helper

posted in •

CVE-2012-6684 (RedCloth): CVE-2012-6684 rubygem-RedCloth: XSS vulnerability

posted in •

CVE-2012-6135 (passenger): Phusion Passenger Gem for Ruby Arbitrary File Deletion

posted in •

2011

CVE-2011-5036 (rack): CVE-2011-5036 rubygem-rack: hash table collisions DoS (oCERT-2011-003)

posted in •

CVE-2011-4319 (actionpack): XSS vulnerability in the translate helper method in Ruby on Rails

posted in •

CVE-2011-3870 (puppet): Puppet allows local users to modify the permissions of arbitrary files

posted in •

CVE-2011-3871 (puppet): Puppet uses predictable filenames, allowing arbitrary file overwrite

posted in •

OSVDB-76011 (spree): Spree Search ProductScope Class search[send][] Parameter Arbitrary Command Execution

posted in •

OSVDB-115917 (bundler): Bundler Gem for Ruby install Command Process Listing Local Plaintext Credential Disclosure

posted in •

CVE-2011-4969 (jquery-rails): jQuery vulnerable to Cross-Site Scripting (XSS)

posted in •

OSVDB-97854 (fog-dragonfly): Dragonfly Gem for Ruby on Windows Shell Escaping Weakness

posted in •

CVE-2011-3186 (actionpack): Response Splitting Vulnerability in Ruby on Rails

posted in •

CVE-2011-0995 (sqlite3-ruby): rubygem-sqlite3 gem uses weak file permissions

posted in •

OSVDB-73751 (spree): Spree Content Controller Unspecified Arbitrary File Disclosure

posted in •

CVE-2011-0739 (mail): Mail Gem for Ruby lib/mail/network/delivery_methods/sendmail.rb Email From: Address Arbitrary Shell Command Injection

posted in •

OSVDB-106954 (quick_magick): quick_magick Gem for Ruby QuickMagick::Image.read Function Crafted String Handling Remote Command Injection

posted in •

2010

CVE-2010-3978 (spree): Spree Multiple Script JSON Request Validation Weakness Remote Information Disclosure

posted in •

OSVDB-114600 (curb): curb Gem for Ruby Empty http_put Body Handling Remote DoS

posted in •

OSVDB-110439 (fog-dragonfly): Dragonfly Gem for Ruby Image Uploading & Processing Remote Command Execution

posted in •

OSVDB-62067 (bcrypt): bcrypt-ruby Gem for Ruby incorrect encoding of non US-ASCII characters (JRuby only)

posted in •

2009

CVE-2009-4123 (jruby-openssl): jruby-openssl Gem for JRuby fails to do proper certificate validation

posted in •

CVE-2009-2422 (rails): High Security Vulnerability with authenticate_with_http_digest of Rails

posted in •

2008

CVE-2008-4310 (webrick): WEBrick Denial of Service Vulnerability

posted in •

OSVDB-95376 (activerecord-oracle_enhanced-adapter): Oracle "enhanced" ActiveRecord Gem for Ruby :limit / :offset SQL Injection

posted in •

CVE-2008-7310 (spree): Spree Hash Restriction Weakness URL Parsing Order State Value Manipulation

posted in •

OSVDB-95749 (activeresource): activeresource Gem for Ruby lib/active_resource/connection.rb request Function Multiple Variable Format String

posted in •

CVE-2008-7311 (spree): Spree Hardcoded config.action_controller_session Hash Value Cryptographic Protection Weakness

posted in •

2007

CVE-2007-6183 (gtk2): CVE-2007-6183 ruby-gnome2: format string vulnerability

posted in •

OSVDB-95668 (builder): Builder Gem for Ruby Tag Name Handling Private Method Exposure

posted in •

OSVDB-101157 (json): json Gem for Ruby Data Handling Stack Buffer Overflow

posted in •

CVE-2007-0469 (rubygems-update): CVE-2007-0469 RubyGems: Specially-crafted Gem archive can overwrite system files

posted in •

2006

CVE-2006-2581 (rwiki): RWiki before 2.1.1 has cross-site scripting vulnerability

posted in •

CVE-2006-2582 (rwiki): High severity vulnerability that affects rwiki

posted in •