RubySec

Providing security resources for the Ruby community

2007

CVE-2007-0469 (rubygems-update): CVE-2007-0469 RubyGems: Specially-crafted Gem archive can overwrite system files

posted in •

OSVDB-101157 (json): json Gem for Ruby Data Handling Stack Buffer Overflow

posted in •

OSVDB-95668 (builder): Builder Gem for Ruby Tag Name Handling Private Method Exposure

posted in •

CVE-2007-6183 (gtk2): CVE-2007-6183 ruby-gnome2: format string vulnerability

posted in •

2008

CVE-2008-7311 (spree): Spree Hardcoded config.action_controller_session Hash Value Cryptographic Protection Weakness

posted in •

OSVDB-95749 (activeresource): activeresource Gem for Ruby lib/active_resource/connection.rb request Function Multiple Variable Format String

posted in •

CVE-2008-7310 (spree): Spree Hash Restriction Weakness URL Parsing Order State Value Manipulation

posted in •

OSVDB-95376 (activerecord-oracle_enhanced-adapter): Oracle "enhanced" ActiveRecord Gem for Ruby :limit / :offset SQL Injection

posted in •

2009

CVE-2009-4123 (jruby-openssl): jruby-openssl Gem for JRuby fails to do proper certificate validation

posted in •

2010

OSVDB-62067 (bcrypt): bcrypt-ruby Gem for Ruby incorrect encoding of non US-ASCII characters (JRuby only)

posted in •

OSVDB-114600 (curb): curb Gem for Ruby Empty http_put Body Handling Remote DoS

posted in •

CVE-2010-3978 (spree): Spree Multiple Script JSON Request Validation Weakness Remote Information Disclosure

posted in •

2011

OSVDB-106954 (quick_magick): quick_magick Gem for Ruby QuickMagick::Image.read Function Crafted String Handling Remote Command Injection

posted in •

CVE-2011-0739 (mail): Mail Gem for Ruby lib/mail/network/delivery_methods/sendmail.rb Email From: Address Arbitrary Shell Command Injection

posted in •

OSVDB-73751 (spree): Spree Content Controller Unspecified Arbitrary File Disclosure

posted in •

CVE-2011-3186 (actionpack): Response Splitting Vulnerability in Ruby on Rails

posted in •

OSVDB-97854 (fog-dragonfly): Dragonfly Gem for Ruby on Windows Shell Escaping Weakness

posted in •

OSVDB-115917 (bundler): Bundler Gem for Ruby install Command Process Listing Local Plaintext Credential Disclosure

posted in •

OSVDB-76011 (spree): Spree Search ProductScope Class search[send][] Parameter Arbitrary Command Execution

posted in •

CVE-2011-4319 (actionpack): XSS vulnerability in the translate helper method in Ruby on Rails

posted in •

CVE-2011-5036 (rack): CVE-2011-5036 rubygem-rack: hash table collisions DoS (oCERT-2011-003)

posted in •

2012

CVE-2012-6135 (passenger): Phusion Passenger Gem for Ruby Arbitrary File Deletion

posted in •

CVE-2012-6684 (RedCloth): CVE-2012-6684 rubygem-RedCloth: XSS vulnerability

posted in •

CVE-2012-1098 (activesupport): CVE-2012-1098 rubygem-activesupport: XSS in SafeBuffer#[] (unescaped safe buffers can be marked as safe)

posted in •

CVE-2012-1099 (actionpack): CVE-2012-1099 rubygem-actionpack: XSS in the 'select' helper

posted in •

CVE-2012-2139 (mail): CVE-2012-2139 rubygem-mail: directory traversal

posted in •

CVE-2012-2140 (mail): CVE-2012-2140 rubygem-mail: arbitrary command execution when using exim or sendmail from commandline

posted in •

CVE-2012-2126 (rubygems-update): CVE-2012-2125 CVE-2012-2126 rubygems: Two security fixes in v1.8.23

posted in •

CVE-2012-6109 (rack): CVE-2012-6109 rubygem-rack: parsing Content-Disposition header DoS

posted in •

CVE-2012-2660 (activerecord): CVE-2012-2660 rubygem-actionpack: Unsafe query generation

posted in •

CVE-2012-2661 (activerecord): CVE-2012-2661 rubygem-activerecord: SQL injection when processing nested query paramaters

posted in •

CVE-2012-2671 (rack-cache): rack-cache Rubygem Sensitive HTTP Header Caching Weakness

posted in •

CVE-2012-6685 (nokogiri): CVE-2012-6685 rubygem-nokogiri: XML eXternal Entity (XXE) flaw

posted in •

OSVDB-125712 (spree): Product Scopes could allow for unauthenticated remote command execution

posted in •

OSVDB-125713 (spree): Potential XSS vulnerability related to the analytics dashboard

posted in •

CVE-2012-3424 (actionpack): CVE-2012-3424 rubygem-actionpack: DoS vulnerability in authenticate_or_request_with_http_digest

posted in •

CVE-2012-3463 (actionpack): CVE-2012-3463 rubygem-actionpack: potential XSS vulnerability in select_tag prompt

posted in •

CVE-2012-3464 (activesupport): CVE-2012-3464 rubygem-actionpack: potential XSS vulnerability

posted in •

CVE-2012-3465 (actionpack): CVE-2012-3465 rubygem-actionpack: XSS Vulnerability in strip_tags

posted in •

CVE-2012-6134 (omniauth-oauth2): Ruby on Rails omniauth-oauth2 Gem CSRF vulnerability

posted in •

OSVDB-90945 (loofah): Loofah HTML and XSS injection vulnerability

posted in •

CVE-2012-2125 (rubygems-update): CVE-2012-2125 CVE-2012-2126 rubygems: Two security fixes in v1.8.23

posted in •

CVE-2012-5604 (ldap_fluff): CVE-2012-5604 rubygem-ldap_fluff: CloudForms authentication bypass when handling anonymous LDAP bind

posted in •

CVE-2013-0284 (newrelic_rpm): Ruby on Rails newrelic_rpm Gem Discloses Sensitive Information

posted in •

CVE-2012-6497 (authlogic): Ruby on Rails Authlogic Gem secret_token.rb Known secret_token Value Weakness

posted in •

CVE-2012-6496 (activerecord): Ruby on Rails find_by_* Methods Authlogic SQL Injection Bypass

posted in •

2013

CVE-2013-0183 (rack): CVE-2013-0183 rubygem-rack: receiving excessively long lines triggers out-of-memory error

posted in •

CVE-2013-0155 (activerecord): CVE-2013-0155 rubygem-actionpack, rubygem-activerecord: Unsafe Query Generation Risk in Ruby on Rails

posted in •

CVE-2013-0156 (actionpack): CVE-2013-0156 rubygem-activesupport: Multiple vulnerabilities in parameter parsing in ActionPack

posted in •

CVE-2013-1802 (extlib): extlib Gem for Ruby Type Casting Parameter Parsing Remote Code Execution

posted in •

CVE-2013-1800 (crack): CVE-2013-1800 rubygem-crack: YAML parameter parsing vulnerability

posted in •

CVE-2013-0285 (nori): Ruby Gem nori Parameter Parsing Remote Code Execution

posted in •

CVE-2013-0175 (multi_xml): multi_xml Gem for Ruby XML Parameter Parsing Remote Command Execution

posted in •

CVE-2013-0184 (rack): CVE-2013-0184 rubygem-rack: Rack::Auth::AbstractRequest DoS

posted in •

CVE-2013-1801 (httparty): httparty Gem for Ruby Type Casting Parameter Parsing Remote Code Execution

posted in •

CVE-2013-0233 (devise): Devise Database Type Conversion Crafted Request Parsing Security Bypass

posted in •

CVE-2013-0333 (activesupport): CVE-2013-0333 rubygem-activesupport: json to yaml parsing

posted in •

CVE-2013-0256 (rdoc): CVE-2013-0256 rubygem-rdoc: Cross-site scripting in the documentation created by Darkfish Rdoc HTML generator / template

posted in •

CVE-2013-0262 (rack): CVE-2013-0262 rubygem-rack: Path sanitization information disclosure

posted in •

CVE-2013-0263 (rack): CVE-2013-0263 rubygem-rack: Timing attack in cookie sessions

posted in •

CVE-2013-0276 (activerecord): CVE-2013-0276 rubygem-activerecord/rubygem-activemodel: circumvention of attr_protected

posted in •

CVE-2013-0277 (activerecord): CVE-2013-0277 rubygem-activerecord: Serialized Attributes YAML Vulnerability with Rails 2.3 and 3.0

posted in •

CVE-2013-0269 (json): CVE-2013-0269 rubygem-json: Denial of Service and SQL Injection

posted in •

OSVDB-115090 (bundler): Bundler Gem for Ruby Missing SSL Certificate Validation MitM Spoofing

posted in •

OSVDB-115091 (bundler): Bundler Gem for Ruby Redirection Remote HTTP Basic Authentication Credential Disclosure

posted in •

CVE-2013-1756 (fog-dragonfly): Dragonfly Gem for Ruby Crafted Request Parsing Remote Code Execution

posted in •

CVE-2013-0162 (ruby_parser): CVE-2013-0162 rubygem-ruby_parser: incorrect temporary file usage

posted in •

CVE-2013-1607 (pdfkit): PDFKit Gem for Ruby PDF File Generation Parameter Handling Remote Code Execution

posted in •

CVE-2013-1656 (spree): Spree promotion_rules_controller.rb promotion_rule Parameter Arbitrary Ruby Object Instantiation Command Execution

posted in •

CVE-2013-2506 (spree_auth_devise): Spree app/models/spree/user.rb Mass Role Assignment Remote Privilege Escalation

posted in •

OSVDB-114854 (activerecord-jdbc-adapter): ActiveRecord-JDBC-Adapter (AR-JDBC) lib/arjdbc/jdbc/adapter.rb sql.gsub() Function SQL Injection

posted in •

CVE-2013-2512 (ftpd): ftpd Gem for Ruby Shell Character Handling Remote Command Injection

posted in •

CVE-2013-2516 (fileutils): fileutils Gem for Ruby file_utils.rb Crafted URL Handling Remote Command Execution

posted in •

CVE-2013-2513 (flash_tool): flash_tool Gem for Ruby File Download Handling Arbitrary Command Execution

posted in •

CVE-2013-2616 (mini_magick): MiniMagick Gem for Ruby URI Handling Arbitrary Command Injection

posted in •

CVE-2013-2617 (curl): CVE-2013-2617 rubygem-curl: insufficient URL escaping command injection

posted in •

CVE-2013-2615 (fastreader): fastreader Gem for Ruby URI Handling Arbitrary Command Injection

posted in •

CVE-2013-1875 (command_wrap): command_wrap Gem for Ruby URI Handling Arbitrary Command Injection

posted in •

CVE-2013-1854 (activerecord): CVE-2013-1854 rubygem-activerecord: attribute_dos Symbol DoS vulnerability

posted in •

CVE-2013-1855 (actionpack): CVE-2013-1855 rubygem-actionpack: css_sanitization: XSS vulnerability in sanitize_css

posted in •

CVE-2013-1856 (activesupport): XML Parsing Vulnerability affecting JRuby users

posted in •

CVE-2013-1857 (actionpack): CVE-2013-1857 rubygem-actionpack: sanitize_protocol: XSS Vulnerability in the helper of Ruby on Rails

posted in •

CVE-2013-1898 (thumbshooter): Thumbshooter Gem for Ruby thumbshooter.rb URL Shell Metacharacter Injection Arbitrary Command Execution

posted in •

CVE-2013-1911 (ldoce): ldoce Gem for Ruby MP3 URL Shell Metacharacter Injection Arbitrary Command Execution

posted in •

CVE-2013-1947 (kelredd-pruview): kelredd-pruview Gem for Ruby /lib/pruview/document.rb File Name Shell Metacharacter Injection Arbitrary Command Execution

posted in •

CVE-2013-1933 (karteek-docsplit): Karteek Docsplit Gem for Ruby text_extractor.rb File Name Shell Metacharacter Injection Arbitrary Command Execution

posted in •

CVE-2013-1948 (md2pdf): md2pdf Gem for Ruby md2pdf/converter.rb File Name Shell Metacharacter Injection Arbitrary Command Execution

posted in •

CVE-2013-2090 (cremefraiche): Creme Fraiche Gem for Ruby File Name Shell Metacharacter Injection Arbitrary Command Execution

posted in •

CVE-2013-2105 (show_in_browser): Show In Browser Gem for Ruby /tmp/browser.html Arbitrary Script Injection

posted in •

CVE-2013-2119 (passenger): CVE-2013-2119 rubygem-passenger: incorrect temporary file usage

posted in •

CVE-2013-4136 (passenger): CVE-2013-4136 rubygem-passenger: insecure temporary directory usage due to reuse of existing server instance directories

posted in •

OSVDB-94679 (enum_column3): enum_column3 Gem for Ruby Symbol Creation Remote DoS

posted in •

CVE-2014-2538 (rack-ssl): CVE-2014-2538 rubygem rack-ssl: URL error display XSS

posted in •

CVE-2013-4170 (ember-source): Ember.js Potential XSS Exploit When Binding `tagName` to User-Supplied Data

posted in •

CVE-2013-4203 (rgpg): rgpg Gem for Ruby lib/rgpg/gpg_helper.rb Remote Command Execution

posted in •

OSVDB-114435 (devise): CSRF token fixation attacks in Devise

posted in •

OSVDB-96425 (redis-namespace): redis-namespace Gem for Ruby contains a flaw in the method_missing implementation

posted in •

CVE-2013-5647 (sounder): Sounder Gem for Ruby File Name Handling Arbitrary Command Execution

posted in •

CVE-2013-4318 (features): Features Gem for Ruby /tmp/out.html Local XSS

posted in •

CVE-2013-5671 (fog-dragonfly): fog-dragonfly Gem for Ruby imagemagickutils.rb Remote Command Execution

posted in •

CVE-2013-4287 (rubygems-update): CVE-2013-4287 rubygems: version regex algorithmic complexity vulnerability

posted in •

CVE-2013-6459 (will_paginate): CVE-2013-6459 rubygem-will_paginate: XSS vulnerabilities

posted in •

CVE-2013-4363 (rubygems-update): CVE-2013-4363 rubygems: version regex algorithmic complexity vulnerability, incomplete CVE-2013-4287 fix

posted in •

CVE-2013-7463 (aescrypt): Vulnerability in aescrypt because IV is not randomized

posted in •

CVE-2013-4413 (wicked): Wicked Gem for Ruby contains a flaw

posted in •

CVE-2013-4389 (actionmailer): CVE-2013-4389 rubygem-actionmailer: email address processing DoS

posted in •

CVE-2013-4457 (cocaine): Cocaine Gem for Ruby contains a flaw

posted in •

CVE-2013-4478 (sup): Sup MUA Email Attachment Content Type Handling Arbitrary Command Execution

posted in •

CVE-2013-4479 (sup): Sup MUA Email Attachment Content Type Handling Arbitrary Command Execution

posted in •

CVE-2013-4489 (gitlab-grit): GitLab Grit Gem for Ruby contains a flaw

posted in •

CVE-2013-4562 (omniauth-facebook): omniauth-facebook Gem for Ruby Unspecified CSRF

posted in •

CVE-2013-4593 (omniauth-facebook): omniauth-facebook Gem for Ruby Insecure Access Token Handling Authentication Bypass

posted in •

CVE-2013-6421 (sprout): sprout Gem for Ruby archive_unpacker.rb unpack_zip() Function Multiple Parameter Arbitrary Code Execution

posted in •

CVE-2013-4491 (actionpack): Reflective XSS Vulnerability in Ruby on Rails

posted in •

CVE-2013-4492 (i18n): i18n missing translation error message XSS

posted in •

CVE-2013-6414 (actionpack): Denial of Service Vulnerability in Action View

posted in •

CVE-2013-6415 (actionpack): XSS Vulnerability in number_to_currency

posted in •

CVE-2013-6416 (actionpack): XSS Vulnerability in simple_format helper

posted in •

CVE-2013-6417 (actionpack): Incomplete fix to CVE-2013-0155 (Unsafe Query Generation Risk)

posted in •

CVE-2013-7086 (webbynode): Webbynode Gem for Ruby notify.rb growlnotify Message Handling Arbitrary Command Execution

posted in •

CVE-2013-6460 (nokogiri): CVE-2013-6460 rubygem-nokogiri: DoS while parsing XML documents

posted in •

CVE-2013-6461 (nokogiri): CVE-2013-6461 rubygem-nokogiri: DoS while parsing XML entities

posted in •

CVE-2013-7111 (bio-basespace-sdk): Bio Basespace SDK Gem for Ruby Command Line API Key Disclosure

posted in •

CVE-2013-7222 (fat_free_crm): Fat Free CRM Gem for Ruby lack of support for cycling the Rails session secret

posted in •

CVE-2013-7223 (fat_free_crm): Fat Free CRM Gem for Ruby contains multiple cross-site request forgery (CSRF) vulnerabilities

posted in •

CVE-2013-7224 (fat_free_crm): Fat Free CRM Gem for Ruby allows remote attackers to obtain sensitive informations

posted in •

CVE-2013-7225 (fat_free_crm): Fat Free CRM Gem for Ruby allows remote attackers to inject or manipulate SQL queries

posted in •

CVE-2013-7249 (fat_free_crm): Fat Free CRM Gem for Ruby allows remote attackers to obtain sensitive informations

posted in •

CVE-2014-1233 (paratrooper-pingdom): paratrooper-pingdom Gem for Ruby /lib/paratrooper-pingdom.rb API Login Credentials Local Disclosure

posted in •

OSVDB-101577 (flukso4r): flukso4r Gem for Ruby /lib/flukso/R.rb Arbitrary Command Execution

posted in •

2014

CVE-2014-1234 (paratrooper-newrelic): Paratrooper-newrelic Gem for Ruby Process Listing API Key Local Disclosure

posted in •

CVE-2014-0013 (ember-source): Ember.js Potential XSS Exploit With User-Supplied Data When Binding Primitive Values

posted in •

CVE-2014-0014 (ember-source): Ember.js Potential XSS Exploit With User-Supplied Data When Using {{group}} Helper

posted in •

CVE-2014-1834 (echor): echor Gem for Ruby backplane.rb perform_request Function Arbitrary Command Execution

posted in •

CVE-2014-1835 (echor): echor Gem for Ruby Process Listing Local Plaintext Credential Disclosure

posted in •

CVE-2014-1831 (passenger): CVE-2014-1831 CVE-2014-1832 rubygem-passenger: insecure use of temporary files

posted in •

CVE-2014-1832 (passenger): CVE-2014-1831 CVE-2014-1832 rubygem-passenger: insecure use of temporary files

posted in •

OSVDB-103151 (paperclip): Paperclip Gem for Ruby contains a flaw

posted in •

CVE-2014-0046 (ember-source): Ember.js XSS Vulnerability With {{link-to}} Helper in Non-block Form

posted in •

CVE-2014-0083 (net-ldap): CVE-2014-0083 rubygem-net-ldap: SSHA passwords generated by the net-ldap Ruby gem use a weak salt

posted in •

CVE-2014-0080 (activerecord): CVE-2014-0080 rubygem-activerecord: PostgreSQL array data injection vulnerability

posted in •

CVE-2014-0081 (actionpack): CVE-2014-0081 rubygem-actionpack: number_to_currency, number_to_percentage and number_to_human XSS vulnerability

posted in •

CVE-2014-0082 (actionpack): CVE-2014-0082 rubygem-actionpack: Action View string handling denial of service

posted in •

CVE-2014-0036 (rbovirt): CVE-2014-0036 rubygem-rbovirt: unsafe use of rest-client

posted in •

CVE-2014-2322 (Arabic-Prawn): Arabic Prawn Gem for Ruby lib/string_utf_support.rb User Input Handling Remote Command Injection

posted in •

CVE-2014-0135 (kafo): CVE-2014-0135 rubygem-kafo: temporary file creation vulnerability when creating /tmp/default_values.yaml

posted in •

CVE-2014-4920 (twitter-bootstrap-rails): Reflective XSS Vulnerability in twitter-bootstrap-rails

posted in •

CVE-2014-0156 (awesome_spawn): OS command injection flaw in awesome_spawn

posted in •

CVE-2014-2888 (sfpagent): sfpagent Gem for Ruby JSON[body] Module Name Remote Command Execution

posted in •

OSVDB-106279 (jruby-sandbox): jruby-sandbox Java Class Importation Sandbox Bypass

posted in •

OSVDB-118481 (nokogiri): Nokogiri Gem for JRuby XML Document Root Element Handling Memory Consumption Remote DoS

posted in •

CVE-2014-0130 (actionpack): Directory Traversal Vulnerability With Certain Route Configurations

posted in •

OSVDB-107783 (screen_capture): Screen Capture Gem for Ruby screen_capture.rb URL Handling Arbitrary Command Execution

posted in •

CVE-2014-4991 (codders-dataset): codders-dataset Gem for Ruby lib/dataset/database/mysql.rb and lib/dataset/database/postgresql.rb Process Table Local Plaintext Credential Disclosure

posted in •

CVE-2014-4992 (cap-strap): cap-strap Gem for Ruby Process Table Local Plaintext Credential Disclosure

posted in •

CVE-2014-4993 (backup_checksum): backup_checksum Gem for Ruby /lib/backup/cli/utility.rb Process List Local Plaintext Password Disclosure

posted in •

CVE-2014-4994 (gyazo): gyazo Gem for Ruby client.rb Metacharacter Handling Remote Command Execution

posted in •

CVE-2014-4995 (VladTheEnterprising): VladTheEnterprising Gem for Ruby /tmp/my.cnf.#{target_host} Symlink Multiple Impact

posted in •

CVE-2014-4996 (VladTheEnterprising): VladTheEnterprising Gem for Ruby /tmp/my.cnf.#{target_host} Symlink Multiple Impact

posted in •

CVE-2014-4997 (point-cli): point-cli Gem for Ruby /lib/commands/setup.rb Process Table Local Plaintext Credential Disclosure

posted in •

CVE-2014-4998 (lean-ruport): lean-ruport Gem for Ruby /test/tc_database.rb Process Table Local Plaintext MySQL Password Disclosure

posted in •

CVE-2014-4999 (kajam): kajam Gem for Ruby /dataset/lib/dataset/database/postgresql.rb Process List Local Plaintext Password Disclosure

posted in •

CVE-2014-5000 (lawn-login): lawn-login Gem for Ruby /lib/lawn.rb Process Table Local Plaintext Password Disclosure

posted in •

CVE-2014-5001 (kcapifony): kcapifony Gem for Ruby /lib/ksymfony1.rb Process List Local Plaintext Password Disclosure

posted in •

CVE-2014-5002 (lynx): lynx Gem for Ruby command/basic.rb Process Table Local Plaintext Password Disclosure

posted in •

CVE-2014-5003 (ciborg): ciborg Gem for Ruby default.rb /tmp/perlbrew-installer Local Symlink File Overwrite

posted in •

OSVDB-108530 (kajam): kajam Gem for Ruby /dataset/lib/dataset/database/postgresql.rb Metacharacter Handling Remote Command Execution

posted in •

OSVDB-108570 (backup_checksum): backup_checksum Gem for Ruby /lib/backup/cli/utility.rb Metacharacter Handling Remote Command Execution

posted in •

OSVDB-108572 (kcapifony): kcapifony Gem for Ruby /lib/ksymfony1.rb Metacharacter Handling Remote Command Execution

posted in •

OSVDB-108573 (karo): karo Gem for Ruby db.rb Metacharacter Handling Remote Command Execution

posted in •

OSVDB-108575 (cap-strap): cap-strap Gem for Ruby Hardcoded Password Crypt Hash Salt Weakness

posted in •

OSVDB-108579 (lynx): lynx Gem for Ruby lib/lynx/pipe/run.rb Remote Command Execution

posted in •

OSVDB-108585 (lingq): lingq Gem for Ruby client.rb Metacharacter Handling Remote Command Execution

posted in •

OSVDB-108593 (kompanee-recipes): kompanee-recipes Gem for Ruby /lib/kompanee-recipes/heroku.rb Multiple Variable Handling Remote Command Execution Weakness

posted in •

OSVDB-108594 (gnms): gnms Gem for Ruby /lib/cmd_parse.rb ip Variable Shell Metacharacter Handling Remote Command Injection

posted in •

CVE-2014-3482 (activerecord): CVE-2014-3482 rubygem-activerecord: SQL injection vulnerability in 'bitstring' quoting

posted in •

CVE-2014-3483 (activerecord): CVE-2014-3483 rubygem-activerecord: SQL injection vulnerability in 'range' quoting

posted in •

CVE-2014-5004 (brbackup): brbackup Gem for Ruby Process List Local Plaintext Password Disclosure

posted in •

OSVDB-108899 (brbackup): brbackup Gem for Ruby /lib/brbackup.rb name Parameter SQL Injection

posted in •

OSVDB-108900 (brbackup): brbackup Gem for Ruby dbuser Variable Shell Metacharacter Injection Remote Command Execution

posted in •

CVE-2013-0334 (bundler): CVE-2013-0334 rubygem-bundler: 'bundle install' may install a gem from a source other than expected

posted in •

CVE-2014-3514 (activerecord): Data Injection Vulnerability in Active Record

posted in •

CVE-2014-5441 (fat_free_crm): Fat Free CRM Gem contains a javascript cross-site scripting (XSS) vulnerability

posted in •

OSVDB-110439 (fog-dragonfly): Dragonfly Gem for Ruby Image Uploading & Processing Remote Command Execution

posted in •

OSVDB-110796 (flavour_saver): FlavourSaver handlebars helper remote code execution.

posted in •

OSVDB-112683 (as): as Gem for Ruby Process List Local Plaintext Credentials Disclosure

posted in •

CVE-2014-10077 (i18n): i18n Gem for Ruby lib/i18n/core_ext/hash.rb Hash#slice() Function Hash Handling DoS

posted in •

OSVDB-112346 (web-console): Web Console Gem for Ruby contains an unspecified flaw

posted in •

OSVDB-126330 (sidekiq-pro): Sidekiq Pro Gem for Ruby web/views/batch{,es}.erb Description Element XSS

posted in •

CVE-2014-7818 (actionpack): Arbitrary file existence disclosure in Action Pack

posted in •

CVE-2014-7819 (sprockets): CVE-2014-7819 rubygem-sprockets: arbitrary file existence disclosure

posted in •

CVE-2014-7829 (actionpack): Arbitrary file existence disclosure in Action Pack

posted in •

CVE-2014-9489 (gollum-grit_adapter): gollum-grit_adapter Search Functionality Allows Arbitrary Command Execution

posted in •

CVE-2014-9490 (sentry-raven): sentry-raven Gem for Ruby contains a flaw that can result in a denial of service

posted in •

CVE-2014-8144 (doorkeeper): Cross-site request forgery (CSRF) vulnerability in doorkeeper 1.4.0 and earlier.

posted in •

2015

OSVDB-117903 (ruby-saml): Ruby-Saml Gem is vulnerable to arbitrary code execution

posted in •

OSVDB-118830 (doorkeeper): Doorkeeper Gem for Ruby stores sensitive information in production logs

posted in •

CVE-2015-1585 (fat_free_crm): Fat Free CRM Gem being vulnerable to CSRF-type attacks

posted in •

CVE-2015-2179 (xaviershay-dm-rails): xaviershay-dm-rails Gem for Ruby exposes sensitive information via the process table

posted in •

OSVDB-119205 (spree): Spree API Information Disclosure CSRF

posted in •

CVE-2015-1820 (rest-client): CVE-2015-1820 rubygem-rest-client: session fixation vulnerability Set-Cookie headers present in an HTTP 30x redirection responses

posted in •

CVE-2015-1828 (http): HTTPS MitM vulnerability in http.rb

posted in •

OSVDB-120415 (redcarpet): redcarpet Gem for Ruby markdown.c parse_inline() Function XSS

posted in •

CVE-2015-1819 (nokogiri): Nokogiri gem contains several vulnerabilities in libxml2 and libxslt

posted in •

CVE-2015-1866 (ember-source): Ember.js XSS Vulnerability With {{view "select"}} Options

posted in •

OSVDB-120857 (refile): refile Gem for Ruby contains a remote code execution vulnerability

posted in •

OSVDB-125678 (sidekiq): Sidekiq Gem for Ruby web/views/queue.erb msg.display_class Element XSS

posted in •

CVE-2015-3448 (rest-client): rest-client ruby gem logs sensitive information

posted in •

OSVDB-124991 (ruby-saml): Ruby-Saml Gem is vulnerable to XPath Injection

posted in •

CVE-2015-3649 (open-uri-cached): open-uri-cached Gem for Ruby Unsafe Temporary File Creation Local Privilege Escalation

posted in •

OSVDB-126329 (sidekiq-pro): Sidekiq Pro Gem for Ruby web/views/batch.erb Class and ErrorMessage Elements Reflected XSS

posted in •

CVE-2015-3900 (rubygems-update): CVE-2015-3900 rubygems: DNS hijacking vulnerability in api_endpoint()

posted in •

CVE-2015-9284 (omniauth): CSRF vulnerability in OmniAuth's request phase

posted in •

CVE-2015-4410 (moped): Data Injection Vulnerability in moped Rubygem

posted in •

CVE-2015-4412 (bson): Data Injection Vulnerability in bson Rubygem

posted in •

OSVDB-125676 (sidekiq): Sidekiq Gem for Ruby web/views/queue.erb CurrentMessagesInQueue Element Reflected XSS

posted in •

CVE-2015-2963 (paperclip): Paperclip Gem for Ruby vulnerable to content type spoofing

posted in •

CVE-2015-4020 (rubygems-update): RubyGems remote_fetcher.rb api_endpoint() Function Missing SRV Record Hostname Validation Request Hijacking

posted in •

CVE-2015-1840 (jquery-ujs): CSRF Vulnerability in jquery-ujs

posted in •

CVE-2015-3224 (web-console): IP whitelist bypass in Web Console

posted in •

CVE-2015-3225 (rack): Potential Denial of Service Vulnerability in Rack

posted in •

CVE-2015-3226 (activesupport): XSS Vulnerability in ActiveSupport::JSON.encode

posted in •

CVE-2015-3227 (activesupport): Possible Denial of Service attack in Active Support

posted in •

CVE-2015-4619 (spina): Cross-site request forgery (CSRF) vulnerability in Spina gem

posted in •

CVE-2015-5147 (redcarpet): redcarpet Gem for Ruby html.c header_anchor() Function Stack Overflow

posted in •

OSVDB-124383 (ruby-saml): Ruby-Saml Gem is vulnerable to entity expansion attacks

posted in •

OSVDB-125675 (sidekiq): Sidekiq Gem for Ruby Multiple Unspecified CSRF

posted in •

CVE-2017-11173 (rack-cors): rack-cors Gem Missing Anchor permits unauthorized CORS requests

posted in •

OSVDB-126331 (sidekiq-pro): Sidekiq Pro Gem for Ruby CSRF in Job Filtering

posted in •

OSVDB-125701 (spree): Spree RABL templates rendering allows Arbitrary Code Execution and File Disclosure

posted in •

OSVDB-126747 (uglifier): uglifier incorrectly handles non-boolean comparisons during minification

posted in •

OSVDB-125699 (spree): Spree RABL templates rendering allows Arbitrary Code Execution and File Disclosure

posted in •

OSVDB-131671 (handlebars-source): handlebars.js - quoteless attributes in templates can lead to XSS

posted in •

CVE-2015-7225 (devise-two-factor): devise-two-factor 1.1.0 and earlier vulnerable to replay attacks

posted in •

CVE-2015-7314 (gollum): gollum Upload File Functionality Permits Arbitrary File Access

posted in •

OSVDB-129854 (mapbox-rails): mapbox-rails Content Injection via TileJSON attribute

posted in •

OSVDB-131671 (mustache-js-rails): mustache.js - quoteless attributes in templates can lead to XSS

posted in •

CVE-2015-7519 (passenger): Phusion Passenger Server allows to overwrite headers in some cases

posted in •

CVE-2015-9097 (mail): CVE-2015-9097 rubygem-mail: SMTP injection via recipient email addresses

posted in •

CVE-2015-8968 (git-fastclone): git-fastclone permits arbitrary shell command execution from .gitmodules

posted in •

CVE-2015-5312 (nokogiri): Nokogiri gem contains several vulnerabilities in libxml2

posted in •

CVE-2015-8969 (git-fastclone): git-fastclone Shell Metacharacter Injection Arbitrary Command Execution

posted in •

OSVDB-132234 (rack-attack): rack-attack Gem for Ruby missing normalization before request path processing

posted in •

2016

CVE-2015-7541 (colorscore): colorscore Gem for Ruby lib/colorscore/histogram.rb Arbitrary Command Injection

posted in •

OSVDB-132800 (auto_select2): auto_select2 Gem for Ruby allows arbitrary search execution

posted in •

OSVDB-132871 (mapbox-rails): mapbox-rails Content Injection via TileJSON Name

posted in •

CVE-2015-7565 (ember-source): Ember.js XSS Vulnerability with User-Supplied JSON

posted in •

CVE-2015-8314 (devise): Devise Gem for Ruby Unauthorized Access Using Remember Me Cookie

posted in •

CVE-2015-7499 (nokogiri): Nokogiri gem contains a heap-based buffer overflow vulnerability in libxml2

posted in •

CVE-2015-7576 (actionpack): Timing attack vulnerability in basic authentication in Action Controller.

posted in •

CVE-2015-7577 (activerecord): Nested attributes rejection proc bypass in Active Record

posted in •

CVE-2015-7578 (rails-html-sanitizer): Possible XSS vulnerability in rails-html-sanitizer

posted in •

CVE-2015-7579 (rails-html-sanitizer): XSS vulnerability in rails-html-sanitizer

posted in •

CVE-2015-7580 (rails-html-sanitizer): Possible XSS vulnerability in rails-html-sanitizer

posted in •

CVE-2015-7581 (actionpack): Object leak vulnerability for wildcard controller routes in Action Pack

posted in •

CVE-2016-0751 (actionpack): Possible Object Leak and Denial of Service attack in Action Pack

posted in •

CVE-2016-0752 (actionview): Possible Information Leak Vulnerability in Action View

posted in •

CVE-2016-0753 (activemodel): Possible Input Validation Circumvention in Active Model

posted in •

CVE-2016-2097 (actionview): Possible Information Leak Vulnerability in Action View

posted in •

CVE-2016-2098 (actionpack): Possible remote code execution vulnerability in Action Pack

posted in •

CVE-2016-3098 (administrate): Cross-site request forgery (CSRF) vulnerability in administrate gem

posted in •

CVE-2016-10193 (espeak-ruby): espeak-ruby Gem for Ruby Arbitrary Command Execution

posted in •

CVE-2016-3693 (safemode): Safemode Gem for Ruby is vulnerable to information disclosure

posted in •

CVE-2016-10194 (festivaltts4r): festivaltts4r Gem for Ruby Arbitrary Command Execution

posted in •

CVE-2016-4442 (rack-mini-profiler): rack-mini-profiler may disclose information to unauthorized users

posted in •

CVE-2015-8806 (nokogiri): Denial of service or RCE from libxml2 and libxslt

posted in •

CVE-2016-5697 (ruby-saml): XML signature wrapping attack

posted in •

CVE-2016-10735 (bootstrap): XSS vulnerability via data-target in bootstrap

posted in •

CVE-2016-6316 (actionview): Possible XSS Vulnerability in Action View

posted in •

CVE-2016-6317 (activerecord): Unsafe Query Generation Risk in Active Record

posted in •

CVE-2016-6582 (doorkeeper): Doorkeeper gem does not revoke tokens & uses wrong auth/auth method

posted in •

CVE-2016-10173 (minitar): Minitar Directory Traversal Vulnerability

posted in •

CVE-2016-7103 (jquery-ui-rails): XSS Vulnerability on closeText option of Dialog jQuery UI

posted in •

CVE-2016-10345 (passenger): Predictable tmp File Path Vulnerability in Phusion Passenger

posted in •

CVE-2016-10522 (rails_admin): CSRF vulnerability in rails_admin

posted in •

2017

CVE-2017-18076 (omniauth): omniauth leaks authenticity token in callback params

posted in •

CVE-2017-5946 (rubyzip): Directory traversal vulnerability in rubyzip

posted in •

CVE-2016-4658 (nokogiri): Nokogiri gem contains several vulnerabilities in libxml2 and libxslt

posted in •

CVE-2017-7540 (safemode): Safemode Gem for Ruby is vulnerable to bypassing safe mode limitations

posted in •

CVE-2017-8418 (rubocop): RuboCop gem Insecure use of /tmp

posted in •

CVE-2017-1002201 (haml): haml failure to escape single quotes

posted in •

CVE-2017-5029 (nokogiri): Nokogiri gem contains two upstream vulnerabilities in libxslt 1.1.29

posted in •

CVE-2017-16833 (gemirro): Stored XSS in "gemirro" via injection in Gemspec "homepage" value

posted in •

CVE-2017-0899 (rubygems-update): RubyGems ANSI escape sequence vulnerability

posted in •

CVE-2017-0900 (rubygems-update): RubyGems DoS vulnerability in the query command

posted in •

CVE-2017-0901 (rubygems-update): RubyGems vulnerability in the gem installer that allowed a malicious gem to overwrite arbitrary files

posted in •

CVE-2017-0902 (rubygems-update): RubyGems DNS request hijacking vulnerability

posted in •

CVE-2017-9050 (nokogiri): Nokogiri gem, via libxml, is affected by DoS and RCE vulnerabilities

posted in •

CVE-2017-0903 (rubygems-update): Unsafe Object Deserialization Vulnerability in RubyGems

posted in •

CVE-2016-7798 (openssl): Incorrect handling of initialization vector in the GCM mode in OpenSSL

posted in •

CVE-2017-15928 (ox): ox ruby gem segmentation fault via parse_obj

posted in •

CVE-2017-16229 (ox): ox ruby gem stack overflow in sax_parse

posted in •

CVE-2017-16516 (yajl-ruby): Flaw in yajl-ruby gem may cause a DoS

posted in •

CVE-2017-0904 (private_address_check): private_address_check Ruby Gem Resolv.getaddresses Server-Side Request Forgery

posted in •

CVE-2017-0905 (recurly): SSRF vulnerability in Recurly gem's Resource#find.

posted in •

CVE-2017-0909 (private_address_check): private_address_check Ruby Gem Blacklist Bypass privilege escalation

posted in •

CVE-2017-16792 (geminabox): Stored XSS in "geminabox" via injection in Gemspec "homepage" value

posted in •

CVE-2017-7475 (cairo): cairo NULL pointer dereference

posted in •

CVE-2017-1000248 (redis-store): Unsafe objects can be loaded from Redis

posted in •

CVE-2017-17042 (yard): Potential arbitrary file read vulnerability in yard server

posted in •

CVE-2017-17718 (net-ldap): No validation of hostname certificate in net-ldap

posted in •

2018

CVE-2018-5216 (radiant): Radiant CMS 1.1.4 Markdown admin/pages/*/edit part_body_content cross site scripting

posted in •

CVE-2018-7212 (sinatra): sinatra ruby gem path traversal via backslash characters on Windows

posted in •

CVE-2017-12097 (delayed_job_web): delayed_job_web ruby gem XSS vulnerability via `queues` parameter

posted in •

CVE-2017-12098 (rails_admin): rails_admin ruby gem XSS vulnerability

posted in •

CVE-2017-0889 (paperclip): Paperclip ruby gem suffers from a Server-Side Request Forgery (SSRF) vulnerability in the Paperclip::UriAdapter and Paperclip::HttpUrlProxyAdapter class.

posted in •

CVE-2017-15412 (nokogiri): Nokogiri gem, via libxml, is affected by DoS vulnerabilities

posted in •

CVE-2017-16932 (nokogiri): Nokogiri gem, via libxml, is affected by DoS vulnerabilities

posted in •

CVE-2018-7212 (rack-protection): Path traversal is possible via backslash characters on Windows.

posted in •

CVE-2018-7261 (radiant): Multiple persistent XSS vulnerabilities in Radiant CMS

posted in •

CVE-2018-1000088 (doorkeeper): Doorkeeper gem has stored XSS on authorization consent view

posted in •

CVE-2017-11428 (ruby-saml): Authentication bypass via incorrect XML canonicalization and DOM traversal

posted in •

CVE-2017-11430 (omniauth-saml): omniauth-saml authentication bypass via incorrect XML canonicalization and DOM traversal

posted in •

CVE-2018-1000119 (rack-protection): rack-protection gem timing attack vulnerability when validating CSRF token

posted in •

CVE-2018-8048 (loofah): Loofah XSS Vulnerability

posted in •

CVE-2018-3740 (sanitize): HTML injection/XSS in Sanitize

posted in •

CVE-2018-3741 (rails-html-sanitizer): XSS vulnerability in rails-html-sanitizer

posted in •

CVE-2018-8048 (nokogiri): Revert libxml2 behavior in Nokogiri gem that could cause XSS

posted in •

CVE-2019-3881 (bundler): Insecure path handling in Bundler

posted in •

CVE-2018-1000539 (json-jwt): Auth tag forgery vulnerability with AES-GCM encrypted JWT

posted in •

CVE-2018-3759 (private_address_check): private_address_check Ruby Gem Time-of-check Time-of-use race condition

posted in •

CVE-2018-3769 (grape): ruby-grape Gem has XSS via "format" parameter

posted in •

CVE-2018-11627 (sinatra): XSS via the 400 Bad Request page

posted in •

CVE-2018-12026 (passenger): SpawningKit exploits

posted in •

CVE-2018-12029 (passenger): CHMOD race vulnerability

posted in •

CVE-2018-1000544 (rubyzip): Directory Traversal in rubyzip

posted in •

CVE-2018-3760 (sprockets): Path Traversal in Sprockets

posted in •

CVE-2018-1000201 (ffi): ruby-ffi DDL loading issue on Windows OS

posted in •

CVE-2018-14040 (bootstrap): XSS vulnerabilities via data-parent, data-target, data-container in bootstrap

posted in •

CVE-2018-1000211 (doorkeeper): Doorkeeper gem does not revoke token for public clients

posted in •

CVE-2018-3777 (restforce): Insufficient URI encoding in restforce

posted in •

CVE-2018-3779 (active-support): Malicious ruby gem - active-support

posted in •

CVE-2018-14643 (smart_proxy_dynflow): smart_proxy_dynflow gem authentication bypass in Foreman remote execution feature

posted in •

CVE-2018-17567 (jekyll): Jekyll _config.yml privilege escalation

posted in •

CVE-2018-14404 (nokogiri): Nokogiri gem, via libxml2, is affected by multiple vulnerabilities

posted in •

CVE-2018-18476 (mysql-binuuid-rails): mysql-binuuid-rails allows SQL Injection by removing default string escaping

posted in •

CVE-2018-1000842 (fat_free_crm): fat_free_crm gem XSS vulnerability via query parameter

posted in •

CVE-2018-16468 (loofah): Loofah XSS Vulnerability

posted in •

CVE-2018-16470 (rack): Possible DoS vulnerability in Rack

posted in •

CVE-2018-16471 (rack): Possible XSS vulnerability in Rack

posted in •

CVE-2018-1000855 (easymon): Reflected XSS in Firefox in check endpoint

posted in •

CVE-2018-16476 (activejob): Broken Access Control vulnerability in Active Job

posted in •

CVE-2018-16477 (activestorage): Bypass vulnerability in Active Storage

posted in •

2019

CVE-2019-5421 (devise): Devise Gem for Ruby Time-of-check Time-of-use race condition with lockable module

posted in •

CVE-2019-8331 (bootstrap): XSS vulnerability in bootstrap

posted in •

CVE-2019-8320 (rubygems-update): Delete directory using symlink when decompressing tar

posted in •

CVE-2019-8321 (rubygems-update): Escape sequence injection vulnerability in verbose

posted in •

CVE-2019-8322 (rubygems-update): Escape sequence injection vulnerability in gem owner

posted in •

CVE-2019-8323 (rubygems-update): Escape sequence injection vulnerability in api response handling

posted in •

CVE-2019-8324 (rubygems-update): Installing a malicious gem may lead to arbitrary code execution

posted in •

CVE-2019-8325 (rubygems-update): Escape sequence injection vulnerability in errors

posted in •

CVE-2018-6517 (chloride): Improper handling of ssh known_hosts file with Chloride

posted in •

CVE-2019-5418 (actionview): File Content Disclosure in Action View

posted in •

CVE-2019-5419 (actionview): Denial of Service Vulnerability in Action View

posted in •

CVE-2019-5420 (railties): Possible Remote Code Execution Exploit in Rails Development Mode

posted in •

CVE-2019-9837 (doorkeeper-openid_connect): Doorkeeper::OpenidConnect Open Redirect

posted in •

CVE-2019-10842 (bootstrap-sass): Remote code execution in bootstrap-sass

posted in •

CVE-2019-16060 (airbrake-ruby): Blacklist keys are no longer being filtered in airbrake-ruby

posted in •

CVE-2019-11358 (jquery-rails): Prototype pollution attack through jQuery $.extend

posted in •

CVE-2019-11068 (nokogiri): Nokogiri gem, via libxslt, is affected by improper access control vulnerability

posted in •

CVE-2019-12732 (chartkick): XSS Vulnerability in Chartkick Ruby Gem

posted in •

CVE-2019-11027 (ruby-openid): ruby-openid SSRF via claimed_id request

posted in •

CVE-2019-13146 (field_test): Arbitrary Variants Via Query Parameters

posted in •

CVE-2019-1020001 (yard): Arbitrary path traversal and file access via `yard server`

posted in •

GHSA-xfhh-rx56-rxcr (yard): Possible arbitrary path traversal and file access via `yard server`

posted in •

CVE-2019-13354 (strong_password): strong_password Ruby gem malicious version causing Remote Code Execution vulnerability

posted in •

CVE-2019-13574 (mini_magick): Remote command execution via filename

posted in •

CVE-2019-1010306 (slanger): Arbitrary command execution in slanger

posted in •

CVE-2019-13589 (paranoid2): Code backdoor in paranoid2

posted in •

CVE-2019-1010191 (marginalia): SQL injection vulnerability via Marginalia::Comment

posted in •

CVE-2018-20857 (samlr): samlr XML nodes comment attack

posted in •

CVE-2019-14281 (datagrid): Code execution backdoor in datagrid

posted in •

CVE-2019-14282 (simple_captcha2): Code backdoor in simple_captcha2

posted in •

CVE-2019-5477 (rexical): Rexical Command Injection Vulnerability

posted in •

CVE-2019-15224 (rest-client): Code execution backdoor in rest-client

posted in •

CVE-2019-15224 (omniauth_amazon): Code execution backdoor in omniauth_amazon

posted in •

CVE-2018-20975 (fat_free_crm): fat_free_crm XSS via query parameter of tags_helper method

posted in •

CVE-2020-8130 (rake): OS Command Injection in Rake

posted in •

CVE-2019-16109 (devise): Devise Gem for Ruby confirmation token validation with a blank string

posted in •

CVE-2019-16892 (rubyzip): Denial of Service in rubyzip ("zip bombs")

posted in •

CVE-2019-16145 (padrino-contrib): padrino-contrib XSS via caption parameter of breadcrumbs helper

posted in •

CVE-2019-16377 (consul): Consul gem insufficient authentication check - Multiple powers in one controller are not always checked correctly

posted in •

CVE-2019-16676 (simple_form): simple_form Gem for Ruby Incorrect Access Control for forms based on user input

posted in •

GHSA-85rf-xh54-whp3 (iodine): iodine path traversal via malicious URL drafting attack

posted in •

CVE-2019-17383 (netaddr): netaddr world-writeable file permissions

posted in •

CVE-2019-15587 (loofah): Loofah XSS Vulnerability

posted in •

CVE-2019-18409 (ruby_parser-legacy): ruby_parser-legacy world writable files allow local privilege escalation

posted in •

CVE-2019-13117 (nokogiri): Nokogiri gem, via libxslt, is affected by multiple vulnerabilities

posted in •

CVE-2019-18841 (chartkick): Prototype Pollution in Chartkick.js 3.1.x

posted in •

CVE-2019-18848 (json-jwt): json-jwt improper input validation due to lack of element count when splitting string

posted in •

CVE-2019-18978 (rack-cors): rack-cors directory traversal via path

posted in •

CVE-2019-16770 (puma): Keepalive thread overload/DoS in puma

posted in •

CVE-2019-16779 (excon): Race condition when using persistent connections

posted in •

CVE-2019-16782 (rack): Possible information leak / session hijack vulnerability

posted in •

2020

CVE-2020-5216 (secure_headers): secure_headers header injection due to newline

posted in •

CVE-2020-5217 (secure_headers): secure_headers directive injection using semicolon

posted in •

CVE-2020-7981 (geocoder): Geocoder gem for Ruby contains possible SQL injection vulnerability

posted in •

CVE-2020-5241 (matestack-ui-core): matestack-ui-core is vulnerable to XSS/Script injection

posted in •

CVE-2020-7595 (nokogiri): libxml2 2.9.10 has an infinite loop in a certain end-of-file situation

posted in •

CVE-2019-10780 (bibtex-ruby): OS command injection in BibTeX-Ruby

posted in •

CVE-2020-5247 (puma): HTTP Response Splitting vulnerability in puma

posted in •

CVE-2020-5249 (puma): HTTP Response Splitting (Early Hints) in Puma

posted in •

CVE-2020-5243 (user_agent_parser): Denial of Service in uap-core when processing crafted User-Agent strings

posted in •

CVE-2020-36190 (rails_admin): rails_admin ruby gem XSS vulnerability

posted in •

CVE-2020-5257 (administrate): Sort order SQL injection via `direction` parameter in administrate

posted in •

CVE-2020-10663 (json): json Gem for Ruby Unsafe Object Creation Vulnerability (additional fix)

posted in •

CVE-2020-5267 (actionview): Possible XSS vulnerability in ActionView

posted in •

CVE-2015-4411 (bson): Potential denial of service in bson rubygem

posted in •

CVE-2020-11020 (faye): Authentication and extension bypass in Faye

posted in •

CVE-2020-11023 (jquery-rails): Potential XSS vulnerability in jQuery

posted in •

CVE-2020-10187 (doorkeeper): Doorkeeper application secret information disclosure vulnerability

posted in •

CVE-2020-8151 (activeresource): activeresource Gem for Ruby lib/active_resource/base.rb element_path Lack of Encoding

posted in •

CVE-2020-8159 (actionpack-page_caching): Arbitrary file write/potential remote code execution in actionpack-page_caching

posted in •

CVE-2020-11052 (sorcery): Improper Restriction of Excessive Authentication Attempts in Sorcery

posted in •

CVE-2020-8161 (rack): Directory traversal in Rack::Directory app bundled with Rack

posted in •

CVE-2020-8163 (actionview): Potential remote code execution of user-provided local names in ActionView

posted in •

CVE-2020-8162 (activestorage): Circumvention of file size limits in ActiveStorage

posted in •

CVE-2020-8164 (actionpack): Possible Strong Parameters Bypass in ActionPack

posted in •

CVE-2020-8165 (activesupport): Potentially unintended unmarshalling of user-provided objects in MemCacheStore and RedisCacheStore

posted in •

CVE-2020-8166 (actionpack): Ability to forge per-form CSRF tokens given a global CSRF token

posted in •

CVE-2020-8167 (actionview): CSRF Vulnerability in rails-ujs

posted in •

CVE-2020-11076 (puma): HTTP Smuggling via Transfer-Encoding Header in Puma

posted in •

CVE-2020-11077 (puma): HTTP Smuggling via Transfer-Encoding Header in Puma

posted in •

CVE-2020-11082 (kaminari): Cross-Site Scripting in Kaminari via `original_script_name` parameter

posted in •

CVE-2020-7663 (websocket-extensions): Regular Expression Denial of Service in websocket-extensions (RubyGem)

posted in •

CVE-2020-8184 (rack): Percent-encoded cookies can be used to overwrite existing prefixed cookie names

posted in •

CVE-2020-4054 (sanitize): Cross-site scripting vulnerability via `` or `` element in Sanitize

posted in •

CVE-2020-8185 (actionpack): Untrusted users able to run pending migrations in production

posted in •

CVE-2020-14001 (kramdown): Unintended read access in kramdown gem

posted in •

CVE-2020-15133 (faye-websocket): Missing TLS certificate verification in faye-websocket

posted in •

CVE-2020-15134 (faye): Missing TLS certificate verification

posted in •

CVE-2020-15109 (solidus_frontend): Ability to change order address without triggering address validations in solidus

posted in •

CVE-2020-16252 (field_test): CSRF Vulnerability with Non-Session Based Authentication

posted in •

CVE-2020-16253 (pghero): CSRF Vulnerability with Non-Session Based Authentication

posted in •

CVE-2020-16254 (chartkick): CSS injection with width and height options

posted in •

CVE-2020-15169 (actionview): Potential XSS vulnerability in Action View

posted in •

CVE-2020-25739 (gon): Gon gem lack of escaping certain input when outputting as JSON

posted in •

GHSA-vp9c-fpxx-744v (personnummer): Validation bypass vulnerability

posted in •

CVE-2020-25613 (webrick): Potential HTTP Request Smuggling Vulnerability in WEBrick

posted in •

CVE-2020-36327 (bundler): Dependency Confusion in Bundler with Implicit Private Dependencies

posted in •

CVE-2020-15237 (shrine): Possible timing attack in derivation_endpoint

posted in •

CVE-2020-8264 (actionpack): Possible XSS Vulnerability in Action Pack in Development Mode

posted in •

CVE-2020-15269 (spree): Ensure that doorkeeper_token is valid when authenticating requests in API v2 calls

posted in •

CVE-2020-7670 (agoo): HTTP Request Smuggling in Agoo

posted in •

CVE-2020-15240 (omniauth-auth0): Regression in JWT Signature Validation

posted in •

CVE-2020-26222 (dependabot-omnibus): Remote code execution in dependabot-core branch names when cloning

posted in •

CVE-2020-26223 (spree_api): Authorization bypass in Spree

posted in •

CVE-2020-26254 (omniauth-apple): omniauth-apple allows attacker to fake their email address during authentication

posted in •

CVE-2020-26247 (nokogiri): Nokogiri::XML::Schema trusts input by default, exposing risk of an XXE vulnerability

posted in •

2021

CVE-2020-26298 (redcarpet): Injection/XSS in Redcarpet

posted in •

CVE-2021-21289 (mechanize): Mechanize ruby gem Command Injection vulnerability

posted in •

CVE-2021-21288 (carrierwave): Server-side request forgery in CarrierWave

posted in •

CVE-2021-21305 (carrierwave): Code Injection vulnerability in CarrierWave::RMagick

posted in •

CVE-2021-22880 (activerecord): Possible DoS Vulnerability in Active Record PostgreSQL adapter

posted in •

CVE-2021-22881 (actionpack): Possible Open Redirect in Host Authorization Middleware

posted in •

CVE-2019-25025 (activerecord-session_store): activerecord-session_store Timing Attack

posted in •

CVE-2020-24392 (twitter-stream): Improper Certificate Validation in twitter-stream

posted in •

CVE-2021-28834 (kramdown): Remote code execution in Kramdown

posted in •

CVE-2021-28965 (rexml): XML round-trip vulnerability in REXML

posted in •

CVE-2021-28966 (tmpdir): Path traversal in Tempfile on Windows

posted in •

CVE-2020-24393 (tweetstream): Improper Certificate Validation in TweetStream

posted in •

CVE-2020-7942 (puppet): Improper Certificate Validation in Puppet

posted in •

CVE-2021-29435 (trestle-auth): Cross-Site Request Forgery (CSRF) in trestle-auth

posted in •

CVE-2016-11086 (oauth): Improper Certificate Validation in oauth ruby gem

posted in •

CVE-2021-31671 (pgsync): Connection security vulnerability with schema sync

posted in •

CVE-2021-31799 (rdoc): RDoc OS command injection vulnerability

posted in •

CVE-2021-22885 (actionpack): Possible Information Disclosure / Unintended Method Execution in Action Pack

posted in •

CVE-2021-22902 (actionpack): Possible Denial of Service vulnerability in Action Dispatch

posted in •

CVE-2021-22903 (actionpack): Possible Open Redirect Vulnerability in Action Pack

posted in •

CVE-2021-22904 (actionpack): Possible DoS Vulnerability in Action Controller Token Authentication

posted in •

CVE-2021-29509 (puma): Keepalive Connections Causing Denial Of Service in puma

posted in •

GHSA-7rrm-v45f-jp64 (nokogiri): Update packaged dependency libxml2 from 2.9.10 to 2.9.12

posted in •

CVE-2021-32823 (bindata): Potential Denial-of-Service in bindata

posted in •

CVE-2020-13163 (em-imap): Improper certificate validation in em-imap

posted in •

CVE-2020-13482 (em-http-request): Improper Certificate Validation in EM-HTTP-Request

posted in •

CVE-2020-7659 (reel): HTTP Request Smuggling in reel

posted in •

CVE-2020-7671 (goliath): HTTP Request Smuggling in goliath

posted in •

CVE-2021-33564 (dragonfly): Remote code execution in Dragonfly

posted in •

CVE-2021-20259 (foreman_fog_proxmox): Exposure of Sensitive Information to an Unauthorized Actor in foreman_fog_proxmox

posted in •

CVE-2021-35514 (narou): Code injection in Narou

posted in •

CVE-2021-32740 (addressable): Regular Expression Denial of Service in Addressable templates

posted in •