This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:ruby-lang:ruby:1.8.5
Detail
VendorRuby-LangFirst view 2007-10-01
ProductRubyLast view2016-03-23
Version1.8.5TypeApplication
Edition 
Language 
Update 
 
CPE Productcpe:/a:ruby-lang:ruby

Activity : Overall

Related : CVE

 DateAlertAccess VectorAccess ComplexityAuthentication
4.62016-03-23CVE-2015-7551LocalLowNone Requ...
52014-11-21CVE-2014-8090NetworkLowNone Requ...
52014-11-03CVE-2014-8080NetworkLowNone Requ...
52013-04-09CVE-2013-1821NetworkLowNone Requ...
52012-11-28CVE-2012-5371NetworkLowNone Requ...
Hide | Show 19 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
7.82011-12-29CVE-2011-4815NetworkLowNone Requ...
52011-08-05CVE-2011-3009NetworkLowNone Requ...
52011-08-05CVE-2011-2705NetworkLowNone Requ...
52011-08-05CVE-2011-2686NetworkLowNone Requ...
6.82011-03-22CVE-2011-0188NetworkMediumNone Requ...
7.82008-12-08CVE-2008-4310NetworkLowNone Requ...
5.82008-09-04CVE-2008-3905NetworkMediumNone Requ...
52008-08-14CVE-2008-3443NetworkLowNone Requ...
7.52008-08-12CVE-2008-3657NetworkLowNone Requ...
7.82008-08-12CVE-2008-3656NetworkLowNone Requ...
7.52008-08-12CVE-2008-3655NetworkLowNone Requ...
7.82008-06-24CVE-2008-2726NetworkLowNone Requ...
7.82008-06-24CVE-2008-2725NetworkLowNone Requ...
7.82008-06-24CVE-2008-2664NetworkLowNone Requ...
102008-06-24CVE-2008-2663NetworkLowNone Requ...
102008-06-24CVE-2008-2662NetworkLowNone Requ...
52008-04-18CVE-2008-1891NetworkLowNone Requ...
52007-11-13CVE-2007-5770NetworkLowNone Requ...
4.32007-10-01CVE-2007-5162NetworkMediumNone Requ...

CWE : Common Weakness Enumeration

%idName
22% (5)CWE-189Numeric Errors
22% (5)CWE-20Improper Input Validation
18% (4)CWE-399Resource Management Errors
13% (3)CWE-310Cryptographic Issues
13% (3)CWE-287Improper Authentication
Hide | Show 2 More...
%idName
4% (1)CWE-264Permissions, Privileges, and Access Controls
4% (1)CWE-22Improper Limitation of a Pathname to a Restricted Directory ('Path ...

Oval Markup Language : Definitions

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
OvalIDName
oval:org.mitre.oval:def:11602Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, an...
oval:org.mitre.oval:def:9646The rb_str_format function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231...
oval:org.mitre.oval:def:17484USN-621-1 -- ruby1.8 vulnerabilities
oval:org.mitre.oval:def:10738The connect method in lib/net/http.rb in the (1) Net::HTTP and (2) Net::HTTPS...
oval:org.mitre.oval:def:9570The regular expression engine (regex.c) in Ruby 1.8.5 and earlier, 1.8.6 thro...
Hide | Show 20 More...
idName
oval:org.mitre.oval:def:7525DSA-1695 ruby1.8, ruby1.9 -- memory leak
oval:org.mitre.oval:def:13642DSA-1695-1 ruby1.8, ruby1.9 -- memory leak
oval:org.mitre.oval:def:18657DSA-1412-1 ruby1.9 - possible man-in-the-middle attacks
oval:org.mitre.oval:def:18414DSA-1410-1 ruby1.8 - possible man-in-the-middle attacks
oval:org.mitre.oval:def:17689USN-596-1 -- ruby1.8 vulnerabilities
oval:org.mitre.oval:def:11025The (1) Net::ftptls, (2) Net::telnets, (3) Net::imap, (4) Net::pop, and (5) N...
oval:org.mitre.oval:def:21946ELSA-2007:0965: ruby security update (Moderate)
oval:org.mitre.oval:def:10250httputils.rb in WEBrick in Ruby 1.8.1 and 1.8.5, as used in Red Hat Enterpris...
oval:org.mitre.oval:def:22012ELSA-2008:0981: ruby security update (Moderate)
oval:org.mitre.oval:def:28686RHSA-2008:0981 -- ruby security update (Moderate)
oval:org.mitre.oval:def:10524Multiple integer overflows in the rb_ary_store function in Ruby 1.8.4 and ear...
oval:org.mitre.oval:def:9793The dl module in Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 thro...
oval:org.mitre.oval:def:28244USN-2412-1 -- Ruby vulnerability
oval:org.mitre.oval:def:28142RHSA-2014:1911 -- ruby security update (Moderate)
oval:org.mitre.oval:def:28027ELSA-2014-1911 -- ruby security update (moderate)
oval:org.mitre.oval:def:27935RHSA-2014:1912 -- ruby security update (Moderate)
oval:org.mitre.oval:def:20774RHSA-2013:0611: ruby security update (Moderate)
oval:org.mitre.oval:def:20593RHSA-2013:0612: ruby security update (Moderate)
oval:org.mitre.oval:def:17395USN-1780-1 -- Ruby vulnerability
oval:org.mitre.oval:def:23823ELSA-2013:0612: ruby security update (Moderate)

Open Source Vulnerability Database (OSVDB)

idDescription
78118Ruby Hash Collission Form Parameter Parsing Remote DoS
74841Ruby Random Seed Reset Random Number Value Prediction Weakness
74647Ruby lib/securerandom.rb SecureRandom.random_bytes Function PRNG Initializati...
71640Apple Mac OS X Ruby BigDecimal Class Integer Truncation Arbitrary Code Execution
47800Ruby Regexp Engine (regex.c) Crafted Socket Request DoS
Hide | Show 11 More...
idDescription
47472Ruby dl Module DL.dlopen Arbitrary Library Access
47471WEBrick in Ruby WEBrick::HTTP::DefaultFileHandler Crafted HTTP Request DoS
47470Ruby Safe Level Multiple Function Restriction Bypass
47469Ruby resolv.rb DNS Query ID Field Prediction Cache Poisoning
46554Ruby rb_ary_splice Function Overflow (beg + rlen)
46553Ruby rb_ary_splice Function REALLOC_N Overflow
46552Ruby rb_str_format Function Unspecified Memory Corruption
46551Ruby rb_ary_store Function Multiple Overflows
46550Ruby rb_str_buf_append Function Multiple Overflows
44682WEBrick in Ruby URI Multiple Encoded Traversal Arbitrary File Access
40773Ruby Multiple Net Modules Certificate commonName (CN) Field Verification Weak...

Milw0rm Exploits

idDescription
2008-08-13Ruby <= 1.9 (regex engine) Remote Socket Memory Leak Exploit

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2012-11-26Name : FreeBSD Ports: ruby
File : nvt/freebsd_ruby13.nasl
2012-11-19Name : Fedora Update for ruby FEDORA-2012-18017
File : nvt/gb_fedora_2012_18017_ruby_fc17.nasl
2012-10-16Name : Fedora Update for ruby FEDORA-2012-15507
File : nvt/gb_fedora_2012_15507_ruby_fc16.nasl
2012-07-30Name : CentOS Update for ruby CESA-2012:0069 centos6
File : nvt/gb_CESA-2012_0069_ruby_centos6.nasl
2012-07-30Name : CentOS Update for irb CESA-2012:0070 centos4
File : nvt/gb_CESA-2012_0070_irb_centos4.nasl
Hide | Show 20 More...
idDescription
2012-07-30Name : CentOS Update for ruby CESA-2012:0070 centos5
File : nvt/gb_CESA-2012_0070_ruby_centos5.nasl
2012-07-30Name : CentOS Update for irb CESA-2011:0908 centos4 x86_64
File : nvt/gb_CESA-2011_0908_irb_centos4_x86_64.nasl
2012-07-30Name : CentOS Update for ruby CESA-2011:0909 centos5 x86_64
File : nvt/gb_CESA-2011_0909_ruby_centos5_x86_64.nasl
2012-07-09Name : RedHat Update for ruby RHSA-2011:1581-03
File : nvt/gb_RHSA-2011_1581-03_ruby.nasl
2012-07-09Name : RedHat Update for ruby RHSA-2012:0069-01
File : nvt/gb_RHSA-2012_0069-01_ruby.nasl
2012-06-06Name : RedHat Update for ruby RHSA-2011:0910-01
File : nvt/gb_RHSA-2011_0910-01_ruby.nasl
2012-05-18Name : Mac OS X Multiple Vulnerabilities (2012-002)
File : nvt/gb_macosx_su12-002.nasl
2012-04-02Name : Fedora Update for ruby FEDORA-2011-17542
File : nvt/gb_fedora_2011_17542_ruby_fc16.nasl
2012-03-07Name : Ubuntu Update for ruby1.8 USN-1377-1
File : nvt/gb_ubuntu_USN_1377_1.nasl
2012-03-07Name : Mandriva Update for ruby MDVSA-2012:024 (ruby)
File : nvt/gb_mandriva_MDVSA_2012_024.nasl
2012-02-12Name : FreeBSD Ports: jruby
File : nvt/freebsd_jruby.nasl
2012-02-01Name : RedHat Update for ruby RHSA-2012:0070-01
File : nvt/gb_RHSA-2012_0070-01_ruby.nasl
2012-01-13Name : Fedora Update for ruby FEDORA-2011-17551
File : nvt/gb_fedora_2011_17551_ruby_fc15.nasl
2011-08-29Name : Ruby Random Number Generation Local Denial Of Service Vulnerability
File : nvt/secpod_ruby_random_number_generation_dos_vuln.nasl
2011-08-29Name : Ruby Random Number Values Information Disclosure Vulnerability
File : nvt/secpod_ruby_random_number_values_info_disc_vuln.nasl
2011-08-29Name : Ruby Random Number Values Information Disclosure Vulnerability
File : nvt/secpod_ruby_random_number_values_info_disc_vuln_01.nasl
2011-08-26Name : Mac OS X v10.6.6 Multiple Vulnerabilities (2011-001)
File : nvt/secpod_macosx_su11-001.nasl
2011-08-18Name : CentOS Update for irb CESA-2011:0908 centos4 i386
File : nvt/gb_CESA-2011_0908_irb_centos4_i386.nasl
2011-08-09Name : CentOS Update for ruby CESA-2011:0909 centos5 i386
File : nvt/gb_CESA-2011_0909_ruby_centos5_i386.nasl
2011-07-27Name : Fedora Update for ruby FEDORA-2011-9359
File : nvt/gb_fedora_2011_9359_ruby_fc15.nasl

Snort® IPS/IDS

DateDescription
2014-03-15XML exponential entity expansion attack attempt
RuleID : 29800 - Type : FILE-OTHER - Revision : 3
2014-01-10XML exponential entity expansion attack attempt
RuleID : 27096 - Type : FILE-OTHER - Revision : 4

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2016-03-22Name : The remote Mac OS X host is affected by multiple vulnerabilities.
File : macosx_10_11_4.nasl - Type : ACT_GATHER_INFO
2016-03-04Name : The remote Fedora host is missing a security update.
File : fedora_2015-c4409eb73a.nasl - Type : ACT_GATHER_INFO
2016-03-04Name : The remote Fedora host is missing a security update.
File : fedora_2015-eef21b972e.nasl - Type : ACT_GATHER_INFO
2016-01-19Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2016-632.nasl - Type : ACT_GATHER_INFO
2015-12-29Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_3b50881d18604721aab1503290e23f6c.nasl - Type : ACT_GATHER_INFO
Hide | Show 20 More...
idDescription
2015-10-05Name : The remote host is missing a Mac OS X update that fixes multiple security vul...
File : macosx_10_11.nasl - Type : ACT_GATHER_INFO
2015-07-02Name : The remote Debian host is missing a security update.
File : debian_DLA-263.nasl - Type : ACT_GATHER_INFO
2015-06-01Name : The remote Debian host is missing a security update.
File : debian_DLA-235.nasl - Type : ACT_GATHER_INFO
2015-04-16Name : The remote Debian host is missing a security update.
File : debian_DLA-200.nasl - Type : ACT_GATHER_INFO
2015-03-30Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2015-129.nasl - Type : ACT_GATHER_INFO
2015-03-26Name : The remote Debian host is missing a security update.
File : debian_DLA-88.nasl - Type : ACT_GATHER_INFO
2015-02-11Name : The remote Debian host is missing a security-related update.
File : debian_DSA-3159.nasl - Type : ACT_GATHER_INFO
2015-02-10Name : The remote Debian host is missing a security-related update.
File : debian_DSA-3157.nasl - Type : ACT_GATHER_INFO
2015-01-27Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_ruby-141230.nasl - Type : ACT_GATHER_INFO
2015-01-19Name : The remote Solaris system is missing a security patch for third-party software.
File : solaris11_ruby_20120417.nasl - Type : ACT_GATHER_INFO
2015-01-05Name : The remote openSUSE host is missing a security update.
File : openSUSE-2015-1.nasl - Type : ACT_GATHER_INFO
2015-01-05Name : The remote openSUSE host is missing a security update.
File : openSUSE-2015-6.nasl - Type : ACT_GATHER_INFO
2014-12-15Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201412-27.nasl - Type : ACT_GATHER_INFO
2014-12-09Name : The remote openSUSE host is missing a security update.
File : openSUSE-2014-758.nasl - Type : ACT_GATHER_INFO
2014-12-02Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2014-1911.nasl - Type : ACT_GATHER_INFO
2014-12-02Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2014-1912.nasl - Type : ACT_GATHER_INFO
2014-12-02Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20141126_ruby_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2014-12-02Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20141126_ruby_on_SL7_x.nasl - Type : ACT_GATHER_INFO
2014-11-27Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-1911.nasl - Type : ACT_GATHER_INFO
2014-11-27Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-1912.nasl - Type : ACT_GATHER_INFO