This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:ruby-lang:ruby:1.8.5
Detail
VendorRuby-LangFirst view 2007-10-01
ProductRubyLast view2017-06-12
Version1.8.5TypeApplication
Edition 
Language 
Update 
 
CPE Productcpe:/a:ruby-lang:ruby

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
 DateAlertAccess VectorAccess ComplexityAuthentication
4.32017-06-12CVE-2015-9096NetworkMediumNone Requ...
52017-05-24CVE-2017-9229NetworkLowNone Requ...
7.52017-05-24CVE-2017-9228NetworkLowNone Requ...
7.52017-05-24CVE-2017-9227NetworkLowNone Requ...
7.52017-05-24CVE-2017-9226NetworkLowNone Requ...
Hide | Show 20 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
7.52017-05-24CVE-2017-9225NetworkLowNone Requ...
7.52017-05-24CVE-2017-9224NetworkLowNone Requ...
4.62016-03-23CVE-2015-7551LocalLowNone Requ...
52014-11-21CVE-2014-8090NetworkLowNone Requ...
52014-11-15CVE-2014-4975NetworkLowNone Requ...
52014-11-03CVE-2014-8080NetworkLowNone Requ...
52013-04-09CVE-2013-1821NetworkLowNone Requ...
52012-11-28CVE-2012-5371NetworkLowNone Requ...
7.82011-12-29CVE-2011-4815NetworkLowNone Requ...
52011-08-05CVE-2011-3009NetworkLowNone Requ...
52011-08-05CVE-2011-2705NetworkLowNone Requ...
52011-08-05CVE-2011-2686NetworkLowNone Requ...
6.82011-03-22CVE-2011-0188NetworkMediumNone Requ...
7.82008-12-08CVE-2008-4310NetworkLowNone Requ...
5.82008-09-04CVE-2008-3905NetworkMediumNone Requ...
52008-08-14CVE-2008-3443NetworkLowNone Requ...
7.52008-08-12CVE-2008-3657NetworkLowNone Requ...
7.82008-08-12CVE-2008-3656NetworkLowNone Requ...
7.52008-08-12CVE-2008-3655NetworkLowNone Requ...

CWE : Common Weakness Enumeration

%idName
16% (5)CWE-189Numeric Errors
16% (5)CWE-20Improper Input Validation
13% (4)CWE-399Resource Management Errors
10% (3)CWE-787Out-of-bounds Write
10% (3)CWE-310Cryptographic Issues
Hide | Show 7 More...
%idName
10% (3)CWE-287Improper Authentication
6% (2)CWE-125Out-of-bounds Read
3% (1)CWE-476NULL Pointer Dereference
3% (1)CWE-264Permissions, Privileges, and Access Controls
3% (1)CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer
3% (1)CWE-93Failure to Sanitize CRLF Sequences ('CRLF Injection')
3% (1)CWE-22Improper Limitation of a Pathname to a Restricted Directory ('Path ...

Oval Markup Language : Definitions

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
OvalIDName
oval:org.mitre.oval:def:11602Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, an...
oval:org.mitre.oval:def:9646The rb_str_format function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231...
oval:org.mitre.oval:def:17484USN-621-1 -- ruby1.8 vulnerabilities
oval:org.mitre.oval:def:10738The connect method in lib/net/http.rb in the (1) Net::HTTP and (2) Net::HTTPS...
oval:org.mitre.oval:def:9570The regular expression engine (regex.c) in Ruby 1.8.5 and earlier, 1.8.6 thro...
Hide | Show 20 More...
idName
oval:org.mitre.oval:def:7525DSA-1695 ruby1.8, ruby1.9 -- memory leak
oval:org.mitre.oval:def:13642DSA-1695-1 ruby1.8, ruby1.9 -- memory leak
oval:org.mitre.oval:def:18657DSA-1412-1 ruby1.9 - possible man-in-the-middle attacks
oval:org.mitre.oval:def:18414DSA-1410-1 ruby1.8 - possible man-in-the-middle attacks
oval:org.mitre.oval:def:17689USN-596-1 -- ruby1.8 vulnerabilities
oval:org.mitre.oval:def:11025The (1) Net::ftptls, (2) Net::telnets, (3) Net::imap, (4) Net::pop, and (5) N...
oval:org.mitre.oval:def:21946ELSA-2007:0965: ruby security update (Moderate)
oval:org.mitre.oval:def:10250httputils.rb in WEBrick in Ruby 1.8.1 and 1.8.5, as used in Red Hat Enterpris...
oval:org.mitre.oval:def:22012ELSA-2008:0981: ruby security update (Moderate)
oval:org.mitre.oval:def:28686RHSA-2008:0981 -- ruby security update (Moderate)
oval:org.mitre.oval:def:10524Multiple integer overflows in the rb_ary_store function in Ruby 1.8.4 and ear...
oval:org.mitre.oval:def:9793The dl module in Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 thro...
oval:org.mitre.oval:def:28244USN-2412-1 -- Ruby vulnerability
oval:org.mitre.oval:def:28142RHSA-2014:1911 -- ruby security update (Moderate)
oval:org.mitre.oval:def:28027ELSA-2014-1911 -- ruby security update (moderate)
oval:org.mitre.oval:def:27935RHSA-2014:1912 -- ruby security update (Moderate)
oval:org.mitre.oval:def:28303ELSA-2014-1912 -- ruby security update (moderate)
oval:org.mitre.oval:def:20774RHSA-2013:0611: ruby security update (Moderate)
oval:org.mitre.oval:def:20593RHSA-2013:0612: ruby security update (Moderate)
oval:org.mitre.oval:def:17395USN-1780-1 -- Ruby vulnerability

Open Source Vulnerability Database (OSVDB)

idDescription
78118Ruby Hash Collission Form Parameter Parsing Remote DoS
74841Ruby Random Seed Reset Random Number Value Prediction Weakness
74647Ruby lib/securerandom.rb SecureRandom.random_bytes Function PRNG Initializati...
71640Apple Mac OS X Ruby BigDecimal Class Integer Truncation Arbitrary Code Execution
47800Ruby Regexp Engine (regex.c) Crafted Socket Request DoS
Hide | Show 11 More...
idDescription
47472Ruby dl Module DL.dlopen Arbitrary Library Access
47471WEBrick in Ruby WEBrick::HTTP::DefaultFileHandler Crafted HTTP Request DoS
47470Ruby Safe Level Multiple Function Restriction Bypass
47469Ruby resolv.rb DNS Query ID Field Prediction Cache Poisoning
46554Ruby rb_ary_splice Function Overflow (beg + rlen)
46553Ruby rb_ary_splice Function REALLOC_N Overflow
46552Ruby rb_str_format Function Unspecified Memory Corruption
46551Ruby rb_ary_store Function Multiple Overflows
46550Ruby rb_str_buf_append Function Multiple Overflows
44682WEBrick in Ruby URI Multiple Encoded Traversal Arbitrary File Access
40773Ruby Multiple Net Modules Certificate commonName (CN) Field Verification Weak...

Milw0rm Exploits

idDescription
2008-08-13Ruby <= 1.9 (regex engine) Remote Socket Memory Leak Exploit

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2012-11-26Name : FreeBSD Ports: ruby
File : nvt/freebsd_ruby13.nasl
2012-11-19Name : Fedora Update for ruby FEDORA-2012-18017
File : nvt/gb_fedora_2012_18017_ruby_fc17.nasl
2012-10-16Name : Fedora Update for ruby FEDORA-2012-15507
File : nvt/gb_fedora_2012_15507_ruby_fc16.nasl
2012-07-30Name : CentOS Update for ruby CESA-2012:0069 centos6
File : nvt/gb_CESA-2012_0069_ruby_centos6.nasl
2012-07-30Name : CentOS Update for irb CESA-2012:0070 centos4
File : nvt/gb_CESA-2012_0070_irb_centos4.nasl
Hide | Show 20 More...
idDescription
2012-07-30Name : CentOS Update for ruby CESA-2012:0070 centos5
File : nvt/gb_CESA-2012_0070_ruby_centos5.nasl
2012-07-30Name : CentOS Update for irb CESA-2011:0908 centos4 x86_64
File : nvt/gb_CESA-2011_0908_irb_centos4_x86_64.nasl
2012-07-30Name : CentOS Update for ruby CESA-2011:0909 centos5 x86_64
File : nvt/gb_CESA-2011_0909_ruby_centos5_x86_64.nasl
2012-07-09Name : RedHat Update for ruby RHSA-2011:1581-03
File : nvt/gb_RHSA-2011_1581-03_ruby.nasl
2012-07-09Name : RedHat Update for ruby RHSA-2012:0069-01
File : nvt/gb_RHSA-2012_0069-01_ruby.nasl
2012-06-06Name : RedHat Update for ruby RHSA-2011:0910-01
File : nvt/gb_RHSA-2011_0910-01_ruby.nasl
2012-05-18Name : Mac OS X Multiple Vulnerabilities (2012-002)
File : nvt/gb_macosx_su12-002.nasl
2012-04-02Name : Fedora Update for ruby FEDORA-2011-17542
File : nvt/gb_fedora_2011_17542_ruby_fc16.nasl
2012-03-07Name : Ubuntu Update for ruby1.8 USN-1377-1
File : nvt/gb_ubuntu_USN_1377_1.nasl
2012-03-07Name : Mandriva Update for ruby MDVSA-2012:024 (ruby)
File : nvt/gb_mandriva_MDVSA_2012_024.nasl
2012-02-12Name : FreeBSD Ports: jruby
File : nvt/freebsd_jruby.nasl
2012-02-01Name : RedHat Update for ruby RHSA-2012:0070-01
File : nvt/gb_RHSA-2012_0070-01_ruby.nasl
2012-01-13Name : Fedora Update for ruby FEDORA-2011-17551
File : nvt/gb_fedora_2011_17551_ruby_fc15.nasl
2011-08-29Name : Ruby Random Number Generation Local Denial Of Service Vulnerability
File : nvt/secpod_ruby_random_number_generation_dos_vuln.nasl
2011-08-29Name : Ruby Random Number Values Information Disclosure Vulnerability
File : nvt/secpod_ruby_random_number_values_info_disc_vuln.nasl
2011-08-29Name : Ruby Random Number Values Information Disclosure Vulnerability
File : nvt/secpod_ruby_random_number_values_info_disc_vuln_01.nasl
2011-08-26Name : Mac OS X v10.6.6 Multiple Vulnerabilities (2011-001)
File : nvt/secpod_macosx_su11-001.nasl
2011-08-18Name : CentOS Update for irb CESA-2011:0908 centos4 i386
File : nvt/gb_CESA-2011_0908_irb_centos4_i386.nasl
2011-08-09Name : CentOS Update for ruby CESA-2011:0909 centos5 i386
File : nvt/gb_CESA-2011_0909_ruby_centos5_i386.nasl
2011-07-27Name : Fedora Update for ruby FEDORA-2011-9359
File : nvt/gb_fedora_2011_9359_ruby_fc15.nasl

Snort® IPS/IDS

DateDescription
2017-07-18Oniguruma expression parser out of bounds write attempt
RuleID : 43182 - Type : FILE-OTHER - Revision : 1
2017-07-18Oniguruma expression parser out of bounds write attempt
RuleID : 43181 - Type : FILE-OTHER - Revision : 1
2014-03-15XML exponential entity expansion attack attempt
RuleID : 29800 - Type : FILE-OTHER - Revision : 3
2014-01-10XML exponential entity expansion attack attempt
RuleID : 27096 - Type : FILE-OTHER - Revision : 4

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2017-07-19Name : The remote Fedora host is missing a security update.
File : fedora_2017-b8bb4b86e2.nasl - Type : ACT_GATHER_INFO
2017-07-17Name : The remote Fedora host is missing a security update.
File : fedora_2017-ee01a2ced6.nasl - Type : ACT_GATHER_INFO
2017-07-14Name : The remote Fedora host is missing a security update.
File : fedora_2017-b674dc22ad.nasl - Type : ACT_GATHER_INFO
2017-07-13Name : The version of PHP running on the remote web server is affected by multiple v...
File : php_5_6_31.nasl - Type : ACT_GATHER_INFO
2017-07-13Name : The version of PHP running on the remote web server is affected by multiple v...
File : php_7_0_21.nasl - Type : ACT_GATHER_INFO
Hide | Show 20 More...
idDescription
2017-07-13Name : The version of PHP running on the remote web server is affected by multiple v...
File : php_7_1_7.nasl - Type : ACT_GATHER_INFO
2017-07-10Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_b396cf6c62e611e79defb499baebfeaf.nasl - Type : ACT_GATHER_INFO
2017-07-07Name : The remote openSUSE host is missing a security update.
File : openSUSE-2017-790.nasl - Type : ACT_GATHER_INFO
2017-07-05Name : The remote openSUSE host is missing a security update.
File : openSUSE-2017-764.nasl - Type : ACT_GATHER_INFO
2017-06-19Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2017-1585-1.nasl - Type : ACT_GATHER_INFO
2017-06-13Name : The remote Fedora host is missing a security update.
File : fedora_2017-e2d6d0067f.nasl - Type : ACT_GATHER_INFO
2017-06-12Name : The remote Fedora host is missing a security update.
File : fedora_2017-60997f0d14.nasl - Type : ACT_GATHER_INFO
2017-05-30Name : The remote Debian host is missing a security update.
File : debian_DLA-958.nasl - Type : ACT_GATHER_INFO
2017-05-01Name : The remote openSUSE host is missing a security update.
File : openSUSE-2017-527.nasl - Type : ACT_GATHER_INFO
2017-04-21Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2017-1067-1.nasl - Type : ACT_GATHER_INFO
2017-04-07Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2017-0948-1.nasl - Type : ACT_GATHER_INFO
2017-04-06Name : The remote openSUSE host is missing a security update.
File : openSUSE-2017-435.nasl - Type : ACT_GATHER_INFO
2016-03-22Name : The remote Mac OS X host is affected by multiple vulnerabilities.
File : macosx_10_11_4.nasl - Type : ACT_GATHER_INFO
2016-03-04Name : The remote Fedora host is missing a security update.
File : fedora_2015-c4409eb73a.nasl - Type : ACT_GATHER_INFO
2016-03-04Name : The remote Fedora host is missing a security update.
File : fedora_2015-eef21b972e.nasl - Type : ACT_GATHER_INFO
2016-01-19Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2016-632.nasl - Type : ACT_GATHER_INFO
2015-12-29Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_3b50881d18604721aab1503290e23f6c.nasl - Type : ACT_GATHER_INFO
2015-10-05Name : The remote host is missing a Mac OS X update that fixes multiple security vul...
File : macosx_10_11.nasl - Type : ACT_GATHER_INFO
2015-07-02Name : The remote Debian host is missing a security update.
File : debian_DLA-263.nasl - Type : ACT_GATHER_INFO
2015-06-01Name : The remote Debian host is missing a security update.
File : debian_DLA-235.nasl - Type : ACT_GATHER_INFO