This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:ruby-lang:ruby:1.8.5
Detail
VendorRuby-LangFirst view 2007-10-01
ProductRubyLast view2017-09-19
Version1.8.5TypeApplication
Edition 
Language 
Update 
 
CPE Productcpe:/a:ruby-lang:ruby

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
 DateAlertAccess VectorAccess ComplexityAuthentication
9.32017-09-19CVE-2017-10784NetworkMediumNone Requ...
52017-09-06CVE-2014-6438NetworkLowNone Requ...
7.52017-08-31CVE-2017-14064NetworkLowNone Requ...
4.32017-06-12CVE-2015-9096NetworkMediumNone Requ...
52017-05-24CVE-2017-9229NetworkLowNone Requ...
Hide | Show 20 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
7.52017-05-24CVE-2017-9228NetworkLowNone Requ...
7.52017-05-24CVE-2017-9227NetworkLowNone Requ...
7.52017-05-24CVE-2017-9226NetworkLowNone Requ...
7.52017-05-24CVE-2017-9225NetworkLowNone Requ...
7.52017-05-24CVE-2017-9224NetworkLowNone Requ...
4.62016-03-23CVE-2015-7551LocalLowNone Requ...
52014-11-21CVE-2014-8090NetworkLowNone Requ...
52014-11-15CVE-2014-4975NetworkLowNone Requ...
52014-11-03CVE-2014-8080NetworkLowNone Requ...
52013-04-09CVE-2013-1821NetworkLowNone Requ...
52012-11-28CVE-2012-5371NetworkLowNone Requ...
7.82011-12-29CVE-2011-4815NetworkLowNone Requ...
52011-08-05CVE-2011-3009NetworkLowNone Requ...
52011-08-05CVE-2011-2705NetworkLowNone Requ...
52011-08-05CVE-2011-2686NetworkLowNone Requ...
6.82011-03-22CVE-2011-0188NetworkMediumNone Requ...
7.82008-12-08CVE-2008-4310NetworkLowNone Requ...
5.82008-09-04CVE-2008-3905NetworkMediumNone Requ...
52008-08-14CVE-2008-3443NetworkLowNone Requ...

CWE : Common Weakness Enumeration

%idName
15% (5)CWE-399Resource Management Errors
15% (5)CWE-189Numeric Errors
15% (5)CWE-20Improper Input Validation
12% (4)CWE-287Improper Authentication
9% (3)CWE-787Out-of-bounds Write
Hide | Show 7 More...
%idName
9% (3)CWE-310Cryptographic Issues
6% (2)CWE-125Out-of-bounds Read
6% (2)CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer
3% (1)CWE-476NULL Pointer Dereference
3% (1)CWE-264Permissions, Privileges, and Access Controls
3% (1)CWE-93Failure to Sanitize CRLF Sequences ('CRLF Injection')
3% (1)CWE-22Improper Limitation of a Pathname to a Restricted Directory ('Path ...

Oval Markup Language : Definitions

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
OvalIDName
oval:org.mitre.oval:def:11602Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, an...
oval:org.mitre.oval:def:9646The rb_str_format function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231...
oval:org.mitre.oval:def:17484USN-621-1 -- ruby1.8 vulnerabilities
oval:org.mitre.oval:def:10738The connect method in lib/net/http.rb in the (1) Net::HTTP and (2) Net::HTTPS...
oval:org.mitre.oval:def:9570The regular expression engine (regex.c) in Ruby 1.8.5 and earlier, 1.8.6 thro...
Hide | Show 20 More...
idName
oval:org.mitre.oval:def:7525DSA-1695 ruby1.8, ruby1.9 -- memory leak
oval:org.mitre.oval:def:13642DSA-1695-1 ruby1.8, ruby1.9 -- memory leak
oval:org.mitre.oval:def:18657DSA-1412-1 ruby1.9 - possible man-in-the-middle attacks
oval:org.mitre.oval:def:18414DSA-1410-1 ruby1.8 - possible man-in-the-middle attacks
oval:org.mitre.oval:def:17689USN-596-1 -- ruby1.8 vulnerabilities
oval:org.mitre.oval:def:11025The (1) Net::ftptls, (2) Net::telnets, (3) Net::imap, (4) Net::pop, and (5) N...
oval:org.mitre.oval:def:21946ELSA-2007:0965: ruby security update (Moderate)
oval:org.mitre.oval:def:10250httputils.rb in WEBrick in Ruby 1.8.1 and 1.8.5, as used in Red Hat Enterpris...
oval:org.mitre.oval:def:22012ELSA-2008:0981: ruby security update (Moderate)
oval:org.mitre.oval:def:28686RHSA-2008:0981 -- ruby security update (Moderate)
oval:org.mitre.oval:def:10524Multiple integer overflows in the rb_ary_store function in Ruby 1.8.4 and ear...
oval:org.mitre.oval:def:9793The dl module in Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 thro...
oval:org.mitre.oval:def:28244USN-2412-1 -- Ruby vulnerability
oval:org.mitre.oval:def:28142RHSA-2014:1911 -- ruby security update (Moderate)
oval:org.mitre.oval:def:28027ELSA-2014-1911 -- ruby security update (moderate)
oval:org.mitre.oval:def:27935RHSA-2014:1912 -- ruby security update (Moderate)
oval:org.mitre.oval:def:28303ELSA-2014-1912 -- ruby security update (moderate)
oval:org.mitre.oval:def:20774RHSA-2013:0611: ruby security update (Moderate)
oval:org.mitre.oval:def:20593RHSA-2013:0612: ruby security update (Moderate)
oval:org.mitre.oval:def:17395USN-1780-1 -- Ruby vulnerability

Open Source Vulnerability Database (OSVDB)

idDescription
78118Ruby Hash Collission Form Parameter Parsing Remote DoS
74841Ruby Random Seed Reset Random Number Value Prediction Weakness
74647Ruby lib/securerandom.rb SecureRandom.random_bytes Function PRNG Initializati...
71640Apple Mac OS X Ruby BigDecimal Class Integer Truncation Arbitrary Code Execution
47800Ruby Regexp Engine (regex.c) Crafted Socket Request DoS
Hide | Show 11 More...
idDescription
47472Ruby dl Module DL.dlopen Arbitrary Library Access
47471WEBrick in Ruby WEBrick::HTTP::DefaultFileHandler Crafted HTTP Request DoS
47470Ruby Safe Level Multiple Function Restriction Bypass
47469Ruby resolv.rb DNS Query ID Field Prediction Cache Poisoning
46554Ruby rb_ary_splice Function Overflow (beg + rlen)
46553Ruby rb_ary_splice Function REALLOC_N Overflow
46552Ruby rb_str_format Function Unspecified Memory Corruption
46551Ruby rb_ary_store Function Multiple Overflows
46550Ruby rb_str_buf_append Function Multiple Overflows
44682WEBrick in Ruby URI Multiple Encoded Traversal Arbitrary File Access
40773Ruby Multiple Net Modules Certificate commonName (CN) Field Verification Weak...

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2012-11-26Name : FreeBSD Ports: ruby
File : nvt/freebsd_ruby13.nasl
2012-11-19Name : Fedora Update for ruby FEDORA-2012-18017
File : nvt/gb_fedora_2012_18017_ruby_fc17.nasl
2012-10-16Name : Fedora Update for ruby FEDORA-2012-15507
File : nvt/gb_fedora_2012_15507_ruby_fc16.nasl
2012-07-30Name : CentOS Update for ruby CESA-2012:0069 centos6
File : nvt/gb_CESA-2012_0069_ruby_centos6.nasl
2012-07-30Name : CentOS Update for irb CESA-2012:0070 centos4
File : nvt/gb_CESA-2012_0070_irb_centos4.nasl
Hide | Show 20 More...
idDescription
2012-07-30Name : CentOS Update for ruby CESA-2012:0070 centos5
File : nvt/gb_CESA-2012_0070_ruby_centos5.nasl
2012-07-30Name : CentOS Update for irb CESA-2011:0908 centos4 x86_64
File : nvt/gb_CESA-2011_0908_irb_centos4_x86_64.nasl
2012-07-30Name : CentOS Update for ruby CESA-2011:0909 centos5 x86_64
File : nvt/gb_CESA-2011_0909_ruby_centos5_x86_64.nasl
2012-07-09Name : RedHat Update for ruby RHSA-2011:1581-03
File : nvt/gb_RHSA-2011_1581-03_ruby.nasl
2012-07-09Name : RedHat Update for ruby RHSA-2012:0069-01
File : nvt/gb_RHSA-2012_0069-01_ruby.nasl
2012-06-06Name : RedHat Update for ruby RHSA-2011:0910-01
File : nvt/gb_RHSA-2011_0910-01_ruby.nasl
2012-05-18Name : Mac OS X Multiple Vulnerabilities (2012-002)
File : nvt/gb_macosx_su12-002.nasl
2012-04-02Name : Fedora Update for ruby FEDORA-2011-17542
File : nvt/gb_fedora_2011_17542_ruby_fc16.nasl
2012-03-07Name : Ubuntu Update for ruby1.8 USN-1377-1
File : nvt/gb_ubuntu_USN_1377_1.nasl
2012-03-07Name : Mandriva Update for ruby MDVSA-2012:024 (ruby)
File : nvt/gb_mandriva_MDVSA_2012_024.nasl
2012-02-12Name : FreeBSD Ports: jruby
File : nvt/freebsd_jruby.nasl
2012-02-01Name : RedHat Update for ruby RHSA-2012:0070-01
File : nvt/gb_RHSA-2012_0070-01_ruby.nasl
2012-01-13Name : Fedora Update for ruby FEDORA-2011-17551
File : nvt/gb_fedora_2011_17551_ruby_fc15.nasl
2011-08-29Name : Ruby Random Number Generation Local Denial Of Service Vulnerability
File : nvt/secpod_ruby_random_number_generation_dos_vuln.nasl
2011-08-29Name : Ruby Random Number Values Information Disclosure Vulnerability
File : nvt/secpod_ruby_random_number_values_info_disc_vuln.nasl
2011-08-29Name : Ruby Random Number Values Information Disclosure Vulnerability
File : nvt/secpod_ruby_random_number_values_info_disc_vuln_01.nasl
2011-08-26Name : Mac OS X v10.6.6 Multiple Vulnerabilities (2011-001)
File : nvt/secpod_macosx_su11-001.nasl
2011-08-18Name : CentOS Update for irb CESA-2011:0908 centos4 i386
File : nvt/gb_CESA-2011_0908_irb_centos4_i386.nasl
2011-08-09Name : CentOS Update for ruby CESA-2011:0909 centos5 i386
File : nvt/gb_CESA-2011_0909_ruby_centos5_i386.nasl
2011-07-27Name : Fedora Update for ruby FEDORA-2011-9359
File : nvt/gb_fedora_2011_9359_ruby_fc15.nasl

Snort® IPS/IDS

DateDescription
2017-07-18Oniguruma expression parser out of bounds write attempt
RuleID : 43182 - Type : FILE-OTHER - Revision : 1
2017-07-18Oniguruma expression parser out of bounds write attempt
RuleID : 43181 - Type : FILE-OTHER - Revision : 1
2014-03-15XML exponential entity expansion attack attempt
RuleID : 29800 - Type : FILE-OTHER - Revision : 3
2014-01-10XML exponential entity expansion attack attempt
RuleID : 27096 - Type : FILE-OTHER - Revision : 4

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2017-11-13Name : The remote Debian host is missing a security-related update.
File : debian_DSA-4031.nasl - Type : ACT_GATHER_INFO
2017-10-27Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2017-915.nasl - Type : ACT_GATHER_INFO
2017-10-18Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201710-18.nasl - Type : ACT_GATHER_INFO
2017-10-06Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-3439-1.nasl - Type : ACT_GATHER_INFO
2017-10-03Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2017-906.nasl - Type : ACT_GATHER_INFO
Hide | Show 20 More...
idDescription
2017-09-29Name : The remote Fedora host is missing a security update.
File : fedora_2017-e314044789.nasl - Type : ACT_GATHER_INFO
2017-09-27Name : The remote Debian host is missing a security update.
File : debian_DLA-1113.nasl - Type : ACT_GATHER_INFO
2017-09-27Name : The remote Debian host is missing a security update.
File : debian_DLA-1114.nasl - Type : ACT_GATHER_INFO
2017-09-20Name : The remote Fedora host is missing a security update.
File : fedora_2017-e136d63c99.nasl - Type : ACT_GATHER_INFO
2017-09-20Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_95b013799d5211e7a25c471bafc3262f.nasl - Type : ACT_GATHER_INFO
2017-09-19Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2017-261-03.nasl - Type : ACT_GATHER_INFO
2017-09-06Name : The remote Debian host is missing a security-related update.
File : debian_DSA-3966.nasl - Type : ACT_GATHER_INFO
2017-08-24Name : The remote Fedora host is missing a security update.
File : fedora_2017-f318871e3b.nasl - Type : ACT_GATHER_INFO
2017-08-18Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2017-871.nasl - Type : ACT_GATHER_INFO
2017-08-11Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-3382-1.nasl - Type : ACT_GATHER_INFO
2017-08-04Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2017-867.nasl - Type : ACT_GATHER_INFO
2017-07-26Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-3365-1.nasl - Type : ACT_GATHER_INFO
2017-07-21Name : The remote Fedora host is missing a security update.
File : fedora_2017-5ade380ab2.nasl - Type : ACT_GATHER_INFO
2017-07-19Name : The remote Fedora host is missing a security update.
File : fedora_2017-b8bb4b86e2.nasl - Type : ACT_GATHER_INFO
2017-07-17Name : The remote Fedora host is missing a security update.
File : fedora_2017-ee01a2ced6.nasl - Type : ACT_GATHER_INFO
2017-07-14Name : The remote Fedora host is missing a security update.
File : fedora_2017-b674dc22ad.nasl - Type : ACT_GATHER_INFO
2017-07-13Name : The version of PHP running on the remote web server is affected by multiple v...
File : php_5_6_31.nasl - Type : ACT_GATHER_INFO
2017-07-13Name : The version of PHP running on the remote web server is affected by multiple v...
File : php_7_0_21.nasl - Type : ACT_GATHER_INFO
2017-07-13Name : The version of PHP running on the remote web server is affected by multiple v...
File : php_7_1_7.nasl - Type : ACT_GATHER_INFO
2017-07-10Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2017-188-01.nasl - Type : ACT_GATHER_INFO