This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Ruby-Lang First view 2008-04-18
Product Ruby Last view 2023-03-31
Version 1.8.6.132 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:ruby-lang:ruby

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
5.3 2023-03-31 CVE-2023-28756

A ReDoS issue was discovered in the Time component through 0.2.1 in Ruby through 3.2.1. The Time parser mishandles invalid URLs that have specific characters. It causes an increase in execution time for parsing strings to Time objects. The fixed versions are 0.1.1 and 0.2.2.

7.5 2023-02-09 CVE-2023-22795

A regular expression based DoS vulnerability in Action Dispatch <6.1.7.1 and <7.0.4.1 related to the If-None-Match header. A specially crafted HTTP If-None-Match header can cause the regular expression engine to enter a state of catastrophic backtracking, when on a version of Ruby below 3.2.0. This can cause the process to use large amounts of CPU and memory, leading to a possible DoS vulnerability All users running an affected release should either upgrade or use one of the workarounds immediately.

8.8 2022-11-18 CVE-2021-33621

The cgi gem before 0.1.0.2, 0.2.x before 0.2.2, and 0.3.x before 0.3.5 for Ruby allows HTTP response splitting. This is relevant to applications that use untrusted user input either to generate an HTTP response or to create a CGI::Cookie object.

7.5 2022-05-09 CVE-2022-28739

There is a buffer over-read in Ruby before 2.6.10, 2.7.x before 2.7.6, 3.x before 3.0.4, and 3.1.x before 3.1.2. It occurs in String-to-Float conversion, including Kernel#Float and String#to_f.

9.8 2022-05-09 CVE-2022-28738

A double free was found in the Regexp compiler in Ruby 3.x before 3.0.4 and 3.1.x before 3.1.2. If a victim attempts to create a Regexp from untrusted user input, an attacker may be able to write to unexpected memory locations.

7.5 2022-01-01 CVE-2021-41819

CGI::Cookie.parse in Ruby through 2.6.8 mishandles security prefixes in cookie names. This also affects the CGI gem through 0.3.0 for Ruby.

7.5 2022-01-01 CVE-2021-41817

Date.parse in the date gem through 3.2.0 for Ruby allows ReDoS (regular expression Denial of Service) via a long string. The fixed versions are 3.2.1, 3.1.2, 3.0.2, and 2.0.1.

7.4 2021-08-01 CVE-2021-32066

An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. Net::IMAP does not raise an exception when StartTLS fails with an an unknown response, which might allow man-in-the-middle attackers to bypass the TLS protections by leveraging a network position between the client and the registry to block the StartTLS command, aka a "StartTLS stripping attack."

7.5 2021-07-30 CVE-2021-28966

In Ruby through 3.0 on Windows, a remote attacker can submit a crafted path when a Web application handles a parameter with TmpDir.

5.8 2021-07-13 CVE-2021-31810

An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. A malicious FTP server can use the PASV response to trick Net::FTP into connecting back to a given IP address and port. This potentially makes curl extract information about services that are otherwise private and not disclosed (e.g., the attacker can conduct port scans and service banner extractions).

7.5 2021-04-21 CVE-2021-28965

The REXML gem before 3.2.5 in Ruby before 2.6.7, 2.7.x before 2.7.3, and 3.x before 3.0.1 does not properly address XML round-trip issues. An incorrect document can be produced after parsing and serializing.

7.5 2020-10-06 CVE-2020-25613

An issue was discovered in Ruby through 2.5.8, 2.6.x through 2.6.6, and 2.7.x through 2.7.1. WEBrick, a simple HTTP server bundled with Ruby, had not checked the transfer-encoding header value rigorously. An attacker may potentially exploit this issue to bypass a reverse proxy (which also has a poor header check), which may lead to an HTTP Request Smuggling attack.

5.3 2020-05-04 CVE-2020-10933

An issue was discovered in Ruby 2.5.x through 2.5.7, 2.6.x through 2.6.5, and 2.7.0. If a victim calls BasicSocket#read_nonblock(requested_size, buffer, exception: false), the method resizes the buffer to fit the requested size, but no data is copied. Thus, the buffer string provides the previous value of the heap. This may expose possibly sensitive data from the interpreter.

7.5 2020-04-28 CVE-2020-10663

The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through 2.6.5, has an Unsafe Object Creation Vulnerability. This is quite similar to CVE-2013-0269, but does not rely on poor garbage-collection behavior within Ruby. Specifically, use of JSON parsing methods can lead to creation of a malicious object within the interpreter, with adverse effects that are application-dependent.

7.5 2020-02-28 CVE-2020-5247

In Puma (RubyGem) before 4.3.2 and before 3.12.3, if an application using Puma allows untrusted input in a response header, an attacker can use newline characters (i.e. `CR`, `LF` or`/r`, `/n`) to end the header and inject malicious content, such as additional headers or an entirely new response body. This vulnerability is known as HTTP Response Splitting. While not an attack in itself, response splitting is a vector for several other attacks, such as cross-site scripting (XSS). This is related to CVE-2019-16254, which fixed this vulnerability for the WEBrick Ruby web server. This has been fixed in versions 4.3.2 and 3.12.3 by checking all headers for line endings and rejecting headers with those characters.

5.9 2019-11-29 CVE-2015-1855

verify_certificate_identity in the OpenSSL extension in Ruby before 2.0.0 patchlevel 645, 2.1.x before 2.1.6, and 2.2.x before 2.2.2 does not properly validate hostnames, which allows remote attackers to spoof servers via vectors related to (1) multiple wildcards, (1) wildcards in IDNA names, (3) case sensitivity, and (4) non-ASCII characters.

8.1 2019-11-26 CVE-2019-16255

Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 allows code injection if the first argument (aka the "command" argument) to Shell#[] or Shell#test in lib/shell.rb is untrusted data. An attacker can exploit this to call an arbitrary Ruby method.

5.3 2019-11-26 CVE-2019-16254

Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 allows HTTP Response Splitting. If a program using WEBrick inserts untrusted input into the response header, an attacker can exploit it to insert a newline character to split a header, and inject malicious content to deceive clients. NOTE: this issue exists because of an incomplete fix for CVE-2017-17742, which addressed the CRLF vector, but did not address an isolated CR or an isolated LF.

7.5 2019-11-26 CVE-2019-16201

WEBrick::HTTPAuth::DigestAuth in Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 has a regular expression Denial of Service cause by looping/backtracking. A victim must expose a WEBrick server that uses DigestAuth to the Internet or a untrusted network.

6.5 2019-11-26 CVE-2019-15845

Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 mishandles path checking within File.fnmatch functions.

9.8 2019-11-26 CVE-2011-4121

The OpenSSL extension of Ruby (Git trunk) versions after 2011-09-01 up to 2011-11-03 always generated an exponent value of '1' to be used for private RSA key generation. A remote attacker could use this flaw to bypass or corrupt integrity of services, depending on strong private RSA keys generation mechanism.

8.1 2018-11-16 CVE-2018-16396

An issue was discovered in Ruby before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.2, and 2.6.x before 2.6.0-preview3. It does not taint strings that result from unpacking tainted strings with some formats.

9.8 2018-11-16 CVE-2018-16395

An issue was discovered in the OpenSSL library in Ruby before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.2, and 2.6.x before 2.6.0-preview3. When two OpenSSL::X509::Name objects are compared using ==, depending on the ordering, non-equal objects may return true. When the first argument is one character longer than the second, or the second argument contains a character that is one less than a character in the same position of the first argument, the result of == will be true. This could be leveraged to create an illegitimate certificate that may be accepted as legitimate and then used in signing or encryption operations.

9.1 2018-04-03 CVE-2018-8780

In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1, the Dir.open, Dir.new, Dir.entries and Dir.empty? methods do not check NULL characters. When using the corresponding method, unintentional directory traversal may be performed.

7.5 2018-04-03 CVE-2018-8779

In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1, the UNIXServer.open and UNIXSocket.open methods are not checked for null characters. It may be connected to an unintended socket.

CWE : Common Weakness Enumeration

%idName
16% (7) CWE-20 Improper Input Validation
9% (4) CWE-189 Numeric Errors
9% (4) CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path ...
6% (3) CWE-287 Improper Authentication
6% (3) CWE-74 Failure to Sanitize Data into a Different Plane ('Injection')
4% (2) CWE-399 Resource Management Errors
4% (2) CWE-310 Cryptographic Issues
4% (2) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
4% (2) CWE-113 Failure to Sanitize CRLF Sequences in HTTP Headers ('HTTP Response ...
2% (1) CWE-787 Out-of-bounds Write
2% (1) CWE-755 Improper Handling of Exceptional Conditions
2% (1) CWE-565 Reliance on Cookies without Validation and Integrity Checking
2% (1) CWE-476 NULL Pointer Dereference
2% (1) CWE-444 Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggli...
2% (1) CWE-415 Double Free
2% (1) CWE-400 Uncontrolled Resource Consumption ('Resource Exhaustion')
2% (1) CWE-326 Inadequate Encryption Strength
2% (1) CWE-190 Integer Overflow or Wraparound
2% (1) CWE-134 Uncontrolled Format String
2% (1) CWE-125 Out-of-bounds Read
2% (1) CWE-94 Failure to Control Generation of Code ('Code Injection')
2% (1) CWE-93 Failure to Sanitize CRLF Sequences ('CRLF Injection')
2% (1) CWE-78 Improper Sanitization of Special Elements used in an OS Command ('O...

Open Source Vulnerability Database (OSVDB)

id Description
78118 Ruby Hash Collission Form Parameter Parsing Remote DoS
74841 Ruby Random Seed Reset Random Number Value Prediction Weakness
74647 Ruby lib/securerandom.rb SecureRandom.random_bytes Function PRNG Initializati...
71640 Apple Mac OS X Ruby BigDecimal Class Integer Truncation Arbitrary Code Execution
61774 WEBrick HTTP Request Escape Sequence Terminal Command Injection
47469 Ruby resolv.rb DNS Query ID Field Prediction Cache Poisoning
46554 Ruby rb_ary_splice Function Overflow (beg + rlen)
46553 Ruby rb_ary_splice Function REALLOC_N Overflow
46552 Ruby rb_str_format Function Unspecified Memory Corruption
46551 Ruby rb_ary_store Function Multiple Overflows
46550 Ruby rb_str_buf_append Function Multiple Overflows
44682 WEBrick in Ruby URI Multiple Encoded Traversal Arbitrary File Access

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2012-11-26 Name : FreeBSD Ports: ruby
File : nvt/freebsd_ruby13.nasl
2012-11-19 Name : Fedora Update for ruby FEDORA-2012-18017
File : nvt/gb_fedora_2012_18017_ruby_fc17.nasl
2012-10-16 Name : Fedora Update for ruby FEDORA-2012-15507
File : nvt/gb_fedora_2012_15507_ruby_fc16.nasl
2012-07-30 Name : CentOS Update for ruby CESA-2012:0070 centos5
File : nvt/gb_CESA-2012_0070_ruby_centos5.nasl
2012-07-30 Name : CentOS Update for irb CESA-2012:0070 centos4
File : nvt/gb_CESA-2012_0070_irb_centos4.nasl
2012-07-30 Name : CentOS Update for ruby CESA-2012:0069 centos6
File : nvt/gb_CESA-2012_0069_ruby_centos6.nasl
2012-07-30 Name : CentOS Update for ruby CESA-2011:0909 centos5 x86_64
File : nvt/gb_CESA-2011_0909_ruby_centos5_x86_64.nasl
2012-07-30 Name : CentOS Update for irb CESA-2011:0908 centos4 x86_64
File : nvt/gb_CESA-2011_0908_irb_centos4_x86_64.nasl
2012-07-09 Name : RedHat Update for ruby RHSA-2012:0069-01
File : nvt/gb_RHSA-2012_0069-01_ruby.nasl
2012-07-09 Name : RedHat Update for ruby RHSA-2011:1581-03
File : nvt/gb_RHSA-2011_1581-03_ruby.nasl
2012-06-06 Name : RedHat Update for ruby RHSA-2011:0910-01
File : nvt/gb_RHSA-2011_0910-01_ruby.nasl
2012-05-18 Name : Mac OS X Multiple Vulnerabilities (2012-002)
File : nvt/gb_macosx_su12-002.nasl
2012-04-02 Name : Fedora Update for ruby FEDORA-2011-17542
File : nvt/gb_fedora_2011_17542_ruby_fc16.nasl
2012-03-07 Name : Ubuntu Update for ruby1.8 USN-1377-1
File : nvt/gb_ubuntu_USN_1377_1.nasl
2012-03-07 Name : Mandriva Update for ruby MDVSA-2012:024 (ruby)
File : nvt/gb_mandriva_MDVSA_2012_024.nasl
2012-02-12 Name : FreeBSD Ports: jruby
File : nvt/freebsd_jruby.nasl
2012-02-01 Name : RedHat Update for ruby RHSA-2012:0070-01
File : nvt/gb_RHSA-2012_0070-01_ruby.nasl
2012-01-13 Name : Fedora Update for ruby FEDORA-2011-17551
File : nvt/gb_fedora_2011_17551_ruby_fc15.nasl
2011-08-29 Name : Ruby Random Number Generation Local Denial Of Service Vulnerability
File : nvt/secpod_ruby_random_number_generation_dos_vuln.nasl
2011-08-29 Name : Ruby Random Number Values Information Disclosure Vulnerability
File : nvt/secpod_ruby_random_number_values_info_disc_vuln_01.nasl
2011-08-26 Name : Mac OS X v10.6.6 Multiple Vulnerabilities (2011-001)
File : nvt/secpod_macosx_su11-001.nasl
2011-08-18 Name : CentOS Update for irb CESA-2011:0908 centos4 i386
File : nvt/gb_CESA-2011_0908_irb_centos4_i386.nasl
2011-08-09 Name : CentOS Update for ruby CESA-2011:0909 centos5 i386
File : nvt/gb_CESA-2011_0909_ruby_centos5_i386.nasl
2011-07-27 Name : Fedora Update for ruby FEDORA-2011-9374
File : nvt/gb_fedora_2011_9374_ruby_fc14.nasl
2011-07-27 Name : Fedora Update for ruby FEDORA-2011-9359
File : nvt/gb_fedora_2011_9359_ruby_fc15.nasl

Snort® IPS/IDS

Date Description
2018-06-26 Ruby Net FTP library command injection attempt
RuleID : 46791 - Type : SERVER-WEBAPP - Revision : 2
2014-03-15 XML exponential entity expansion attack attempt
RuleID : 29800 - Type : FILE-OTHER - Revision : 4
2014-01-10 XML exponential entity expansion attack attempt
RuleID : 27096 - Type : FILE-OTHER - Revision : 5

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2019-01-10 Name: The remote Amazon Linux 2 host is missing a security update.
File: al2_ALAS-2019-1143.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-319b9d0f68.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-6070bcf454.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-dd8162c004.nasl - Type: ACT_GATHER_INFO
2018-12-14 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2018-3738.nasl - Type: ACT_GATHER_INFO
2018-12-07 Name: The remote Amazon Linux AMI host is missing a security update.
File: ala_ALAS-2018-1113.nasl - Type: ACT_GATHER_INFO
2018-11-23 Name: The remote Fedora host is missing a security update.
File: fedora_2018-190ecd2ef8.nasl - Type: ACT_GATHER_INFO
2018-11-21 Name: The remote EulerOS Virtualization host is missing multiple security updates.
File: EulerOS_SA-2018-1374.nasl - Type: ACT_GATHER_INFO
2018-11-05 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-4332.nasl - Type: ACT_GATHER_INFO
2018-10-31 Name: The remote host is missing a macOS or Mac OS X security update that fixes mul...
File: macosx_SecUpd2018-005.nasl - Type: ACT_GATHER_INFO
2018-10-29 Name: The remote Debian host is missing a security update.
File: debian_DLA-1558.nasl - Type: ACT_GATHER_INFO
2018-10-26 Name: The remote EulerOS Virtualization host is missing a security update.
File: EulerOS_SA-2018-1347.nasl - Type: ACT_GATHER_INFO
2018-10-22 Name: The remote FreeBSD host is missing one or more security-related updates.
File: freebsd_pkg_afc604840652440eb01a5ef814747f06.nasl - Type: ACT_GATHER_INFO
2018-09-18 Name: The remote EulerOS Virtualization host is missing multiple security updates.
File: EulerOS_SA-2018-1248.nasl - Type: ACT_GATHER_INFO
2018-09-18 Name: The remote EulerOS Virtualization host is missing multiple security updates.
File: EulerOS_SA-2018-1275.nasl - Type: ACT_GATHER_INFO
2018-08-17 Name: The remote PhotonOS host is missing multiple security updates.
File: PhotonOS_PHSA-2017-0021.nasl - Type: ACT_GATHER_INFO
2018-08-17 Name: The remote PhotonOS host is missing multiple security updates.
File: PhotonOS_PHSA-2017-0034.nasl - Type: ACT_GATHER_INFO
2018-08-17 Name: The remote PhotonOS host is missing multiple security updates.
File: PhotonOS_PHSA-2018-1_0-0098-a.nasl - Type: ACT_GATHER_INFO
2018-08-17 Name: The remote PhotonOS host is missing multiple security updates.
File: PhotonOS_PHSA-2018-1_0-0100.nasl - Type: ACT_GATHER_INFO
2018-08-02 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-4259.nasl - Type: ACT_GATHER_INFO
2018-07-24 Name: The remote PhotonOS host is missing multiple security updates.
File: PhotonOS_PHSA-2018-2_0-0011-a.nasl - Type: ACT_GATHER_INFO
2018-07-24 Name: The remote PhotonOS host is missing multiple security updates.
File: PhotonOS_PHSA-2018-2_0-0013.nasl - Type: ACT_GATHER_INFO
2018-07-17 Name: The remote host is missing a macOS update that fixes multiple security vulner...
File: macos_10_13_6.nasl - Type: ACT_GATHER_INFO
2018-07-17 Name: The remote host is missing a macOS or Mac OS X security update that fixes mul...
File: macosx_SecUpd2018-004.nasl - Type: ACT_GATHER_INFO
2018-07-16 Name: The remote Debian host is missing a security update.
File: debian_DLA-1421.nasl - Type: ACT_GATHER_INFO