Summary
Detail | |||
---|---|---|---|
Vendor | Ruby-Lang | First view | 2008-04-18 |
Product | Ruby | Last view | 2023-03-31 |
Version | 1.8.6.132 | Type | Application |
Update | * | ||
Edition | * | ||
Language | * | ||
Sofware Edition | * | ||
Target Software | * | ||
Target Hardware | * | ||
Other | * | ||
CPE Product | cpe:2.3:a:ruby-lang:ruby |
Activity : Overall
Related : CVE
Date | Alert | Description | |
---|---|---|---|
5.3 | 2023-03-31 | CVE-2023-28756 | A ReDoS issue was discovered in the Time component through 0.2.1 in Ruby through 3.2.1. The Time parser mishandles invalid URLs that have specific characters. It causes an increase in execution time for parsing strings to Time objects. The fixed versions are 0.1.1 and 0.2.2. |
7.5 | 2023-02-09 | CVE-2023-22795 | A regular expression based DoS vulnerability in Action Dispatch <6.1.7.1 and <7.0.4.1 related to the If-None-Match header. A specially crafted HTTP If-None-Match header can cause the regular expression engine to enter a state of catastrophic backtracking, when on a version of Ruby below 3.2.0. This can cause the process to use large amounts of CPU and memory, leading to a possible DoS vulnerability All users running an affected release should either upgrade or use one of the workarounds immediately. |
8.8 | 2022-11-18 | CVE-2021-33621 | The cgi gem before 0.1.0.2, 0.2.x before 0.2.2, and 0.3.x before 0.3.5 for Ruby allows HTTP response splitting. This is relevant to applications that use untrusted user input either to generate an HTTP response or to create a CGI::Cookie object. |
7.5 | 2022-05-09 | CVE-2022-28739 | There is a buffer over-read in Ruby before 2.6.10, 2.7.x before 2.7.6, 3.x before 3.0.4, and 3.1.x before 3.1.2. It occurs in String-to-Float conversion, including Kernel#Float and String#to_f. |
9.8 | 2022-05-09 | CVE-2022-28738 | A double free was found in the Regexp compiler in Ruby 3.x before 3.0.4 and 3.1.x before 3.1.2. If a victim attempts to create a Regexp from untrusted user input, an attacker may be able to write to unexpected memory locations. |
7.5 | 2022-01-01 | CVE-2021-41819 | CGI::Cookie.parse in Ruby through 2.6.8 mishandles security prefixes in cookie names. This also affects the CGI gem through 0.3.0 for Ruby. |
7.5 | 2022-01-01 | CVE-2021-41817 | Date.parse in the date gem through 3.2.0 for Ruby allows ReDoS (regular expression Denial of Service) via a long string. The fixed versions are 3.2.1, 3.1.2, 3.0.2, and 2.0.1. |
7.4 | 2021-08-01 | CVE-2021-32066 | An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. Net::IMAP does not raise an exception when StartTLS fails with an an unknown response, which might allow man-in-the-middle attackers to bypass the TLS protections by leveraging a network position between the client and the registry to block the StartTLS command, aka a "StartTLS stripping attack." |
7.5 | 2021-07-30 | CVE-2021-28966 | In Ruby through 3.0 on Windows, a remote attacker can submit a crafted path when a Web application handles a parameter with TmpDir. |
5.8 | 2021-07-13 | CVE-2021-31810 | An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. A malicious FTP server can use the PASV response to trick Net::FTP into connecting back to a given IP address and port. This potentially makes curl extract information about services that are otherwise private and not disclosed (e.g., the attacker can conduct port scans and service banner extractions). |
7.5 | 2021-04-21 | CVE-2021-28965 | The REXML gem before 3.2.5 in Ruby before 2.6.7, 2.7.x before 2.7.3, and 3.x before 3.0.1 does not properly address XML round-trip issues. An incorrect document can be produced after parsing and serializing. |
7.5 | 2020-10-06 | CVE-2020-25613 | An issue was discovered in Ruby through 2.5.8, 2.6.x through 2.6.6, and 2.7.x through 2.7.1. WEBrick, a simple HTTP server bundled with Ruby, had not checked the transfer-encoding header value rigorously. An attacker may potentially exploit this issue to bypass a reverse proxy (which also has a poor header check), which may lead to an HTTP Request Smuggling attack. |
5.3 | 2020-05-04 | CVE-2020-10933 | An issue was discovered in Ruby 2.5.x through 2.5.7, 2.6.x through 2.6.5, and 2.7.0. If a victim calls BasicSocket#read_nonblock(requested_size, buffer, exception: false), the method resizes the buffer to fit the requested size, but no data is copied. Thus, the buffer string provides the previous value of the heap. This may expose possibly sensitive data from the interpreter. |
7.5 | 2020-04-28 | CVE-2020-10663 | The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through 2.6.5, has an Unsafe Object Creation Vulnerability. This is quite similar to CVE-2013-0269, but does not rely on poor garbage-collection behavior within Ruby. Specifically, use of JSON parsing methods can lead to creation of a malicious object within the interpreter, with adverse effects that are application-dependent. |
7.5 | 2020-02-28 | CVE-2020-5247 | In Puma (RubyGem) before 4.3.2 and before 3.12.3, if an application using Puma allows untrusted input in a response header, an attacker can use newline characters (i.e. `CR`, `LF` or`/r`, `/n`) to end the header and inject malicious content, such as additional headers or an entirely new response body. This vulnerability is known as HTTP Response Splitting. While not an attack in itself, response splitting is a vector for several other attacks, such as cross-site scripting (XSS). This is related to CVE-2019-16254, which fixed this vulnerability for the WEBrick Ruby web server. This has been fixed in versions 4.3.2 and 3.12.3 by checking all headers for line endings and rejecting headers with those characters. |
5.9 | 2019-11-29 | CVE-2015-1855 | verify_certificate_identity in the OpenSSL extension in Ruby before 2.0.0 patchlevel 645, 2.1.x before 2.1.6, and 2.2.x before 2.2.2 does not properly validate hostnames, which allows remote attackers to spoof servers via vectors related to (1) multiple wildcards, (1) wildcards in IDNA names, (3) case sensitivity, and (4) non-ASCII characters. |
8.1 | 2019-11-26 | CVE-2019-16255 | Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 allows code injection if the first argument (aka the "command" argument) to Shell#[] or Shell#test in lib/shell.rb is untrusted data. An attacker can exploit this to call an arbitrary Ruby method. |
5.3 | 2019-11-26 | CVE-2019-16254 | Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 allows HTTP Response Splitting. If a program using WEBrick inserts untrusted input into the response header, an attacker can exploit it to insert a newline character to split a header, and inject malicious content to deceive clients. NOTE: this issue exists because of an incomplete fix for CVE-2017-17742, which addressed the CRLF vector, but did not address an isolated CR or an isolated LF. |
7.5 | 2019-11-26 | CVE-2019-16201 | WEBrick::HTTPAuth::DigestAuth in Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 has a regular expression Denial of Service cause by looping/backtracking. A victim must expose a WEBrick server that uses DigestAuth to the Internet or a untrusted network. |
6.5 | 2019-11-26 | CVE-2019-15845 | Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 mishandles path checking within File.fnmatch functions. |
9.8 | 2019-11-26 | CVE-2011-4121 | The OpenSSL extension of Ruby (Git trunk) versions after 2011-09-01 up to 2011-11-03 always generated an exponent value of '1' to be used for private RSA key generation. A remote attacker could use this flaw to bypass or corrupt integrity of services, depending on strong private RSA keys generation mechanism. |
8.1 | 2018-11-16 | CVE-2018-16396 | An issue was discovered in Ruby before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.2, and 2.6.x before 2.6.0-preview3. It does not taint strings that result from unpacking tainted strings with some formats. |
9.8 | 2018-11-16 | CVE-2018-16395 | An issue was discovered in the OpenSSL library in Ruby before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.2, and 2.6.x before 2.6.0-preview3. When two OpenSSL::X509::Name objects are compared using ==, depending on the ordering, non-equal objects may return true. When the first argument is one character longer than the second, or the second argument contains a character that is one less than a character in the same position of the first argument, the result of == will be true. This could be leveraged to create an illegitimate certificate that may be accepted as legitimate and then used in signing or encryption operations. |
9.1 | 2018-04-03 | CVE-2018-8780 | In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1, the Dir.open, Dir.new, Dir.entries and Dir.empty? methods do not check NULL characters. When using the corresponding method, unintentional directory traversal may be performed. |
7.5 | 2018-04-03 | CVE-2018-8779 | In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1, the UNIXServer.open and UNIXSocket.open methods are not checked for null characters. It may be connected to an unintended socket. |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
16% (7) | CWE-20 | Improper Input Validation |
9% (4) | CWE-189 | Numeric Errors |
9% (4) | CWE-22 | Improper Limitation of a Pathname to a Restricted Directory ('Path ... |
6% (3) | CWE-287 | Improper Authentication |
6% (3) | CWE-74 | Failure to Sanitize Data into a Different Plane ('Injection') |
4% (2) | CWE-399 | Resource Management Errors |
4% (2) | CWE-310 | Cryptographic Issues |
4% (2) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
4% (2) | CWE-113 | Failure to Sanitize CRLF Sequences in HTTP Headers ('HTTP Response ... |
2% (1) | CWE-787 | Out-of-bounds Write |
2% (1) | CWE-755 | Improper Handling of Exceptional Conditions |
2% (1) | CWE-565 | Reliance on Cookies without Validation and Integrity Checking |
2% (1) | CWE-476 | NULL Pointer Dereference |
2% (1) | CWE-444 | Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggli... |
2% (1) | CWE-415 | Double Free |
2% (1) | CWE-400 | Uncontrolled Resource Consumption ('Resource Exhaustion') |
2% (1) | CWE-326 | Inadequate Encryption Strength |
2% (1) | CWE-190 | Integer Overflow or Wraparound |
2% (1) | CWE-134 | Uncontrolled Format String |
2% (1) | CWE-125 | Out-of-bounds Read |
2% (1) | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
2% (1) | CWE-93 | Failure to Sanitize CRLF Sequences ('CRLF Injection') |
2% (1) | CWE-78 | Improper Sanitization of Special Elements used in an OS Command ('O... |
Open Source Vulnerability Database (OSVDB)
id | Description |
---|---|
78118 | Ruby Hash Collission Form Parameter Parsing Remote DoS |
74841 | Ruby Random Seed Reset Random Number Value Prediction Weakness |
74647 | Ruby lib/securerandom.rb SecureRandom.random_bytes Function PRNG Initializati... |
71640 | Apple Mac OS X Ruby BigDecimal Class Integer Truncation Arbitrary Code Execution |
61774 | WEBrick HTTP Request Escape Sequence Terminal Command Injection |
47469 | Ruby resolv.rb DNS Query ID Field Prediction Cache Poisoning |
46554 | Ruby rb_ary_splice Function Overflow (beg + rlen) |
46553 | Ruby rb_ary_splice Function REALLOC_N Overflow |
46552 | Ruby rb_str_format Function Unspecified Memory Corruption |
46551 | Ruby rb_ary_store Function Multiple Overflows |
46550 | Ruby rb_str_buf_append Function Multiple Overflows |
44682 | WEBrick in Ruby URI Multiple Encoded Traversal Arbitrary File Access |
OpenVAS Exploits
id | Description |
---|---|
2012-11-26 | Name : FreeBSD Ports: ruby File : nvt/freebsd_ruby13.nasl |
2012-11-19 | Name : Fedora Update for ruby FEDORA-2012-18017 File : nvt/gb_fedora_2012_18017_ruby_fc17.nasl |
2012-10-16 | Name : Fedora Update for ruby FEDORA-2012-15507 File : nvt/gb_fedora_2012_15507_ruby_fc16.nasl |
2012-07-30 | Name : CentOS Update for ruby CESA-2012:0070 centos5 File : nvt/gb_CESA-2012_0070_ruby_centos5.nasl |
2012-07-30 | Name : CentOS Update for irb CESA-2012:0070 centos4 File : nvt/gb_CESA-2012_0070_irb_centos4.nasl |
2012-07-30 | Name : CentOS Update for ruby CESA-2012:0069 centos6 File : nvt/gb_CESA-2012_0069_ruby_centos6.nasl |
2012-07-30 | Name : CentOS Update for ruby CESA-2011:0909 centos5 x86_64 File : nvt/gb_CESA-2011_0909_ruby_centos5_x86_64.nasl |
2012-07-30 | Name : CentOS Update for irb CESA-2011:0908 centos4 x86_64 File : nvt/gb_CESA-2011_0908_irb_centos4_x86_64.nasl |
2012-07-09 | Name : RedHat Update for ruby RHSA-2012:0069-01 File : nvt/gb_RHSA-2012_0069-01_ruby.nasl |
2012-07-09 | Name : RedHat Update for ruby RHSA-2011:1581-03 File : nvt/gb_RHSA-2011_1581-03_ruby.nasl |
2012-06-06 | Name : RedHat Update for ruby RHSA-2011:0910-01 File : nvt/gb_RHSA-2011_0910-01_ruby.nasl |
2012-05-18 | Name : Mac OS X Multiple Vulnerabilities (2012-002) File : nvt/gb_macosx_su12-002.nasl |
2012-04-02 | Name : Fedora Update for ruby FEDORA-2011-17542 File : nvt/gb_fedora_2011_17542_ruby_fc16.nasl |
2012-03-07 | Name : Ubuntu Update for ruby1.8 USN-1377-1 File : nvt/gb_ubuntu_USN_1377_1.nasl |
2012-03-07 | Name : Mandriva Update for ruby MDVSA-2012:024 (ruby) File : nvt/gb_mandriva_MDVSA_2012_024.nasl |
2012-02-12 | Name : FreeBSD Ports: jruby File : nvt/freebsd_jruby.nasl |
2012-02-01 | Name : RedHat Update for ruby RHSA-2012:0070-01 File : nvt/gb_RHSA-2012_0070-01_ruby.nasl |
2012-01-13 | Name : Fedora Update for ruby FEDORA-2011-17551 File : nvt/gb_fedora_2011_17551_ruby_fc15.nasl |
2011-08-29 | Name : Ruby Random Number Generation Local Denial Of Service Vulnerability File : nvt/secpod_ruby_random_number_generation_dos_vuln.nasl |
2011-08-29 | Name : Ruby Random Number Values Information Disclosure Vulnerability File : nvt/secpod_ruby_random_number_values_info_disc_vuln_01.nasl |
2011-08-26 | Name : Mac OS X v10.6.6 Multiple Vulnerabilities (2011-001) File : nvt/secpod_macosx_su11-001.nasl |
2011-08-18 | Name : CentOS Update for irb CESA-2011:0908 centos4 i386 File : nvt/gb_CESA-2011_0908_irb_centos4_i386.nasl |
2011-08-09 | Name : CentOS Update for ruby CESA-2011:0909 centos5 i386 File : nvt/gb_CESA-2011_0909_ruby_centos5_i386.nasl |
2011-07-27 | Name : Fedora Update for ruby FEDORA-2011-9374 File : nvt/gb_fedora_2011_9374_ruby_fc14.nasl |
2011-07-27 | Name : Fedora Update for ruby FEDORA-2011-9359 File : nvt/gb_fedora_2011_9359_ruby_fc15.nasl |
Snort® IPS/IDS
Date | Description |
---|---|
2018-06-26 | Ruby Net FTP library command injection attempt RuleID : 46791 - Type : SERVER-WEBAPP - Revision : 2 |
2014-03-15 | XML exponential entity expansion attack attempt RuleID : 29800 - Type : FILE-OTHER - Revision : 4 |
2014-01-10 | XML exponential entity expansion attack attempt RuleID : 27096 - Type : FILE-OTHER - Revision : 5 |
Nessus® Vulnerability Scanner
id | Description |
---|---|
2019-01-10 | Name: The remote Amazon Linux 2 host is missing a security update. File: al2_ALAS-2019-1143.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-319b9d0f68.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-6070bcf454.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-dd8162c004.nasl - Type: ACT_GATHER_INFO |
2018-12-14 | Name: The remote CentOS host is missing one or more security updates. File: centos_RHSA-2018-3738.nasl - Type: ACT_GATHER_INFO |
2018-12-07 | Name: The remote Amazon Linux AMI host is missing a security update. File: ala_ALAS-2018-1113.nasl - Type: ACT_GATHER_INFO |
2018-11-23 | Name: The remote Fedora host is missing a security update. File: fedora_2018-190ecd2ef8.nasl - Type: ACT_GATHER_INFO |
2018-11-21 | Name: The remote EulerOS Virtualization host is missing multiple security updates. File: EulerOS_SA-2018-1374.nasl - Type: ACT_GATHER_INFO |
2018-11-05 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-4332.nasl - Type: ACT_GATHER_INFO |
2018-10-31 | Name: The remote host is missing a macOS or Mac OS X security update that fixes mul... File: macosx_SecUpd2018-005.nasl - Type: ACT_GATHER_INFO |
2018-10-29 | Name: The remote Debian host is missing a security update. File: debian_DLA-1558.nasl - Type: ACT_GATHER_INFO |
2018-10-26 | Name: The remote EulerOS Virtualization host is missing a security update. File: EulerOS_SA-2018-1347.nasl - Type: ACT_GATHER_INFO |
2018-10-22 | Name: The remote FreeBSD host is missing one or more security-related updates. File: freebsd_pkg_afc604840652440eb01a5ef814747f06.nasl - Type: ACT_GATHER_INFO |
2018-09-18 | Name: The remote EulerOS Virtualization host is missing multiple security updates. File: EulerOS_SA-2018-1248.nasl - Type: ACT_GATHER_INFO |
2018-09-18 | Name: The remote EulerOS Virtualization host is missing multiple security updates. File: EulerOS_SA-2018-1275.nasl - Type: ACT_GATHER_INFO |
2018-08-17 | Name: The remote PhotonOS host is missing multiple security updates. File: PhotonOS_PHSA-2017-0021.nasl - Type: ACT_GATHER_INFO |
2018-08-17 | Name: The remote PhotonOS host is missing multiple security updates. File: PhotonOS_PHSA-2017-0034.nasl - Type: ACT_GATHER_INFO |
2018-08-17 | Name: The remote PhotonOS host is missing multiple security updates. File: PhotonOS_PHSA-2018-1_0-0098-a.nasl - Type: ACT_GATHER_INFO |
2018-08-17 | Name: The remote PhotonOS host is missing multiple security updates. File: PhotonOS_PHSA-2018-1_0-0100.nasl - Type: ACT_GATHER_INFO |
2018-08-02 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-4259.nasl - Type: ACT_GATHER_INFO |
2018-07-24 | Name: The remote PhotonOS host is missing multiple security updates. File: PhotonOS_PHSA-2018-2_0-0011-a.nasl - Type: ACT_GATHER_INFO |
2018-07-24 | Name: The remote PhotonOS host is missing multiple security updates. File: PhotonOS_PHSA-2018-2_0-0013.nasl - Type: ACT_GATHER_INFO |
2018-07-17 | Name: The remote host is missing a macOS update that fixes multiple security vulner... File: macos_10_13_6.nasl - Type: ACT_GATHER_INFO |
2018-07-17 | Name: The remote host is missing a macOS or Mac OS X security update that fixes mul... File: macosx_SecUpd2018-004.nasl - Type: ACT_GATHER_INFO |
2018-07-16 | Name: The remote Debian host is missing a security update. File: debian_DLA-1421.nasl - Type: ACT_GATHER_INFO |