Page 2 of 101 results (0.015 seconds)

CVSS: 7.0EPSS: 0%CPEs: 5EXPL: 0

In RDoc 3.11 through 6.x before 6.3.1, as distributed with Ruby through 3.0.1, it is possible to execute arbitrary code via | and tags in a filename. En RDoc versiones 3.11 hasta 6.x versiones anteriores a 6.3.1, como se distribuye con Ruby versiones hasta 3.0.1, es posible ejecutar código arbitrario por medio de | y etiquetas en un nombre de archivo An operating system command injection flaw was found in RDoc. Using the rdoc command to generate documentation for a malicious Ruby source code could lead to execution of arbitrary commands with the privileges of the user running rdoc. • https://lists.debian.org/debian-lts-announce/2021/10/msg00009.html https://security-tracker.debian.org/tracker/CVE-2021-31799 https://security.gentoo.org/glsa/202401-05 https://security.netapp.com/advisory/ntap-20210902-0004 https://www.oracle.com/security-alerts/cpuapr2022.html https://www.ruby-lang.org/en/news/2021/05/02/os-command-injection-in-rdoc https://access.redhat.com/security/cve/CVE-2021-31799 https://bugzilla.redhat.com/show_bug.cgi?id=1980132 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •

CVSS: 5.8EPSS: 1%CPEs: 6EXPL: 1

An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. A malicious FTP server can use the PASV response to trick Net::FTP into connecting back to a given IP address and port. This potentially makes curl extract information about services that are otherwise private and not disclosed (e.g., the attacker can conduct port scans and service banner extractions). Se ha detectado un problema en Ruby versiones hasta 2.6.7, versiones 2.7.x hasta 2.7.3, y versiones 3.x hasta 3.0.1. Un servidor FTP malicioso puede usar la respuesta PASV para engañar a la función Net::FTP para que se conecte de nuevo a una dirección IP y un puerto determinados. • https://hackerone.com/reports/1145454 https://lists.debian.org/debian-lts-announce/2021/10/msg00009.html https://lists.debian.org/debian-lts-announce/2023/04/msg00033.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MWXHK5UUHVSHF7HTHMX6JY3WXDVNIHSL https://security.gentoo.org/glsa/202401-27 https://security.netapp.com/advisory/ntap-20210917-0001 https://www.oracle.com/security-alerts/cpuapr2022.html https://www.ruby-lang.org/en/news/2021/07/07/ • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0

The REXML gem before 3.2.5 in Ruby before 2.6.7, 2.7.x before 2.7.3, and 3.x before 3.0.1 does not properly address XML round-trip issues. An incorrect document can be produced after parsing and serializing. El REXML gem versiones anteriores a 3.2.5 en Ruby versiones anteriores a 2.6.7, versiones 2.7.x anteriores a 2.7.3 y versiones 3.x anteriores a 3.0.1, no aborda apropiadamente los problemas round-trip de XML. Puede ser producido un documento incorrecto después de analizarlo y serializarlo A flaw was found in the way the Ruby REXML library parsed XML documents. Parsing a specially crafted XML document using REXML and writing parsed data back to a new XML document results in creating a document with a different structure. • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WTVFTLFVCSUE5CXHINJEUCKSHU4SWDMT https://security.netapp.com/advisory/ntap-20210528-0003 https://www.ruby-lang.org/en/news/2021/04/05/xml-round-trip-vulnerability-in-rexml-cve-2021-28965 https://access.redhat.com/security/cve/CVE-2021-28965 https://bugzilla.redhat.com/show_bug.cgi?id=1947526 • CWE-611: Improper Restriction of XML External Entity Reference •

CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 1

An issue was discovered in Ruby through 2.5.8, 2.6.x through 2.6.6, and 2.7.x through 2.7.1. WEBrick, a simple HTTP server bundled with Ruby, had not checked the transfer-encoding header value rigorously. An attacker may potentially exploit this issue to bypass a reverse proxy (which also has a poor header check), which may lead to an HTTP Request Smuggling attack. Se detectó un problema en Ruby versiones hasta 2.5.8, versiones 2.6.x hasta 2.6.6 y versiones 2.7.x hasta 2.7.1. WEBrick, un simple servidor HTTP integrado con Ruby, no había comprobado rigurosamente el valor del encabezado transfer-encoding. • https://github.com/metapox/CVE-2020-25613 https://github.com/ruby/webrick/commit/8946bb38b4d87549f0d99ed73c62c41933f97cc7 https://hackerone.com/reports/965267 https://lists.debian.org/debian-lts-announce/2023/04/msg00033.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PFP3E7KXXT3H3KA6CBZPUOGA5VPFARRJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YTZURYROG3FFED3TYCQOBV66BS4K6WOV https://security.gentoo.org/glsa/202401-27 https://sec • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •

CVSS: 5.3EPSS: 0%CPEs: 6EXPL: 1

An issue was discovered in Ruby 2.5.x through 2.5.7, 2.6.x through 2.6.5, and 2.7.0. If a victim calls BasicSocket#read_nonblock(requested_size, buffer, exception: false), the method resizes the buffer to fit the requested size, but no data is copied. Thus, the buffer string provides the previous value of the heap. This may expose possibly sensitive data from the interpreter. Se descubrió un problema en Ruby versiones 2.5.x hasta 2.5.7, versiones 2.6.x hasta 2.6.5, y versión 2.7.0. • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F4TNVTT66VPRMX5UZYSDGSVRXKKDDDU5 https://security.netapp.com/advisory/ntap-20200625-0001 https://www.debian.org/security/2020/dsa-4721 https://www.ruby-lang.org/en/news/2020/03/31/heap-exposure-in-socket-cve-2020-10933 https://access.redhat.com/security/cve/CVE-2020-10933 https://bugzilla.redhat.com/show_bug.cgi?id=1833291 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-908: Use of Uninitialized Resource •