CVSS: 7.5EPSS: 2%CPEs: 23EXPL: 0CVE-2014-4975 – ruby: off-by-one stack-based buffer overflow in the encodes() function
https://notcve.org/view.php?id=CVE-2014-4975
04 Nov 2014 — Off-by-one error in the encodes function in pack.c in Ruby 1.9.3 and earlier, and 2.x through 2.1.2, when using certain format string specifiers, allows context-dependent attackers to cause a denial of service (segmentation fault) via vectors that trigger a stack-based buffer overflow. Error de superación de límite (off-by-one) en la función de codificación ubicada en pack.c en Ruby 1.9.3 y anteriores, y 2.x hasta 2.1.2, cuando se utilizan ciertos especificadores de formato de cadena, permite a atacantes de... • http://advisories.mageia.org/MGASA-2014-0472.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •
CVSS: 7.5EPSS: 5%CPEs: 31EXPL: 1CVE-2014-8080 – ruby: REXML billion laughs attack via parameter entity expansion
https://notcve.org/view.php?id=CVE-2014-8080
03 Nov 2014 — The REXML parser in Ruby 1.9.x before 1.9.3-p550, 2.0.x before 2.0.0-p594, and 2.1.x before 2.1.4 allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document, aka an XML Entity Expansion (XEE) attack. El analizador REXML en Ruby 1.9.x anterior a 1.9.3-p550, 2.0.x anterior a 2.0.0-p594, y 2.1.x anterior a 2.1.4 permite a atacantes remotos causar una denegación de servicio (consumo de memoria) a través de un documento XML manipulado, también conocido como un ataque de ... • http://advisories.mageia.org/MGASA-2014-0443.html • CWE-776: Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion') •
CVSS: 5.3EPSS: 8%CPEs: 14EXPL: 0CVE-2013-1821 – ruby: entity expansion DoS vulnerability in REXML
https://notcve.org/view.php?id=CVE-2013-1821
09 Apr 2013 — lib/rexml/text.rb in the REXML parser in Ruby before 1.9.3-p392 allows remote attackers to cause a denial of service (memory consumption and crash) via crafted text nodes in an XML document, aka an XML Entity Expansion (XEE) attack. lib/rexml/text.rb en el analizador REXML en Ruby anterior a 1.9.3-p392, permite a atacantes remotos provocar una denegación de servicio (consumo de memoria o caída de la aplicación) a través de nodos de texto manipulados en un documento XML. Aka como ataque XML Entity Expansion ... • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702525 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 4%CPEs: 9EXPL: 0CVE-2012-5371 – ruby: Murmur hash-flooding DoS flaw in ruby 1.9 (oCERT-2012-001)
https://notcve.org/view.php?id=CVE-2012-5371
28 Nov 2012 — Ruby (aka CRuby) 1.9 before 1.9.3-p327 and 2.0 before r37575 computes hash values without properly restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table, as demonstrated by a universal multicollision attack against a variant of the MurmurHash2 algorithm, a different vulnerability than CVE-2011-4815. Ruby (también conocido como CRuby) v1.9 anteriore... • http://2012.appsec-forum.ch/conferences/#c17 • CWE-310: Cryptographic Issues •
CVSS: 7.8EPSS: 10%CPEs: 5EXPL: 0CVE-2011-4815 – ruby: hash table collisions CPU usage DoS (oCERT-2011-003)
https://notcve.org/view.php?id=CVE-2011-4815
30 Dec 2011 — Ruby (aka CRuby) before 1.8.7-p357 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table. Ruby (también conocido como CRuby) anterior a v1.8.7-P357 calcula los valores de hash sin restringir la capacidad de desencadenar colisiones hash predecible, que permite a atacantes dependientes de contexto para causar una denegaci... • http://archives.neohapsis.com/archives/bugtraq/2011-12/0181.html • CWE-20: Improper Input Validation •
CVSS: 7.4EPSS: 0%CPEs: 3EXPL: 0CVE-2011-3009 – ruby: Properly initialize the random number generator when forking new process
https://notcve.org/view.php?id=CVE-2011-3009
05 Aug 2011 — Ruby before 1.8.6-p114 does not reset the random seed upon forking, which makes it easier for context-dependent attackers to predict the values of random numbers by leveraging knowledge of the number sequence obtained in a different child process, a related issue to CVE-2003-0900. Ruby en versiones anteriores a la 1.8.6-p114 no resetea la semilla aleatoria después de la creacción de procesos ("forking"), lo que facilita a atacantes, dependiendo del contexto, predecir el valor de números aleatorios basándose... • http://redmine.ruby-lang.org/issues/show/4338 • CWE-310: Cryptographic Issues •
CVSS: 9.1EPSS: 1%CPEs: 12EXPL: 0CVE-2011-2686
https://notcve.org/view.php?id=CVE-2011-2686
05 Aug 2011 — Ruby before 1.8.7-p352 does not reset the random seed upon forking, which makes it easier for context-dependent attackers to predict the values of random numbers by leveraging knowledge of the number sequence obtained in a different child process, a related issue to CVE-2003-0900. NOTE: this issue exists because of a regression during Ruby 1.8.6 development. Ruby en versiones anteriores a la 1.8.7-p352 no resetea la semilla aleatoria después de la creacción de procesos ("forking"), lo que facilita a atacant... • http://lists.fedoraproject.org/pipermail/package-announce/2011-July/063062.html • CWE-310: Cryptographic Issues •
CVSS: 7.4EPSS: 1%CPEs: 35EXPL: 0CVE-2011-2705 – ruby: Properly initialize the random number generator when forking new process
https://notcve.org/view.php?id=CVE-2011-2705
05 Aug 2011 — The SecureRandom.random_bytes function in lib/securerandom.rb in Ruby before 1.8.7-p352 and 1.9.x before 1.9.2-p290 relies on PID values for initialization, which makes it easier for context-dependent attackers to predict the result string by leveraging knowledge of random strings obtained in an earlier process with the same PID. La función SecureRandom.random_bytes de lib/securerandom.rb de Ruby en versiones anteriores a 1.8.7-p352 y 1.9.x anteriores a 1.9.2-p290 se basa en valores PID para la inicializaci... • http://lists.fedoraproject.org/pipermail/package-announce/2011-July/063062.html • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 2%CPEs: 38EXPL: 0CVE-2011-0188 – ruby: memory corruption in BigDecimal on 64bit platforms
https://notcve.org/view.php?id=CVE-2011-0188
23 Mar 2011 — The VpMemAlloc function in bigdecimal.c in the BigDecimal class in Ruby 1.9.2-p136 and earlier, as used on Apple Mac OS X before 10.6.7 and other platforms, does not properly allocate memory, which allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving creation of a large BigDecimal value within a 64-bit process, related to an "integer truncation issue." La función VpMemAlloc en bigdecimal.c en la clase BigDecimal en Ruby v1.9.2-P1... • http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html • CWE-189: Numeric Errors •
CVSS: 7.5EPSS: 3%CPEs: 27EXPL: 1CVE-2008-3905 – ruby: use of predictable source port and transaction id in DNS requests done by resolv.rb module
https://notcve.org/view.php?id=CVE-2008-3905
04 Sep 2008 — resolv.rb in Ruby 1.8.5 and earlier, 1.8.6 before 1.8.6-p287, 1.8.7 before 1.8.7-p72, and 1.9 r18423 and earlier uses sequential transaction IDs and constant source ports for DNS requests, which makes it easier for remote attackers to spoof DNS responses, a different vulnerability than CVE-2008-1447. resolv.rb en Ruby 1.8.5 y versiones anteriores, 1.8.6 versiones anteriores a 1.8.6-p287, 1.8.7 versiones anteriores a 1.8.7-p72, y 1.9 r18423 y versiones anteriores utiliza transacciones secuenciales de IDs y p... • http://secunia.com/advisories/31430 • CWE-287: Improper Authentication •