Page 4 of 103 results (0.011 seconds)

CVSS: 6.5EPSS: 0%CPEs: 7EXPL: 0

CVE-2019-15845 – ruby: NUL injection vulnerability of File.fnmatch and File.fnmatch?

https://notcve.org/view.php?id=CVE-2019-15845

Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 mishandles path checking within File.fnmatch functions. Ruby versiones hasta 2.4.7, versiones 2.5.x hasta 2.5.6 y versiones 2.6.x hasta 2.6.4, maneja inapropiadamente la comprobación de ruta dentro de las funciones File.fnmatch. A flaw was discovered in Ruby in the way certain functions handled strings containing NULL bytes. Specifically, the built-in methods File.fnmatch and its alias File.fnmatch? did not properly handle path patterns containing the NULL byte. • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00041.html https://hackerone.com/reports/449617 https://lists.debian.org/debian-lts-announce/2019/11/msg00025.html https://seclists.org/bugtraq/2019/Dec/31 https://seclists.org/bugtraq/2019/Dec/32 https://security.gentoo.org/glsa/202003-06 https://usn.ubuntu.com/4201-1 https://www.debian.org/security/2019/dsa-4587 https://www.oracle.com/security-alerts/cpujan2020.html https://access.redhat.com/security/cve • CWE-41: Improper Resolution of Path Equivalence •

CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0

CVE-2011-4121

https://notcve.org/view.php?id=CVE-2011-4121

The OpenSSL extension of Ruby (Git trunk) versions after 2011-09-01 up to 2011-11-03 always generated an exponent value of '1' to be used for private RSA key generation. A remote attacker could use this flaw to bypass or corrupt integrity of services, depending on strong private RSA keys generation mechanism. La extensión OpenSSL de Ruby (Git trunk) versiones posteriores al 01-09-2011 hasta el 03-11-2011, siempre generó un valor de exponente de "1" para ser usado para la generación de claves RSA privadas. Un atacante remoto podría usar este fallo para omitir o dañar la integridad de los servicios, dependiendo de un mecanismo de generación de claves RSA privadas fuerte. • http://www.openwall.com/lists/oss-security/2013/07/01/1 https://access.redhat.com/security/cve/cve-2011-4121 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-4121 https://security-tracker.debian.org/tracker/CVE-2011-4121 • CWE-326: Inadequate Encryption Strength •

CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0

CVE-2011-3624

https://notcve.org/view.php?id=CVE-2011-3624

Various methods in WEBrick::HTTPRequest in Ruby 1.9.2 and 1.8.7 and earlier do not validate the X-Forwarded-For, X-Forwarded-Host and X-Forwarded-Server headers in requests, which might allow remote attackers to inject arbitrary text into log files or bypass intended address parsing via a crafted header. Varios métodos en WEBrick::HTTPRequest en Ruby versiones 1.9.2 y versiones 1.8.7 y anteriores, no comprueban los encabezados X-Fordered-For, X-Fordered-Host y X-Fordered-Server en las peticiones, lo que podría permitir a los atacantes remotos inyectar texto arbitrario en archivos de registro o omitir el análisis de direcciones previsto por medio de un encabezado diseñado. • https://access.redhat.com/security/cve/cve-2011-3624 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-3624 https://redmine.ruby-lang.org/issues/5418 https://security-tracker.debian.org/tracker/CVE-2011-3624 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •

CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0

CVE-2019-16201 – ruby: Regular expression denial of service vulnerability of WEBrick's Digest authentication

https://notcve.org/view.php?id=CVE-2019-16201

WEBrick::HTTPAuth::DigestAuth in Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 has a regular expression Denial of Service cause by looping/backtracking. A victim must expose a WEBrick server that uses DigestAuth to the Internet or a untrusted network. La función WEBrick::HTTPAuth::DigestAuth en Ruby versiones hasta la versión 2.4.7, versiones 2.5.x hasta 2.5.6 y versiones 2.6.x hasta 2.6.4, tiene una expresión regular de denegación de servicio causada mediante looping/backtracking. Una víctima debe exponer un servidor WEBrick que usa DigestAuth en Internet o una red no segura. • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00041.html https://hackerone.com/reports/661722 https://lists.debian.org/debian-lts-announce/2019/11/msg00025.html https://lists.debian.org/debian-lts-announce/2019/12/msg00009.html https://lists.debian.org/debian-lts-announce/2020/08/msg00027.html https://lists.debian.org/debian-lts-announce/2023/04/msg00033.html https://seclists.org/bugtraq/2019/Dec/31 https://seclists.org/bugtraq/2019/Dec/32 https://security • CWE-287: Improper Authentication CWE-400: Uncontrolled Resource Consumption •

CVSS: 5.3EPSS: 1%CPEs: 5EXPL: 0

CVE-2019-16254 – ruby: HTTP response splitting in WEBrick

https://notcve.org/view.php?id=CVE-2019-16254

Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 allows HTTP Response Splitting. If a program using WEBrick inserts untrusted input into the response header, an attacker can exploit it to insert a newline character to split a header, and inject malicious content to deceive clients. NOTE: this issue exists because of an incomplete fix for CVE-2017-17742, which addressed the CRLF vector, but did not address an isolated CR or an isolated LF. Ruby versiones hasta 2.4.7, versiones 2.5.x hasta 2.5.6 y versiones 2.6.x hasta 2.6.4, permite HTTP Response Splitting. Si un programa que utiliza WEBrick inserta información no segura en el encabezado de respuesta, un atacante puede explotarlo para insertar un carácter newline para dividir un encabezado e inyectar contenido malicioso para engañar a los clientes. • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00041.html https://hackerone.com/reports/331984 https://lists.debian.org/debian-lts-announce/2019/11/msg00025.html https://lists.debian.org/debian-lts-announce/2019/12/msg00009.html https://lists.debian.org/debian-lts-announce/2020/08/msg00027.html https://lists.debian.org/debian-lts-announce/2023/04/msg00033.html https://seclists.org/bugtraq/2019/Dec/31 https://seclists.org/bugtraq/2019/Dec/32 https://security • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting') •