CVSS: 7.5EPSS: 2%CPEs: 12EXPL: 4CVE-2014-2734
https://notcve.org/view.php?id=CVE-2014-2734
24 Apr 2014 — The openssl extension in Ruby 2.x does not properly maintain the state of process memory after a file is reopened, which allows remote attackers to spoof signatures within the context of a Ruby script that attempts signature verification after performing a certain sequence of filesystem operations. NOTE: this issue has been disputed by the Ruby OpenSSL team and third parties, who state that the original demonstration PoC contains errors and redundant or unnecessarily-complex code that does not appear to be ... • https://github.com/gdisneyleugers/CVE-2014-2734 • CWE-399: Resource Management Errors •
CVSS: 9.8EPSS: 6%CPEs: 7EXPL: 2CVE-2013-4164 – ruby: heap overflow in floating point parsing
https://notcve.org/view.php?id=CVE-2013-4164
23 Nov 2013 — Heap-based buffer overflow in Ruby 1.8, 1.9 before 1.9.3-p484, 2.0 before 2.0.0-p353, 2.1 before 2.1.0 preview2, and trunk before revision 43780 allows context-dependent attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a string that is converted to a floating point value, as demonstrated using (1) the to_f method or (2) JSON.parse. Desbordamiento de buffer basado en memoria dinámica en Ruby 1.8, 1.9 anteriores a 1.9.3-p484, 2.0 anteriores a 2.0.0-p353, 2.1 ... • https://packetstorm.news/files/id/180519 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 7.5EPSS: 0%CPEs: 20EXPL: 1CVE-2013-2065 – Ubuntu Security Notice USN-2035-1
https://notcve.org/view.php?id=CVE-2013-2065
02 Nov 2013 — (1) DL and (2) Fiddle in Ruby 1.9 before 1.9.3 patchlevel 426, and 2.0 before 2.0.0 patchlevel 195, do not perform taint checking for native functions, which allows context-dependent attackers to bypass intended $SAFE level restrictions. (1) DL y (2) Fiddle en Ruby 1.9 anterior a 1.9.3 patchlevel 426, y 2.0 anterior a 2.0.0 patchlevel 195, no se realizan la comprobación de corrupción de las funciones nativas, lo que permite a atacantes dependientes de contexto eludir el nivel de restricciones $SAFE. Charlie... • http://lists.fedoraproject.org/pipermail/package-announce/2013-May/107064.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 4.3EPSS: 0%CPEs: 71EXPL: 0CVE-2013-4363
https://notcve.org/view.php?id=CVE-2013-4363
17 Oct 2013 — Algorithmic complexity vulnerability in Gem::Version::ANCHORED_VERSION_PATTERN in lib/rubygems/version.rb in RubyGems before 1.8.23.2, 1.8.24 through 1.8.26, 2.0.x before 2.0.10, and 2.1.x before 2.1.5, as used in Ruby 1.9.0 through 2.0.0p247, allows remote attackers to cause a denial of service (CPU consumption) via a crafted gem version that triggers a large amount of backtracking in a regular expression. NOTE: this issue is due to an incomplete fix for CVE-2013-4287. Vulnerabilidad en la complejidad algo... • http://blog.rubygems.org/2013/09/24/CVE-2013-4363.html • CWE-310: Cryptographic Issues •
CVSS: 7.5EPSS: 1%CPEs: 59EXPL: 0CVE-2013-4287 – rubygems: version regex algorithmic complexity vulnerability
https://notcve.org/view.php?id=CVE-2013-4287
16 Oct 2013 — Algorithmic complexity vulnerability in Gem::Version::VERSION_PATTERN in lib/rubygems/version.rb in RubyGems before 1.8.23.1, 1.8.24 through 1.8.25, 2.0.x before 2.0.8, and 2.1.x before 2.1.0, as used in Ruby 1.9.0 through 2.0.0p247, allows remote attackers to cause a denial of service (CPU consumption) via a crafted gem version that triggers a large amount of backtracking in a regular expression. Vulnerabilidad en la complejidad algorítmicade Gem :: Versión :: VERSION_PATTERN en lib / rubygems / version.rb... • http://blog.rubygems.org/2013/09/09/CVE-2013-4287.html • CWE-310: Cryptographic Issues CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.8EPSS: 0%CPEs: 42EXPL: 0CVE-2013-4073 – ruby: hostname check bypassing vulnerability in SSL client
https://notcve.org/view.php?id=CVE-2013-4073
28 Jun 2013 — The OpenSSL::SSL.verify_certificate_identity function in lib/openssl/ssl.rb in Ruby 1.8 before 1.8.7-p374, 1.9 before 1.9.3-p448, and 2.0 before 2.0.0-p247 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408. La función OpenSSL::SSL.verify_certificate_identity en... • http://forums.interworx.com/threads/8000-InterWorx-Version-5-0-14-Released-on-Beta-Channel%21 • CWE-310: Cryptographic Issues •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2012-4481 – ruby: Incomplete fix for CVE-2011-1005 for NameError#to_s method when used on objects
https://notcve.org/view.php?id=CVE-2012-4481
02 May 2013 — The safe-level feature in Ruby 1.8.7 allows context-dependent attackers to modify strings via the NameError#to_s method when operating on Ruby objects. NOTE: this issue is due to an incomplete fix for CVE-2011-1005. La funcionalidad safe-level de Ruby v1.8.7 permite a atacantes dependiendo del contexto modificar cadenas a través del método NameError#to_s mientras corren objetos Ruby. NOTA: este problema es debido a una corrección incompleta para CVE-2011-1005. The safe-level feature in Ruby 1.8.7 allows con... • http://rhn.redhat.com/errata/RHSA-2013-0129.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 0%CPEs: 11EXPL: 0CVE-2012-4464 – 1.9.3: Possibility to bypass Ruby's $SAFE (level 4) semantics
https://notcve.org/view.php?id=CVE-2012-4464
25 Apr 2013 — Ruby 1.9.3 before patchlevel 286 and 2.0 before revision r37068 allows context-dependent attackers to bypass safe-level restrictions and modify untainted strings via the (1) exc_to_s or (2) name_err_to_s API function, which marks the string as tainted, a different vulnerability than CVE-2012-4466. NOTE: this issue might exist because of a CVE-2011-1005 regression. Ruby v1.9.3 antes patchlevel 286 y v2.0 antes de la revisión r37068 permite a atacantes dependientes de contexto para evitar las restricciones de... • http://lists.fedoraproject.org/pipermail/package-announce/2012-October/089554.html • CWE-264: Permissions, Privileges, and Access Controls CWE-266: Incorrect Privilege Assignment •
CVSS: 7.5EPSS: 0%CPEs: 34EXPL: 0CVE-2012-4466 – ruby: safe level bypass via name_err_mesg_to_str()
https://notcve.org/view.php?id=CVE-2012-4466
25 Apr 2013 — Ruby 1.8.7 before patchlevel 371, 1.9.3 before patchlevel 286, and 2.0 before revision r37068 allows context-dependent attackers to bypass safe-level restrictions and modify untainted strings via the name_err_mesg_to_str API function, which marks the string as tainted, a different vulnerability than CVE-2011-1005. Ruby v1.8.7 antes de patchlevel 371, v1.9.3 antes patchlevel 286 y v2.0 antes de la revisión r37068 permite a atacantes dependientes de contexto evitar las restricciones de seguridad de nivel y mo... • http://lists.fedoraproject.org/pipermail/package-announce/2012-October/089554.html • CWE-264: Permissions, Privileges, and Access Controls CWE-266: Incorrect Privilege Assignment •
CVSS: 5.3EPSS: 10%CPEs: 14EXPL: 0CVE-2013-1821 – ruby: entity expansion DoS vulnerability in REXML
https://notcve.org/view.php?id=CVE-2013-1821
09 Apr 2013 — lib/rexml/text.rb in the REXML parser in Ruby before 1.9.3-p392 allows remote attackers to cause a denial of service (memory consumption and crash) via crafted text nodes in an XML document, aka an XML Entity Expansion (XEE) attack. lib/rexml/text.rb en el analizador REXML en Ruby anterior a 1.9.3-p392, permite a atacantes remotos provocar una denegación de servicio (consumo de memoria o caída de la aplicación) a través de nodos de texto manipulados en un documento XML. Aka como ataque XML Entity Expansion ... • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702525 • CWE-20: Improper Input Validation •