CVSS: 7.5EPSS: 14%CPEs: 26EXPL: 1CVE-2014-8090 – ruby: REXML incomplete fix for CVE-2014-8080
https://notcve.org/view.php?id=CVE-2014-8090
20 Nov 2014 — The REXML parser in Ruby 1.9.x before 1.9.3 patchlevel 551, 2.0.x before 2.0.0 patchlevel 598, and 2.1.x before 2.1.5 allows remote attackers to cause a denial of service (CPU and memory consumption) a crafted XML document containing an empty string in an entity that is used in a large number of nested entity references, aka an XML Entity Expansion (XEE) attack. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-1821 and CVE-2014-8080. El analizador REXML en Ruby 1.9.x anterior a 1.9.... • http://advisories.mageia.org/MGASA-2014-0472.html • CWE-776: Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion') •
CVSS: 7.5EPSS: 2%CPEs: 23EXPL: 0CVE-2014-4975 – ruby: off-by-one stack-based buffer overflow in the encodes() function
https://notcve.org/view.php?id=CVE-2014-4975
04 Nov 2014 — Off-by-one error in the encodes function in pack.c in Ruby 1.9.3 and earlier, and 2.x through 2.1.2, when using certain format string specifiers, allows context-dependent attackers to cause a denial of service (segmentation fault) via vectors that trigger a stack-based buffer overflow. Error de superación de límite (off-by-one) en la función de codificación ubicada en pack.c en Ruby 1.9.3 y anteriores, y 2.x hasta 2.1.2, cuando se utilizan ciertos especificadores de formato de cadena, permite a atacantes de... • http://advisories.mageia.org/MGASA-2014-0472.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •
CVSS: 7.5EPSS: 14%CPEs: 31EXPL: 1CVE-2014-8080 – ruby: REXML billion laughs attack via parameter entity expansion
https://notcve.org/view.php?id=CVE-2014-8080
03 Nov 2014 — The REXML parser in Ruby 1.9.x before 1.9.3-p550, 2.0.x before 2.0.0-p594, and 2.1.x before 2.1.4 allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document, aka an XML Entity Expansion (XEE) attack. El analizador REXML en Ruby 1.9.x anterior a 1.9.3-p550, 2.0.x anterior a 2.0.0-p594, y 2.1.x anterior a 2.1.4 permite a atacantes remotos causar una denegación de servicio (consumo de memoria) a través de un documento XML manipulado, también conocido como un ataque de ... • http://advisories.mageia.org/MGASA-2014-0443.html • CWE-776: Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion') •
CVSS: 7.5EPSS: 6%CPEs: 12EXPL: 4CVE-2014-2734
https://notcve.org/view.php?id=CVE-2014-2734
24 Apr 2014 — The openssl extension in Ruby 2.x does not properly maintain the state of process memory after a file is reopened, which allows remote attackers to spoof signatures within the context of a Ruby script that attempts signature verification after performing a certain sequence of filesystem operations. NOTE: this issue has been disputed by the Ruby OpenSSL team and third parties, who state that the original demonstration PoC contains errors and redundant or unnecessarily-complex code that does not appear to be ... • https://github.com/gdisneyleugers/CVE-2014-2734 • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 0%CPEs: 21EXPL: 1CVE-2013-4413
https://notcve.org/view.php?id=CVE-2013-4413
11 Mar 2014 — Directory traversal vulnerability in controller/concerns/render_redirect.rb in the Wicked gem before 1.0.1 for Ruby allows remote attackers to read arbitrary files via a %2E%2E%2F (encoded dot dot slash) in the step. Vulnerabilidad de salto de directorio en controller/concerns/render_redirect.rb en la gema Wicked anterior a 1.0.1 para Ruby permite a atacantes remotos leer archivos arbitrarios a través de un %2E%2E%2F (punto punto barra codificado) en el paso. • http://seclists.org/oss-sec/2013/q4/43 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.8EPSS: 11%CPEs: 7EXPL: 2CVE-2013-4164 – ruby: heap overflow in floating point parsing
https://notcve.org/view.php?id=CVE-2013-4164
23 Nov 2013 — Heap-based buffer overflow in Ruby 1.8, 1.9 before 1.9.3-p484, 2.0 before 2.0.0-p353, 2.1 before 2.1.0 preview2, and trunk before revision 43780 allows context-dependent attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a string that is converted to a floating point value, as demonstrated using (1) the to_f method or (2) JSON.parse. Desbordamiento de buffer basado en memoria dinámica en Ruby 1.8, 1.9 anteriores a 1.9.3-p484, 2.0 anteriores a 2.0.0-p353, 2.1 ... • https://packetstorm.news/files/id/180519 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 9.8EPSS: 0%CPEs: 71EXPL: 0CVE-2013-4363
https://notcve.org/view.php?id=CVE-2013-4363
17 Oct 2013 — Algorithmic complexity vulnerability in Gem::Version::ANCHORED_VERSION_PATTERN in lib/rubygems/version.rb in RubyGems before 1.8.23.2, 1.8.24 through 1.8.26, 2.0.x before 2.0.10, and 2.1.x before 2.1.5, as used in Ruby 1.9.0 through 2.0.0p247, allows remote attackers to cause a denial of service (CPU consumption) via a crafted gem version that triggers a large amount of backtracking in a regular expression. NOTE: this issue is due to an incomplete fix for CVE-2013-4287. Vulnerabilidad en la complejidad algo... • http://blog.rubygems.org/2013/09/24/CVE-2013-4363.html • CWE-310: Cryptographic Issues •
CVSS: 7.5EPSS: 2%CPEs: 59EXPL: 0CVE-2013-4287 – rubygems: version regex algorithmic complexity vulnerability
https://notcve.org/view.php?id=CVE-2013-4287
16 Oct 2013 — Algorithmic complexity vulnerability in Gem::Version::VERSION_PATTERN in lib/rubygems/version.rb in RubyGems before 1.8.23.1, 1.8.24 through 1.8.25, 2.0.x before 2.0.8, and 2.1.x before 2.1.0, as used in Ruby 1.9.0 through 2.0.0p247, allows remote attackers to cause a denial of service (CPU consumption) via a crafted gem version that triggers a large amount of backtracking in a regular expression. Vulnerabilidad en la complejidad algorítmicade Gem :: Versión :: VERSION_PATTERN en lib / rubygems / version.rb... • http://blog.rubygems.org/2013/09/09/CVE-2013-4287.html • CWE-310: Cryptographic Issues CWE-400: Uncontrolled Resource Consumption •
CVSS: 9.8EPSS: 1%CPEs: 2EXPL: 1CVE-2013-5647
https://notcve.org/view.php?id=CVE-2013-5647
29 Aug 2013 — lib/sounder/sound.rb in the sounder gem 1.0.1 for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a filename. lib/sounder/sound.rb en Sounder Gem v1.0.1 para Ruby permite a atacantes remotos ejecutar código arbitrario a través de metacaracteres de shell en un nombre de archivo. • http://vapid.dhs.org/advisories/sounder-ruby-gem-cmd-inj.html • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2013-4136 – rubygem-passenger: insecure temporary directory usage due to reuse of existing server instance directories
https://notcve.org/view.php?id=CVE-2013-4136
05 Aug 2013 — ext/common/ServerInstanceDir.h in Phusion Passenger gem before 4.0.6 for Ruby allows local users to gain privileges or possibly change the ownership of arbitrary directories via a symlink attack on a directory with a predictable name in /tmp/. ext/common/ServerInstanceDir.h en Phusion Passenger gem anteriores a 4.0.6 para Ruby permite a usuarios locales obtener privilegios o posiblemente cambiar el propietario de directorios arbitrarios a través de un ataque de enlaces simbólicos sobre un directorio con nom... • http://rhn.redhat.com/errata/RHSA-2013-1136.html • CWE-59: Improper Link Resolution Before File Access ('Link Following') •