CVSS: 7.5EPSS: 1%CPEs: 34EXPL: 0CVE-2012-4466 – ruby: safe level bypass via name_err_mesg_to_str()
https://notcve.org/view.php?id=CVE-2012-4466
11 Oct 2012 — Ruby 1.8.7 before patchlevel 371, 1.9.3 before patchlevel 286, and 2.0 before revision r37068 allows context-dependent attackers to bypass safe-level restrictions and modify untainted strings via the name_err_mesg_to_str API function, which marks the string as tainted, a different vulnerability than CVE-2011-1005. Ruby v1.8.7 antes de patchlevel 371, v1.9.3 antes patchlevel 286 y v2.0 antes de la revisión r37068 permite a atacantes dependientes de contexto evitar las restricciones de seguridad de nivel y mo... • http://lists.fedoraproject.org/pipermail/package-announce/2012-October/089554.html • CWE-264: Permissions, Privileges, and Access Controls CWE-266: Incorrect Privilege Assignment •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2012-4481 – ruby: Incomplete fix for CVE-2011-1005 for NameError#to_s method when used on objects
https://notcve.org/view.php?id=CVE-2012-4481
11 Oct 2012 — The safe-level feature in Ruby 1.8.7 allows context-dependent attackers to modify strings via the NameError#to_s method when operating on Ruby objects. NOTE: this issue is due to an incomplete fix for CVE-2011-1005. La funcionalidad safe-level de Ruby v1.8.7 permite a atacantes dependiendo del contexto modificar cadenas a través del método NameError#to_s mientras corren objetos Ruby. NOTA: este problema es debido a una corrección incompleta para CVE-2011-1005. The safe-level feature in Ruby 1.8.7 allows con... • http://rhn.redhat.com/errata/RHSA-2013-0129.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 2%CPEs: 5EXPL: 0CVE-2011-4815 – ruby: hash table collisions CPU usage DoS (oCERT-2011-003)
https://notcve.org/view.php?id=CVE-2011-4815
28 Dec 2011 — Ruby (aka CRuby) before 1.8.7-p357 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table. Ruby (también conocido como CRuby) anterior a v1.8.7-P357 calcula los valores de hash sin restringir la capacidad de desencadenar colisiones hash predecible, que permite a atacantes dependientes de contexto para causar una denegaci... • http://archives.neohapsis.com/archives/bugtraq/2011-12/0181.html • CWE-20: Improper Input Validation •
CVSS: 7.4EPSS: 0%CPEs: 3EXPL: 0CVE-2011-3009 – ruby: Properly initialize the random number generator when forking new process
https://notcve.org/view.php?id=CVE-2011-3009
05 Aug 2011 — Ruby before 1.8.6-p114 does not reset the random seed upon forking, which makes it easier for context-dependent attackers to predict the values of random numbers by leveraging knowledge of the number sequence obtained in a different child process, a related issue to CVE-2003-0900. Ruby en versiones anteriores a la 1.8.6-p114 no resetea la semilla aleatoria después de la creacción de procesos ("forking"), lo que facilita a atacantes, dependiendo del contexto, predecir el valor de números aleatorios basándose... • http://redmine.ruby-lang.org/issues/show/4338 • CWE-310: Cryptographic Issues •
CVSS: 9.1EPSS: 1%CPEs: 12EXPL: 0CVE-2011-2686 – Ubuntu Security Notice USN-1377-1
https://notcve.org/view.php?id=CVE-2011-2686
05 Aug 2011 — Ruby before 1.8.7-p352 does not reset the random seed upon forking, which makes it easier for context-dependent attackers to predict the values of random numbers by leveraging knowledge of the number sequence obtained in a different child process, a related issue to CVE-2003-0900. NOTE: this issue exists because of a regression during Ruby 1.8.6 development. Ruby en versiones anteriores a la 1.8.7-p352 no resetea la semilla aleatoria después de la creacción de procesos ("forking"), lo que facilita a atacant... • http://lists.fedoraproject.org/pipermail/package-announce/2011-July/063062.html • CWE-310: Cryptographic Issues •
CVSS: 7.4EPSS: 1%CPEs: 35EXPL: 0CVE-2011-2705 – ruby: Properly initialize the random number generator when forking new process
https://notcve.org/view.php?id=CVE-2011-2705
05 Aug 2011 — The SecureRandom.random_bytes function in lib/securerandom.rb in Ruby before 1.8.7-p352 and 1.9.x before 1.9.2-p290 relies on PID values for initialization, which makes it easier for context-dependent attackers to predict the result string by leveraging knowledge of random strings obtained in an earlier process with the same PID. La función SecureRandom.random_bytes de lib/securerandom.rb de Ruby en versiones anteriores a 1.8.7-p352 y 1.9.x anteriores a 1.9.2-p290 se basa en valores PID para la inicializaci... • http://lists.fedoraproject.org/pipermail/package-announce/2011-July/063062.html • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 2%CPEs: 38EXPL: 0CVE-2011-0188 – ruby: memory corruption in BigDecimal on 64bit platforms
https://notcve.org/view.php?id=CVE-2011-0188
23 Mar 2011 — The VpMemAlloc function in bigdecimal.c in the BigDecimal class in Ruby 1.9.2-p136 and earlier, as used on Apple Mac OS X before 10.6.7 and other platforms, does not properly allocate memory, which allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving creation of a large BigDecimal value within a 64-bit process, related to an "integer truncation issue." La función VpMemAlloc en bigdecimal.c en la clase BigDecimal en Ruby v1.9.2-P1... • http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html • CWE-189: Numeric Errors •
CVSS: 8.1EPSS: 0%CPEs: 6EXPL: 0CVE-2011-1004 – Ruby: Symlink race condition by removing directory trees in fileutils module
https://notcve.org/view.php?id=CVE-2011-1004
02 Mar 2011 — The FileUtils.remove_entry_secure method in Ruby 1.8.6 through 1.8.6-420, 1.8.7 through 1.8.7-330, 1.8.8dev, 1.9.1 through 1.9.1-430, 1.9.2 through 1.9.2-136, and 1.9.3dev allows local users to delete arbitrary files via a symlink attack. El método FileUtils.remove_entry_secure de Ruby 1.8.6 hasta la versión 1.8.6-420, 1.8.7 hasta la 1.8.7-330, 1.8.8dev, 1.9.1 hasta la 1.9.1-430, 1.9.2 hasta la 1.9.2-136 y 1.9.3dev permite a usuarios locales borrar archivos de su elección a través de un enlace de ataque sim... • http://lists.apple.com/archives/security-announce/2012/May/msg00001.html • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 8.1EPSS: 4%CPEs: 5EXPL: 1CVE-2011-1005 – Ruby: Untrusted codes able to modify arbitrary strings
https://notcve.org/view.php?id=CVE-2011-1005
02 Mar 2011 — The safe-level feature in Ruby 1.8.6 through 1.8.6-420, 1.8.7 through 1.8.7-330, and 1.8.8dev allows context-dependent attackers to modify strings via the Exception#to_s method, as demonstrated by changing an intended pathname. La funcionalidad safe-level de Ruby 1.8.6 hasta la versión 1.8.6-420, 1.8.7 hasta la 1.8.7-330 y 1.8.8dev permite a atacantes, dependiendo del contexto, modificar cadenas de texto a través del método Exception#to_s method, como se ha demostrado cambiando el pathname previsto. Ruby is... • http://lists.apple.com/archives/security-announce/2012/May/msg00001.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 0CVE-2010-2489
https://notcve.org/view.php?id=CVE-2010-2489
09 Jul 2010 — Buffer overflow in Ruby 1.9.x before 1.9.1-p429 on Windows might allow local users to gain privileges via a crafted ARGF.inplace_mode value that is not properly handled when constructing the filenames of the backup files. Desbordamiento de búfer en Ruby v1.9.x anterior v1.9.1-p429 en Windows puede permitir a usuarios locales ganar privilegios mediante un valor ARGF.inplace_mode manipulado que no es correctamente manejado cuando construye los nombres de archivos de los ficheros backup • http://osdir.com/ml/ruby-talk/2010-07/msg00095.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •