CVSS: 5.3EPSS: 0%CPEs: 7EXPL: 0CVE-2023-28756 – ruby: ReDoS vulnerability in Time
https://notcve.org/view.php?id=CVE-2023-28756
31 Mar 2023 — A ReDoS issue was discovered in the Time component through 0.2.1 in Ruby through 3.2.1. The Time parser mishandles invalid URLs that have specific characters. It causes an increase in execution time for parsing strings to Time objects. The fixed versions are 0.1.1 and 0.2.2. A flaw was found in the Time gem and Time library of Ruby. • https://github.com/ruby/time/releases • CWE-20: Improper Input Validation CWE-1333: Inefficient Regular Expression Complexity •
CVSS: 7.8EPSS: 4%CPEs: 4EXPL: 0CVE-2023-22795 – rubygem-actionpack: Denial of Service in Action Dispatch
https://notcve.org/view.php?id=CVE-2023-22795
09 Feb 2023 — A regular expression based DoS vulnerability in Action Dispatch <6.1.7.1 and <7.0.4.1 related to the If-None-Match header. A specially crafted HTTP If-None-Match header can cause the regular expression engine to enter a state of catastrophic backtracking, when on a version of Ruby below 3.2.0. This can cause the process to use large amounts of CPU and memory, leading to a possible DoS vulnerability All users running an affected release should either upgrade or use one of the workarounds immediately. A flaw ... • https://discuss.rubyonrails.org/t/cve-2023-22795-possible-redos-based-dos-vulnerability-in-action-dispatch/82118 • CWE-400: Uncontrolled Resource Consumption CWE-1333: Inefficient Regular Expression Complexity •
CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-28739 – ruby: Buffer overrun in String-to-Float conversion
https://notcve.org/view.php?id=CVE-2022-28739
09 May 2022 — There is a buffer over-read in Ruby before 2.6.10, 2.7.x before 2.7.6, 3.x before 3.0.4, and 3.1.x before 3.1.2. It occurs in String-to-Float conversion, including Kernel#Float and String#to_f. Se presenta una lectura excesiva del búfer en Ruby versiones anteriores a 2.6.10, 2.7.x versiones anteriores a 2.7.6, 3.x versiones anteriores a 3.0.4 y 3.1.x versiones anteriores a 3.1.2. Es producida en la conversión String-to-Float, incluyendo Kernel#Float y String#to_f A buffer overrun vulnerability was found in ... • http://seclists.org/fulldisclosure/2022/Oct/28 • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 18EXPL: 1CVE-2021-41819 – ruby: Cookie prefix spoofing in CGI::Cookie.parse
https://notcve.org/view.php?id=CVE-2021-41819
01 Jan 2022 — CGI::Cookie.parse in Ruby through 2.6.8 mishandles security prefixes in cookie names. This also affects the CGI gem through 0.3.0 for Ruby. CGI::Cookie.parse en Ruby versiones hasta 2.6.8, maneja inapropiadamente los prefijos de seguridad en los nombres de las cookies. Esto también afecta a CGI gem versiones hasta 0.3.0 para Ruby. A flaw was found in Ruby. • https://hackerone.com/reports/910552 • CWE-565: Reliance on Cookies without Validation and Integrity Checking •
CVSS: 7.5EPSS: 0%CPEs: 19EXPL: 1CVE-2021-41817 – ruby: Regular expression denial of service vulnerability of Date parsing methods
https://notcve.org/view.php?id=CVE-2021-41817
01 Jan 2022 — Date.parse in the date gem through 3.2.0 for Ruby allows ReDoS (regular expression Denial of Service) via a long string. The fixed versions are 3.2.1, 3.1.2, 3.0.2, and 2.0.1. Date.parse en date gem versiones hasta 3.2.0 para Ruby, permite ReDoS (expresión regular de denegación de servicio) por medio de una cadena larga. Las versiones corregidas son 3.2.1, 3.1.2, 3.0.2 y 2.0.1. A flaw was found in ruby, where the date object was found to be vulnerable to a regular expression denial of service (ReDoS) during... • https://hackerone.com/reports/1254844 • CWE-400: Uncontrolled Resource Consumption CWE-1333: Inefficient Regular Expression Complexity •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 1CVE-2021-28966
https://notcve.org/view.php?id=CVE-2021-28966
27 Jul 2021 — In Ruby through 3.0 on Windows, a remote attacker can submit a crafted path when a Web application handles a parameter with TmpDir. En Ruby versiones hasta 3.0 en Windows, un atacante remoto puede enviar una ruta diseñada cuando una aplicación web maneja un parámetro con TmpDir • https://hackerone.com/reports/1131465 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.0EPSS: 0%CPEs: 5EXPL: 0CVE-2021-31799 – rubygem-rdoc: Command injection vulnerability in RDoc
https://notcve.org/view.php?id=CVE-2021-31799
21 Jul 2021 — In RDoc 3.11 through 6.x before 6.3.1, as distributed with Ruby through 3.0.1, it is possible to execute arbitrary code via | and tags in a filename. En RDoc versiones 3.11 hasta 6.x versiones anteriores a 6.3.1, como se distribuye con Ruby versiones hasta 3.0.1, es posible ejecutar código arbitrario por medio de | y etiquetas en un nombre de archivo An operating system command injection flaw was found in RDoc. Using the rdoc command to generate documentation for a malicious Ruby source code could lead to e... • https://lists.debian.org/debian-lts-announce/2021/10/msg00009.html • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.4EPSS: 0%CPEs: 4EXPL: 1CVE-2021-32066 – ruby: StartTLS stripping vulnerability in Net::IMAP
https://notcve.org/view.php?id=CVE-2021-32066
21 Jul 2021 — An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. Net::IMAP does not raise an exception when StartTLS fails with an an unknown response, which might allow man-in-the-middle attackers to bypass the TLS protections by leveraging a network position between the client and the registry to block the StartTLS command, aka a "StartTLS stripping attack." Se ha detectado un problema en Ruby versiones hasta 2.6.7, versiones 2.7.x hasta 2.7.3, y versiones 3.x hasta 3.0.1. Net::I... • https://github.com/ruby/ruby/commit/a21a3b7d23704a01d34bd79d09dc37897e00922a • CWE-319: Cleartext Transmission of Sensitive Information CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 5.8EPSS: 0%CPEs: 6EXPL: 1CVE-2021-31810 – ruby: FTP PASV command response can cause Net::FTP to connect to arbitrary host
https://notcve.org/view.php?id=CVE-2021-31810
13 Jul 2021 — An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. A malicious FTP server can use the PASV response to trick Net::FTP into connecting back to a given IP address and port. This potentially makes curl extract information about services that are otherwise private and not disclosed (e.g., the attacker can conduct port scans and service banner extractions). Se ha detectado un problema en Ruby versiones hasta 2.6.7, versiones 2.7.x hasta 2.7.3, y versiones 3.x hasta 3.0.1. ... • https://hackerone.com/reports/1145454 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2021-28965 – ruby: XML round-trip vulnerability in REXML
https://notcve.org/view.php?id=CVE-2021-28965
21 Apr 2021 — The REXML gem before 3.2.5 in Ruby before 2.6.7, 2.7.x before 2.7.3, and 3.x before 3.0.1 does not properly address XML round-trip issues. An incorrect document can be produced after parsing and serializing. El REXML gem versiones anteriores a 3.2.5 en Ruby versiones anteriores a 2.6.7, versiones 2.7.x anteriores a 2.7.3 y versiones 3.x anteriores a 3.0.1, no aborda apropiadamente los problemas round-trip de XML. Puede ser producido un documento incorrecto después de analizarlo y serializarlo A flaw wa... • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WTVFTLFVCSUE5CXHINJEUCKSHU4SWDMT • CWE-611: Improper Restriction of XML External Entity Reference •