Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
rest-client project rest-client vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2019-15224
The rest-client gem 1.6.10 up to and including 1.6.13 for Ruby, as distributed on RubyGems.org, included a code-execution backdoor inserted by a third party. Versions <=1.6.9 and >=1.6.14 are unaffected.
Rest-client Project Rest-client
1 Article
9.8
CVSSv3
CVE-2015-1820
REST client for Ruby (aka rest-client) prior to 1.8.0 allows remote malicious users to conduct session fixation attacks or obtain sensitive cookie information by leveraging passage of cookies set in a response to a redirect.
Rest-client Project Rest-client
NA
CVE-2024-25503
Cross Site Scripting (XSS) vulnerability in Advanced REST Client v.17.0.9 allows a remote malicious user to execute arbitrary code and obtain sensitive information via a crafted script to the edit details parameter of the New Project function.
NA
CVE-2015-3448
REST client for Ruby (aka rest-client) prior to 1.7.3 logs usernames and passwords, which allows local users to obtain sensitive information by reading the log.
Rest-client Project Rest-client
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started