Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
rubygems mail gem vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2012-2139
Directory traversal vulnerability in lib/mail/network/delivery_methods/file_delivery.rb in the Mail gem prior to 2.4.4 for Ruby allows remote malicious users to read arbitrary files via a .. (dot dot) in the to parameter.
Rubygems Mail Gem
Rubygems Mail Gem 2.4.1
Rubygems Mail Gem 2.3.3
Rubygems Mail Gem 2.3.2
7.5
CVSSv2
CVE-2012-2140
The Mail gem prior to 2.4.3 for Ruby allows remote malicious users to execute arbitrary commands via shell metacharacters in a (1) sendmail or (2) exim delivery.
Rubygems Mail Gem
Rubygems Mail Gem 2.3.3
Rubygems Mail Gem 2.3.2
4.3
CVSSv2
CVE-2015-9096
Net::SMTP in Ruby prior to 2.4.0 is vulnerable to SMTP command injection via CRLF sequences in a RCPT TO or MAIL FROM command, as demonstrated by CRLF sequences immediately before and after a DATA substring.
Ruby-lang Ruby
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started