Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ruby-lang rexml vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2011-1005
The safe-level feature in Ruby 1.8.6 up to and including 1.8.6-420, 1.8.7 up to and including 1.8.7-330, and 1.8.8dev allows context-dependent malicious users to modify strings via the Exception#to_s method, as demonstrated by changing an intended pathname.
Ruby-lang Ruby 1.8.6-420
Ruby-lang Ruby 1.8.7-330
Ruby-lang Ruby 1.8.7
Ruby-lang Ruby 1.8.8
Ruby-lang Ruby 1.8.6
383
VMScore
CVE-2012-4481
The safe-level feature in Ruby 1.8.7 allows context-dependent malicious users to modify strings via the NameError#to_s method when operating on Ruby objects. NOTE: this issue is due to an incomplete fix for CVE-2011-1005.
Ruby-lang Ruby 1.8.7
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3080
log injection
CVE-2024-6041
CVE-2024-37661
XML external entity
CVE-2024-0845
privilege escalation
CVE-2023-37057
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2