Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ruby-lang ruby 1.8.7 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2008-3655
Ruby 1.8.5 and previous versions, 1.8.6 up to and including 1.8.6-p286, 1.8.7 up to and including 1.8.7-p71, and 1.9 through r18423 does not properly restrict access to critical variables and methods at various safe levels, which allows context-dependent malicious users to bypass...
Ruby-lang Ruby 1.8.3
Ruby-lang Ruby 1.8.2
Ruby-lang Ruby 1.8.4
Ruby-lang Ruby 1.8.1
Ruby-lang Ruby 1.8.7
Ruby-lang Ruby 1.9.0
Ruby-lang Ruby 1.8.6
Ruby-lang Ruby 1.8.5
Ruby-lang Ruby
Ruby-lang Ruby 1.8.0
Ruby-lang Ruby 1.6.8
2 EDB exploits
7.8
CVSSv2
CVE-2008-3656
Algorithmic complexity vulnerability in the WEBrick::HTTPUtils.split_header_value function in WEBrick::HTTP::DefaultFileHandler in WEBrick in Ruby 1.8.5 and previous versions, 1.8.6 up to and including 1.8.6-p286, 1.8.7 up to and including 1.8.7-p71, and 1.9 through r18423 allows...
Ruby-lang Ruby 1.8.3
Ruby-lang Ruby 1.8.2
Ruby-lang Ruby 1.8.4
Ruby-lang Ruby 1.8.1
Ruby-lang Ruby 1.8.7
Ruby-lang Ruby 1.9.0
Ruby-lang Ruby 1.8.6
Ruby-lang Ruby 1.8.5
Ruby-lang Ruby
Ruby-lang Ruby 1.8.0
Ruby-lang Ruby 1.6.8
1 EDB exploit
7.5
CVSSv2
CVE-2008-3657
The dl module in Ruby 1.8.5 and previous versions, 1.8.6 up to and including 1.8.6-p286, 1.8.7 up to and including 1.8.7-p71, and 1.9 through r18423 does not check "taintness" of inputs, which allows context-dependent malicious users to bypass safe levels and execute da...
Ruby-lang Ruby 1.8.3
Ruby-lang Ruby 1.8.2
Ruby-lang Ruby 1.8.4
Ruby-lang Ruby 1.8.1
Ruby-lang Ruby 1.8.7
Ruby-lang Ruby 1.9.0
Ruby-lang Ruby 1.8.6
Ruby-lang Ruby 1.8.5
Ruby-lang Ruby
Ruby-lang Ruby 1.8.0
Ruby-lang Ruby 1.6.8
1 EDB exploit
5
CVSSv2
CVE-2008-3443
The regular expression engine (regex.c) in Ruby 1.8.5 and previous versions, 1.8.6 up to and including 1.8.6-p286, 1.8.7 up to and including 1.8.7-p71, and 1.9 through r18423 allows remote malicious users to cause a denial of service (infinite loop and crash) via multiple long re...
Ruby-lang Ruby 1.8.3
Ruby-lang Ruby 1.8.2
Ruby-lang Ruby 1.8.4
Ruby-lang Ruby 1.8.1
Ruby-lang Ruby 1.8.7
Ruby-lang Ruby 1.9.0
Ruby-lang Ruby 1.8.6
Ruby-lang Ruby 1.8.5
Ruby-lang Ruby 1.8.0
Ruby-lang Ruby 1.6.8
1 EDB exploit
4.3
CVSSv2
CVE-2012-4481
The safe-level feature in Ruby 1.8.7 allows context-dependent malicious users to modify strings via the NameError#to_s method when operating on Ruby objects. NOTE: this issue is due to an incomplete fix for CVE-2011-1005.
Ruby-lang Ruby 1.8.7
5
CVSSv2
CVE-2013-1821
lib/rexml/text.rb in the REXML parser in Ruby prior to 1.9.3-p392 allows remote malicious users to cause a denial of service (memory consumption and crash) via crafted text nodes in an XML document, aka an XML Entity Expansion (XEE) attack.
Ruby-lang Ruby 1.9.3
Ruby-lang Ruby 1.9.2
Ruby-lang Ruby 1.9.1
Ruby-lang Ruby 1.9
Ruby-lang Ruby
Ruby-lang Ruby 2.0.0
Ruby-lang Ruby 2.0
5
CVSSv2
CVE-2008-1891
Directory traversal vulnerability in WEBrick in Ruby 1.8.4 and previous versions, 1.8.5 prior to 1.8.5-p231, 1.8.6 prior to 1.8.6-p230, 1.8.7 prior to 1.8.7-p22, and 1.9.0 prior to 1.9.0-2, when using NTFS or FAT filesystems, allows remote malicious users to read arbitrary CGI fi...
Ruby-lang Ruby 1.8.5
Ruby-lang Ruby
Ruby-lang Ruby 1.8.6
7.5
CVSSv2
CVE-2009-4492
WEBrick 1.3.1 in Ruby 1.8.6 through patchlevel 383, 1.8.7 through patchlevel 248, 1.8.8dev, 1.9.1 through patchlevel 376, and 1.9.2dev writes data to a log file without sanitizing non-printable characters, which might allow remote malicious users to modify a window's title, ...
Ruby-lang Webrick 1.3.1
1 EDB exploit
4.3
CVSSv2
CVE-2013-4363
Algorithmic complexity vulnerability in Gem::Version::ANCHORED_VERSION_PATTERN in lib/rubygems/version.rb in RubyGems prior to 1.8.23.2, 1.8.24 up to and including 1.8.26, 2.0.x prior to 2.0.10, and 2.1.x prior to 2.1.5, as used in Ruby 1.9.0 up to and including 2.0.0p247, allows...
Rubygems Rubygems 1.8.24
Rubygems Rubygems 1.8.16
Rubygems Rubygems 2.1.0
Rubygems Rubygems 2.0.0
Rubygems Rubygems 2.0.6
Rubygems Rubygems 1.8.20
Rubygems Rubygems 1.8.0
Rubygems Rubygems 2.0.5
Rubygems Rubygems 2.0.4
Rubygems Rubygems 1.8.8
Rubygems Rubygems 1.8.12
Rubygems Rubygems 1.8.22
Rubygems Rubygems 1.8.17
Rubygems Rubygems 2.1.1
Rubygems Rubygems 1.8.15
Rubygems Rubygems 1.8.5
Rubygems Rubygems 2.1.4
Rubygems Rubygems 1.8.21
Rubygems Rubygems 1.8.2
Rubygems Rubygems 1.8.26
Rubygems Rubygems 1.8.9
Rubygems Rubygems 2.0.3
7.8
CVSSv2
CVE-2008-2726
Integer overflow in the (1) rb_ary_splice function in Ruby 1.8.4 and previous versions, 1.8.5 prior to 1.8.5-p231, 1.8.6 prior to 1.8.6-p230, 1.8.7 prior to 1.8.7-p22, and 1.9.0 prior to 1.9.0-2; and (2) the rb_ary_replace function in 1.6.x allows context-dependent malicious user...
Ruby-lang Ruby
Debian Debian Linux 4.0
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 7.04
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 8.04
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »