Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ruby-lang ruby 1.9.0 vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2009-1904
The BigDecimal library in Ruby 1.8.6 before p369 and 1.8.7 before p173 allows context-dependent malicious users to cause a denial of service (application crash) via a string argument that represents a large number, as demonstrated by an attempted conversion to the Float data type...
Ruby-lang Ruby 1.8.7
Ruby-lang Ruby 1.8.6
5
CVSSv2
CVE-2008-3790
The REXML module in Ruby 1.8.6 up to and including 1.8.6-p287, 1.8.7 up to and including 1.8.7-p72, and 1.9 allows context-dependent malicious users to cause a denial of service (CPU consumption) via an XML document with recursively nested entities, aka an "XML entity explos...
Ruby-lang Ruby 1.8.6
Ruby-lang Ruby 1.8.7
Ruby-lang Ruby 1.9
1 EDB exploit
5
CVSSv2
CVE-2008-3443
The regular expression engine (regex.c) in Ruby 1.8.5 and previous versions, 1.8.6 up to and including 1.8.6-p286, 1.8.7 up to and including 1.8.7-p71, and 1.9 through r18423 allows remote malicious users to cause a denial of service (infinite loop and crash) via multiple long re...
Ruby-lang Ruby 1.8.1
Ruby-lang Ruby 1.8.2
Ruby-lang Ruby 1.8.4
Ruby-lang Ruby 1.8.5
Ruby-lang Ruby 1.8.6
Ruby-lang Ruby 1.8.7
Ruby-lang Ruby 1.8.0
Ruby-lang Ruby 1.8.3
Ruby-lang Ruby 1.6.8
Ruby-lang Ruby 1.9.0
1 EDB exploit
5
CVSSv2
CVE-2008-1891
Directory traversal vulnerability in WEBrick in Ruby 1.8.4 and previous versions, 1.8.5 prior to 1.8.5-p231, 1.8.6 prior to 1.8.6-p230, 1.8.7 prior to 1.8.7-p22, and 1.9.0 prior to 1.9.0-2, when using NTFS or FAT filesystems, allows remote malicious users to read arbitrary CGI fi...
Ruby-lang Ruby 1.8.5
Ruby-lang Ruby 1.8.6
Ruby-lang Ruby
5
CVSSv2
CVE-2008-1145
Directory traversal vulnerability in WEBrick in Ruby 1.8 prior to 1.8.5-p115 and 1.8.6-p114, and 1.9 up to and including 1.9.0-1, when running on systems that support backslash (\) path separators or case-insensitive file names, allows remote malicious users to access arbitrary f...
Ruby-lang Webrick -
Fedoraproject Fedora 8
Fedoraproject Fedora 7
1 EDB exploit
5
CVSSv2
CVE-2007-5770
The (1) Net::ftptls, (2) Net::telnets, (3) Net::imap, (4) Net::pop, and (5) Net::smtp libraries in Ruby 1.8.5 and 1.8.6 do not verify that the commonName (CN) field in a server certificate matches the domain name in a request sent over SSL, which makes it easier for remote malici...
Ruby-lang Ruby 1.8.5
Ruby-lang Ruby 1.8.6
4.3
CVSSv2
CVE-2013-4363
Algorithmic complexity vulnerability in Gem::Version::ANCHORED_VERSION_PATTERN in lib/rubygems/version.rb in RubyGems prior to 1.8.23.2, 1.8.24 up to and including 1.8.26, 2.0.x prior to 2.0.10, and 2.1.x prior to 2.1.5, as used in Ruby 1.9.0 up to and including 2.0.0p247, allows...
Rubygems Rubygems 2.1.4
Rubygems Rubygems
Rubygems Rubygems 2.0.2
Rubygems Rubygems 2.0.3
Rubygems Rubygems 1.8.24
Rubygems Rubygems 1.8.25
Rubygems Rubygems 1.8.13
Rubygems Rubygems 1.8.14
Rubygems Rubygems 1.8.21
Rubygems Rubygems 1.8.22
Rubygems Rubygems 1.8.9
Rubygems Rubygems 2.1.0
Rubygems Rubygems 2.0.0
Rubygems Rubygems 2.0.4
Rubygems Rubygems 2.0.5
Rubygems Rubygems 1.8.26
Rubygems Rubygems 1.8.0
Rubygems Rubygems 1.8.15
Rubygems Rubygems 1.8.16
Rubygems Rubygems 1.8.17
Rubygems Rubygems 1.8.3
Rubygems Rubygems 1.8.4
4.3
CVSSv2
CVE-2007-5162
The connect method in lib/net/http.rb in the (1) Net::HTTP and (2) Net::HTTPS libraries in Ruby 1.8.5 and 1.8.6 does not verify that the commonName (CN) field in a server certificate matches the domain name in an HTTPS request, which makes it easier for remote malicious users to ...
Ruby-lang Ruby 1.8.5
Ruby-lang Ruby 1.8.6
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3