Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
rest-client project rest-client vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2019-15224
The rest-client gem 1.6.10 up to and including 1.6.13 for Ruby, as distributed on RubyGems.org, included a code-execution backdoor inserted by a third party. Versions <=1.6.9 and >=1.6.14 are unaffected.
Rest-client Project Rest-client
1 Article
7.5
CVSSv2
CVE-2015-1820
REST client for Ruby (aka rest-client) prior to 1.8.0 allows remote malicious users to conduct session fixation attacks or obtain sensitive cookie information by leveraging passage of cookies set in a response to a redirect.
Rest-client Project Rest-client
2.1
CVSSv2
CVE-2015-3448
REST client for Ruby (aka rest-client) prior to 1.7.3 logs usernames and passwords, which allows local users to obtain sensitive information by reading the log.
Rest-client Project Rest-client
NA
CVE-2024-25503
Cross Site Scripting (XSS) vulnerability in Advanced REST Client v.17.0.9 allows a remote malicious user to execute arbitrary code and obtain sensitive information via a crafted script to the edit details parameter of the New Project function.
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started