Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ruby-lang ruby 1.8.7-330 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2011-1005
The safe-level feature in Ruby 1.8.6 up to and including 1.8.6-420, 1.8.7 up to and including 1.8.7-330, and 1.8.8dev allows context-dependent malicious users to modify strings via the Exception#to_s method, as demonstrated by changing an intended pathname.
Ruby-lang Ruby 1.8.6-420
Ruby-lang Ruby 1.8.7-330
Ruby-lang Ruby 1.8.7
Ruby-lang Ruby 1.8.8
Ruby-lang Ruby 1.8.6
NA
CVE-2011-2686
Ruby prior to 1.8.7-p352 does not reset the random seed upon forking, which makes it easier for context-dependent malicious users to predict the values of random numbers by leveraging knowledge of the number sequence obtained in a different child process, a related issue to CVE-2...
Ruby-lang Ruby 1.8.7-302
Ruby-lang Ruby 1.8.7-249
Ruby-lang Ruby 1.8.7-299
Ruby-lang Ruby
Ruby-lang Ruby 1.8.7
Ruby-lang Ruby 1.8.7-330
Ruby-lang Ruby 1.8.7-160
Ruby-lang Ruby 1.8.7-173
Ruby-lang Ruby 1.8.7-p21
Ruby-lang Ruby 1.8.7-248
NA
CVE-2011-2705
The SecureRandom.random_bytes function in lib/securerandom.rb in Ruby prior to 1.8.7-p352 and 1.9.x prior to 1.9.2-p290 relies on PID values for initialization, which makes it easier for context-dependent malicious users to predict the result string by leveraging knowledge of ran...
Ruby-lang Ruby 1.8.7-302
Ruby-lang Ruby 1.8.7-249
Ruby-lang Ruby 1.8.7-299
Ruby-lang Ruby
Ruby-lang Ruby 1.8.7
Ruby-lang Ruby 1.8.7-330
Ruby-lang Ruby 1.8.7-160
Ruby-lang Ruby 1.8.7-173
Ruby-lang Ruby 1.8.7-p21
Ruby-lang Ruby 1.8.7-248
Ruby-lang Ruby 1.9.0-0
Ruby-lang Ruby 1.9.1
Ruby-lang Ruby 1.9.0
Ruby-lang Ruby 1.9.0-1
Ruby-lang Ruby 1.9.0-20070709
Ruby-lang Ruby 1.9.2
Ruby-lang Ruby 1.9.0-20060415
Ruby-lang Ruby 1.9
Ruby-lang Ruby 1.9.0-2
Ruby-lang Ruby 1.9.2-p180
Ruby-lang Ruby 1.9.2-p136
NA
CVE-2011-1004
The FileUtils.remove_entry_secure method in Ruby 1.8.6 up to and including 1.8.6-420, 1.8.7 up to and including 1.8.7-330, 1.8.8dev, 1.9.1 up to and including 1.9.1-430, 1.9.2 up to and including 1.9.2-136, and 1.9.3dev allows local users to delete arbitrary files via a symlink a...
Ruby-lang Ruby 1.9.3
Ruby-lang Ruby 1.9.2
Ruby-lang Ruby 1.9.1
Ruby-lang Ruby 1.8.7
Ruby-lang Ruby 1.8.8
Ruby-lang Ruby 1.8.6
NA
CVE-2013-1821
lib/rexml/text.rb in the REXML parser in Ruby prior to 1.9.3-p392 allows remote malicious users to cause a denial of service (memory consumption and crash) via crafted text nodes in an XML document, aka an XML Entity Expansion (XEE) attack.
Ruby-lang Ruby 1.9.3
Ruby-lang Ruby 1.9.2
Ruby-lang Ruby 1.9.1
Ruby-lang Ruby 1.9
Ruby-lang Ruby
Ruby-lang Ruby 2.0.0
Ruby-lang Ruby 2.0
NA
CVE-2012-4481
The safe-level feature in Ruby 1.8.7 allows context-dependent malicious users to modify strings via the NameError#to_s method when operating on Ruby objects. NOTE: this issue is due to an incomplete fix for CVE-2011-1005.
Ruby-lang Ruby 1.8.7
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30065
CVE-2024-5843
CVE-2024-30080
code execution
CVE-2024-4577
CVE-2024-26169
wireless
remote code execution
CVE-2024-36103
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started