Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ruby-lang ruby 2.1.1 vulnerabilities and exploits
(subscribe to this query)
516
VMScore
CVE-2014-2734
The openssl extension in Ruby 2.x does not properly maintain the state of process memory after a file is reopened, which allows remote malicious users to spoof signatures within the context of a Ruby script that attempts signature verification after performing a certain sequence ...
Ruby-lang Ruby 2.0.0
Ruby-lang Ruby 2.1.1
Ruby-lang Ruby 2.0
Ruby-lang Ruby 2.1
1 Github repository
668
VMScore
CVE-2009-5147
DL::dlopen in Ruby 1.8, 1.9.0, 1.9.2, 1.9.3, 2.0.0 before patchlevel 648, and 2.1 prior to 2.1.8 opens libraries with tainted names.
Ruby-lang Ruby 2.0.0
Ruby-lang Ruby 2.1.4
Ruby-lang Ruby 1.9.0
Ruby-lang Ruby 2.1.3
Ruby-lang Ruby 2.1.0
Ruby-lang Ruby 2.1.7
Ruby-lang Ruby 2.1.1
Ruby-lang Ruby 1.9.2
Ruby-lang Ruby 2.1.6
Ruby-lang Ruby 1.8.0
Ruby-lang Ruby 1.9.3
Ruby-lang Ruby 2.1.2
Ruby-lang Ruby 2.1.5
1 Github repository
410
VMScore
CVE-2015-7551
The Fiddle::Handle implementation in ext/fiddle/handle.c in Ruby prior to 2.0.0-p648, 2.1 prior to 2.1.8, and 2.2 prior to 2.2.4, as distributed in Apple OS X prior to 10.11.4 and other products, mishandles tainting, which allows context-dependent malicious users to execute arbit...
Apple Mac Os X
Ruby-lang Ruby 2.2.0
Ruby-lang Ruby 2.1.4
Ruby-lang Ruby 2.1.3
Ruby-lang Ruby 2.1.0
Ruby-lang Ruby 2.1.7
Ruby-lang Ruby
Ruby-lang Ruby 2.1.1
Ruby-lang Ruby 2.1.6
Ruby-lang Ruby 2.2.3
Ruby-lang Ruby 2.1.2
Ruby-lang Ruby 2.2.1
Ruby-lang Ruby 2.1.5
Ruby-lang Ruby 2.2.2
3 Github repositories
445
VMScore
CVE-2015-3900
RubyGems 2.0.x prior to 2.0.16, 2.2.x prior to 2.2.4, and 2.4.x prior to 2.4.7 does not validate the hostname when fetching gems or making API requests, which allows remote malicious users to redirect requests to arbitrary domains via a crafted DNS SRV record, aka a "DNS hij...
Ruby-lang Ruby 2.0.0
Ruby-lang Ruby 2.2.0
Ruby-lang Ruby 2.1.4
Ruby-lang Ruby 2.1.3
Ruby-lang Ruby 2.1.1
Ruby-lang Ruby 1.9.2
Ruby-lang Ruby 1.9.1
Ruby-lang Ruby 1.9.3
Ruby-lang Ruby 1.9
Ruby-lang Ruby 2.1.2
Ruby-lang Ruby 2.1
Ruby-lang Ruby 2.1.5
Rubygems Rubygems 2.4.3
Rubygems Rubygems 2.2.1
Rubygems Rubygems 2.2.2
Rubygems Rubygems 2.0.13
Rubygems Rubygems 2.0.6
Rubygems Rubygems 2.0.15
Rubygems Rubygems 2.0.5
Rubygems Rubygems 2.0.4
Rubygems Rubygems 2.2.0
Rubygems Rubygems 2.4.5
1 Github repository
1 Article
383
VMScore
CVE-2013-4363
Algorithmic complexity vulnerability in Gem::Version::ANCHORED_VERSION_PATTERN in lib/rubygems/version.rb in RubyGems prior to 1.8.23.2, 1.8.24 up to and including 1.8.26, 2.0.x prior to 2.0.10, and 2.1.x prior to 2.1.5, as used in Ruby 1.9.0 up to and including 2.0.0p247, allows...
Rubygems Rubygems 1.8.24
Rubygems Rubygems 1.8.16
Rubygems Rubygems 2.1.0
Rubygems Rubygems 2.0.0
Rubygems Rubygems 2.0.6
Rubygems Rubygems 1.8.20
Rubygems Rubygems 1.8.0
Rubygems Rubygems 2.0.5
Rubygems Rubygems 2.0.4
Rubygems Rubygems 1.8.8
Rubygems Rubygems 1.8.12
Rubygems Rubygems 1.8.22
Rubygems Rubygems 1.8.17
Rubygems Rubygems 2.1.1
Rubygems Rubygems 1.8.15
Rubygems Rubygems 1.8.5
Rubygems Rubygems 2.1.4
Rubygems Rubygems 1.8.21
Rubygems Rubygems 1.8.2
Rubygems Rubygems 1.8.26
Rubygems Rubygems 1.8.9
Rubygems Rubygems 2.0.3
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-0044
client side
CVE-2021-47601
deserialization
CVE-2024-34994
encryption
CVE-2021-47609
CVE-2024-37079
CVE-2024-38608
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started