All the vulnerabilites related to Ruby - Ruby
jvndb-2006-000753
Vulnerability from jvndb
Published
2008-05-21 00:00
Modified
2008-05-21 00:00
Summary
Ruby cgi.rb Denial of Service Vulnerability
Details
The cig.rb class in Ruby cannot handle HTTP requests with MIME multipart data set with an invalid boundry, which could trigger an infinate loop and result in consuming a large amount of CPU respurces.
References
Impacted products
{ "@rdf:about": "https://jvndb.jvn.jp/en/contents/2006/JVNDB-2006-000753.html", "dc:date": "2008-05-21T00:00+09:00", "dcterms:issued": "2008-05-21T00:00+09:00", "dcterms:modified": "2008-05-21T00:00+09:00", "description": "The cig.rb class in Ruby cannot handle HTTP requests with MIME multipart data set with an invalid boundry, which could trigger an infinate loop and result in consuming a large amount of CPU respurces.", "link": "https://jvndb.jvn.jp/en/contents/2006/JVNDB-2006-000753.html", "sec:cpe": [ { "#text": "cpe:/a:ruby-lang:ruby", "@product": "Ruby", "@vendor": "Ruby", "@version": "2.2" }, { "#text": "cpe:/o:misc:miraclelinux_asianux_server", "@product": "Asianux Server", "@vendor": "Cybertrust Japan Co., Ltd.", "@version": "2.2" }, { "#text": "cpe:/o:redhat:enterprise_linux", "@product": "Red Hat Enterprise Linux", "@vendor": "Red Hat, Inc.", "@version": "2.2" }, { "#text": "cpe:/o:redhat:enterprise_linux_desktop", "@product": "Red Hat Enterprise Linux Desktop", "@vendor": "Red Hat, Inc.", "@version": "2.2" }, { "#text": "cpe:/o:turbolinux:turbolinux", "@product": "Turbolinux", "@vendor": "Turbolinux, Inc.", "@version": "2.2" }, { "#text": "cpe:/o:turbolinux:turbolinux_appliance_server", "@product": "Turbolinux Appliance Server", "@vendor": "Turbolinux, Inc.", "@version": "2.2" }, { "#text": "cpe:/o:turbolinux:turbolinux_desktop", "@product": "Turbolinux Desktop", "@vendor": "Turbolinux, Inc.", "@version": "2.2" }, { "#text": "cpe:/o:turbolinux:turbolinux_fuji", "@product": "Turbolinux FUJI", "@vendor": "Turbolinux, Inc.", "@version": "2.2" }, { "#text": "cpe:/o:turbolinux:turbolinux_home", "@product": "Turbolinux Home", "@vendor": "Turbolinux, Inc.", "@version": "2.2" }, { "#text": "cpe:/o:turbolinux:turbolinux_multimedia", "@product": "Turbolinux Multimedia", "@vendor": "Turbolinux, Inc.", "@version": "2.2" }, { "#text": "cpe:/o:turbolinux:turbolinux_personal", "@product": "Turbolinux Personal", "@vendor": "Turbolinux, Inc.", "@version": "2.2" }, { "#text": "cpe:/o:turbolinux:turbolinux_server", "@product": "Turbolinux Server", "@vendor": "Turbolinux, Inc.", "@version": "2.2" } ], "sec:cvss": { "@score": "5.0", "@severity": "Medium", "@type": "Base", "@vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "@version": "2.0" }, "sec:identifier": "JVNDB-2006-000753", "sec:references": [ { "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5467", "@id": "CVE-2006-5467", "@source": "CVE" }, { "#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-5467", "@id": "CVE-2006-5467", "@source": "NVD" }, { "#text": "http://secunia.com/advisories/13123/", "@id": "SA13123", "@source": "SECUNIA" }, { "#text": "http://www.securityfocus.com/bid/20777", "@id": "20777", "@source": "BID" }, { "#text": "http://www.frsirt.com/english/advisories/2006/4244", "@id": "FrSIRT/ADV-2006-4244", "@source": "FRSIRT" } ], "title": "Ruby cgi.rb Denial of Service Vulnerability" }
jvndb-2006-000392
Vulnerability from jvndb
Published
2008-05-21 00:00
Modified
2008-05-21 00:00
Summary
Ruby contains a vulnerability that prevents safe level 4 from functioning as a sandbox.
Details
Safe level is a security model provided by Ruby language that limits the operation of untrusted objects. A vulnerability that allows an attacker to bypass the safe level restrictions and execute inaccessible methods (ex. destructive methods) was confirmed.
References
Impacted products
{ "@rdf:about": "https://jvndb.jvn.jp/en/contents/2006/JVNDB-2006-000392.html", "dc:date": "2008-05-21T00:00+09:00", "dcterms:issued": "2008-05-21T00:00+09:00", "dcterms:modified": "2008-05-21T00:00+09:00", "description": "Safe level is a security model provided by Ruby language that limits the operation of untrusted objects. A vulnerability that allows an attacker to bypass the safe level restrictions and execute inaccessible methods (ex. destructive methods) was confirmed.", "link": "https://jvndb.jvn.jp/en/contents/2006/JVNDB-2006-000392.html", "sec:cpe": [ { "#text": "cpe:/a:ruby-lang:ruby", "@product": "Ruby", "@vendor": "Ruby", "@version": "2.2" }, { "#text": "cpe:/o:misc:miraclelinux_asianux_server", "@product": "Asianux Server", "@vendor": "Cybertrust Japan Co., Ltd.", "@version": "2.2" }, { "#text": "cpe:/o:redhat:enterprise_linux", "@product": "Red Hat Enterprise Linux", "@vendor": "Red Hat, Inc.", "@version": "2.2" } ], "sec:cvss": { "@score": "1.2", "@severity": "Low", "@type": "Base", "@vector": "AV:L/AC:H/Au:N/C:N/I:P/A:N", "@version": "2.0" }, "sec:identifier": "JVNDB-2006-000392", "sec:references": [ { "#text": "http://jvn.jp/en/jp/JVN13947696/index.html", "@id": "JVN#13947696", "@source": "JVN" }, { "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3694", "@id": "CVE-2006-3694", "@source": "CVE" }, { "#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-3694", "@id": "CVE-2006-3694", "@source": "NVD" }, { "#text": "http://secunia.com/advisories/21009/", "@id": "SA21009", "@source": "SECUNIA" }, { "#text": "http://www.securityfocus.com/bid/18944", "@id": "18944", "@source": "BID" }, { "#text": "http://www.frsirt.com/english/advisories/2006/2760", "@id": "FrSIRT/ADV-2006-2760", "@source": "FRSIRT" }, { "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html", "@id": "CWE-DesignError", "@title": "No Mapping(CWE-DesignError)" } ], "title": "Ruby contains a vulnerability that prevents safe level 4 from functioning as a sandbox." }
jvndb-2012-000066
Vulnerability from jvndb
Published
2012-07-06 17:11
Modified
2012-07-06 17:11
Summary
Ruby hash table implementation vulnerable to denial-of-service
Details
The hash table implementation in Ruby contains a denial-of-service (DoS) vulnerability.
The hash table implementation in Ruby contains an issue, where it may intentionally create a series of strings whose hash values collide. As a result, a denial-of-service (DoS) attack may be conducted.
Tanaka Akira of National Institute of Advanced Industrial Science and Technology (AIST) reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
▼ | Type | URL |
---|---|---|
JVN | http://jvn.jp/en/jp/JVN90615481/index.html | |
JVN | http://jvn.jp/cert/JVNVU692779/ | |
CVE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4815 | |
NVD | http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4815 | |
IPA SECURITY ALERTS | http://www.ipa.go.jp/security/ciadr/vul/20120106-web.html | |
CERT-VN | http://www.kb.cert.org/vuls/id/903934 | |
Resource Management Errors(CWE-399) | https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html |
{ "@rdf:about": "https://jvndb.jvn.jp/en/contents/2012/JVNDB-2012-000066.html", "dc:date": "2012-07-06T17:11+09:00", "dcterms:issued": "2012-07-06T17:11+09:00", "dcterms:modified": "2012-07-06T17:11+09:00", "description": "The hash table implementation in Ruby contains a denial-of-service (DoS) vulnerability.\r\n\r\nThe hash table implementation in Ruby contains an issue, where it may intentionally create a series of strings whose hash values collide. As a result, a denial-of-service (DoS) attack may be conducted.\r\n\r\nTanaka Akira of National Institute of Advanced Industrial Science and Technology (AIST) reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.", "link": "https://jvndb.jvn.jp/en/contents/2012/JVNDB-2012-000066.html", "sec:cpe": { "#text": "cpe:/a:ruby-lang:ruby", "@product": "Ruby", "@vendor": "Ruby", "@version": "2.2" }, "sec:cvss": { "@score": "5.0", "@severity": "Medium", "@type": "Base", "@vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "@version": "2.0" }, "sec:identifier": "JVNDB-2012-000066", "sec:references": [ { "#text": "http://jvn.jp/en/jp/JVN90615481/index.html", "@id": "JVN#90615481", "@source": "JVN" }, { "#text": "http://jvn.jp/cert/JVNVU692779/", "@id": "JVNVU#692779", "@source": "JVN" }, { "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4815", "@id": "CVE-2011-4815", "@source": "CVE" }, { "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4815", "@id": "CVE-2011-4815", "@source": "NVD" }, { "#text": "http://www.ipa.go.jp/security/ciadr/vul/20120106-web.html", "@id": "20120106-web", "@source": "IPA SECURITY ALERTS" }, { "#text": "http://www.kb.cert.org/vuls/id/903934", "@id": "VU#903934", "@source": "CERT-VN" }, { "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html", "@id": "CWE-399", "@title": "Resource Management Errors(CWE-399)" } ], "title": "Ruby hash table implementation vulnerable to denial-of-service" }
jvndb-2005-000396
Vulnerability from jvndb
Published
2008-05-21 00:00
Modified
2008-05-21 00:00
Summary
Ruby XMLRPC Arbitrary Command Execution Vulnerability
Details
utils.rb in The Ruby XMLRPC server sets an insecure default value for the public_instance_methods function, which could cause the highly privileged function to be exposed.
References
Impacted products
{ "@rdf:about": "https://jvndb.jvn.jp/en/contents/2005/JVNDB-2005-000396.html", "dc:date": "2008-05-21T00:00+09:00", "dcterms:issued": "2008-05-21T00:00+09:00", "dcterms:modified": "2008-05-21T00:00+09:00", "description": "utils.rb in The Ruby XMLRPC server sets an insecure default value for the public_instance_methods function, which could cause the highly privileged function to be exposed.", "link": "https://jvndb.jvn.jp/en/contents/2005/JVNDB-2005-000396.html", "sec:cpe": [ { "#text": "cpe:/a:ruby-lang:ruby", "@product": "Ruby", "@vendor": "Ruby", "@version": "2.2" }, { "#text": "cpe:/o:redhat:enterprise_linux", "@product": "Red Hat Enterprise Linux", "@vendor": "Red Hat, Inc.", "@version": "2.2" }, { "#text": "cpe:/o:redhat:enterprise_linux_desktop", "@product": "Red Hat Enterprise Linux Desktop", "@vendor": "Red Hat, Inc.", "@version": "2.2" }, { "#text": "cpe:/o:turbolinux:turbolinux_server", "@product": "Turbolinux Server", "@vendor": "Turbolinux, Inc.", "@version": "2.2" } ], "sec:cvss": { "@score": "7.5", "@severity": "High", "@type": "Base", "@vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "@version": "2.0" }, "sec:identifier": "JVNDB-2005-000396", "sec:references": [ { "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1992", "@id": "CVE-2005-1992", "@source": "CVE" }, { "#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2005-1992", "@id": "CVE-2005-1992", "@source": "NVD" }, { "#text": "http://www.kb.cert.org/vuls/id/684913", "@id": "VU#684913", "@source": "CERT-VN" }, { "#text": "http://secunia.com/advisories/15767/", "@id": "SA15767", "@source": "SECUNIA" }, { "#text": "http://www.securityfocus.com/bid/14016", "@id": "14016", "@source": "BID" }, { "#text": "http://securitytracker.com/alerts/2005/Jun/1014253.html", "@id": "1014253", "@source": "SECTRACK" }, { "#text": "http://www.frsirt.com/english/advisories/2005/0833", "@id": "FrSIRT/ADV-2005-0833", "@source": "FRSIRT" } ], "title": "Ruby XMLRPC Arbitrary Command Execution Vulnerability" }
jvndb-2004-000323
Vulnerability from jvndb
Published
2008-05-21 00:00
Modified
2008-05-21 00:00
Summary
Ruby CGI Session Management Insecure File Permission Vulnerability
Details
Ruby uses CGI::Session's FileStore. FileStore creates a session file with improper permission and this could lead to session information leak.
References
Impacted products
{ "@rdf:about": "https://jvndb.jvn.jp/en/contents/2004/JVNDB-2004-000323.html", "dc:date": "2008-05-21T00:00+09:00", "dcterms:issued": "2008-05-21T00:00+09:00", "dcterms:modified": "2008-05-21T00:00+09:00", "description": "Ruby uses CGI::Session\u0027s FileStore. FileStore creates a session file with improper permission and this could lead to session information leak.", "link": "https://jvndb.jvn.jp/en/contents/2004/JVNDB-2004-000323.html", "sec:cpe": [ { "#text": "cpe:/a:ruby-lang:ruby", "@product": "Ruby", "@vendor": "Ruby", "@version": "2.2" }, { "#text": "cpe:/o:redhat:enterprise_linux", "@product": "Red Hat Enterprise Linux", "@vendor": "Red Hat, Inc.", "@version": "2.2" }, { "#text": "cpe:/o:redhat:enterprise_linux_desktop", "@product": "Red Hat Enterprise Linux Desktop", "@vendor": "Red Hat, Inc.", "@version": "2.2" }, { "#text": "cpe:/o:turbolinux:turbolinux", "@product": "Turbolinux", "@vendor": "Turbolinux, Inc.", "@version": "2.2" }, { "#text": "cpe:/o:turbolinux:turbolinux_desktop", "@product": "Turbolinux Desktop", "@vendor": "Turbolinux, Inc.", "@version": "2.2" }, { "#text": "cpe:/o:turbolinux:turbolinux_home", "@product": "Turbolinux Home", "@vendor": "Turbolinux, Inc.", "@version": "2.2" }, { "#text": "cpe:/o:turbolinux:turbolinux_server", "@product": "Turbolinux Server", "@vendor": "Turbolinux, Inc.", "@version": "2.2" }, { "#text": "cpe:/o:turbolinux:turbolinux_workstation", "@product": "Turbolinux Workstation", "@vendor": "Turbolinux, Inc.", "@version": "2.2" } ], "sec:cvss": { "@score": "2.1", "@severity": "Low", "@type": "Base", "@vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "@version": "2.0" }, "sec:identifier": "JVNDB-2004-000323", "sec:references": [ { "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0755", "@id": "CVE-2004-0755", "@source": "CVE" }, { "#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2004-0755", "@id": "CVE-2004-0755", "@source": "NVD" }, { "#text": "http://www.securityfocus.com/bid/10946", "@id": "10946", "@source": "BID" }, { "#text": "http://xforce.iss.net/xforce/xfdb/16996", "@id": "16996", "@source": "XF" } ], "title": "Ruby CGI Session Management Insecure File Permission Vulnerability" }
jvndb-2004-000473
Vulnerability from jvndb
Published
2008-05-21 00:00
Modified
2008-05-21 00:00
Summary
Ruby cgi.rb Denial of Service Vulnerability
Details
Ruby cgi.rb enters an infinite loop which leads it into Ddenial of Service (DoS) due to improper input validation.
References
Impacted products
{ "@rdf:about": "https://jvndb.jvn.jp/en/contents/2004/JVNDB-2004-000473.html", "dc:date": "2008-05-21T00:00+09:00", "dcterms:issued": "2008-05-21T00:00+09:00", "dcterms:modified": "2008-05-21T00:00+09:00", "description": "Ruby cgi.rb enters an infinite loop which leads it into Ddenial of Service (DoS) due to improper input validation.", "link": "https://jvndb.jvn.jp/en/contents/2004/JVNDB-2004-000473.html", "sec:cpe": [ { "#text": "cpe:/a:ruby-lang:ruby", "@product": "Ruby", "@vendor": "Ruby", "@version": "2.2" }, { "#text": "cpe:/o:misc:miraclelinux_asianux_server", "@product": "Asianux Server", "@vendor": "Cybertrust Japan Co., Ltd.", "@version": "2.2" }, { "#text": "cpe:/o:redhat:enterprise_linux", "@product": "Red Hat Enterprise Linux", "@vendor": "Red Hat, Inc.", "@version": "2.2" }, { "#text": "cpe:/o:redhat:enterprise_linux_desktop", "@product": "Red Hat Enterprise Linux Desktop", "@vendor": "Red Hat, Inc.", "@version": "2.2" }, { "#text": "cpe:/o:turbolinux:turbolinux", "@product": "Turbolinux", "@vendor": "Turbolinux, Inc.", "@version": "2.2" }, { "#text": "cpe:/o:turbolinux:turbolinux_desktop", "@product": "Turbolinux Desktop", "@vendor": "Turbolinux, Inc.", "@version": "2.2" }, { "#text": "cpe:/o:turbolinux:turbolinux_home", "@product": "Turbolinux Home", "@vendor": "Turbolinux, Inc.", "@version": "2.2" }, { "#text": "cpe:/o:turbolinux:turbolinux_server", "@product": "Turbolinux Server", "@vendor": "Turbolinux, Inc.", "@version": "2.2" }, { "#text": "cpe:/o:turbolinux:turbolinux_workstation", "@product": "Turbolinux Workstation", "@vendor": "Turbolinux, Inc.", "@version": "2.2" } ], "sec:cvss": { "@score": "5.0", "@severity": "Medium", "@type": "Base", "@vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "@version": "2.0" }, "sec:identifier": "JVNDB-2004-000473", "sec:references": [ { "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0983", "@id": "CVE-2004-0983", "@source": "CVE" }, { "#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2004-0983", "@id": "CVE-2004-0983", "@source": "NVD" }, { "#text": "http://secunia.com/advisories/13123/", "@id": "SA13123", "@source": "SECUNIA" }, { "#text": "http://www.securityfocus.com/bid/11618", "@id": "11618", "@source": "BID" }, { "#text": "http://xforce.iss.net/xforce/xfdb/17985", "@id": "17985", "@source": "XF" }, { "#text": "http://securitytracker.com/id?1012120", "@id": "1012120", "@source": "SECTRACK" } ], "title": "Ruby cgi.rb Denial of Service Vulnerability" }
jvndb-2005-000695
Vulnerability from jvndb
Published
2008-05-21 00:00
Modified
2008-05-21 00:00
Summary
Ruby XMLRPC Server Denial of Service Vulnerability
Details
The User-level thread supported in Ruby does not switch while writing to a socket. This in turn blocks all subsequent procrsses when specially crafted requests are sent to the Web server and could result in a denial of service.
References
Impacted products
{ "@rdf:about": "https://jvndb.jvn.jp/en/contents/2005/JVNDB-2005-000695.html", "dc:date": "2008-05-21T00:00+09:00", "dcterms:issued": "2008-05-21T00:00+09:00", "dcterms:modified": "2008-05-21T00:00+09:00", "description": "The User-level thread supported in Ruby does not switch while writing to a socket. This in turn blocks all subsequent procrsses when specially crafted requests are sent to the Web server and could result in a denial of service.", "link": "https://jvndb.jvn.jp/en/contents/2005/JVNDB-2005-000695.html", "sec:cpe": [ { "#text": "cpe:/a:ruby-lang:ruby", "@product": "Ruby", "@vendor": "Ruby", "@version": "2.2" }, { "#text": "cpe:/o:misc:miraclelinux_asianux_server", "@product": "Asianux Server", "@vendor": "Cybertrust Japan Co., Ltd.", "@version": "2.2" }, { "#text": "cpe:/o:redhat:enterprise_linux", "@product": "Red Hat Enterprise Linux", "@vendor": "Red Hat, Inc.", "@version": "2.2" }, { "#text": "cpe:/o:redhat:enterprise_linux_desktop", "@product": "Red Hat Enterprise Linux Desktop", "@vendor": "Red Hat, Inc.", "@version": "2.2" } ], "sec:cvss": { "@score": "5.0", "@severity": "Medium", "@type": "Base", "@vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "@version": "2.0" }, "sec:identifier": "JVNDB-2005-000695", "sec:references": [ { "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1931", "@id": "CVE-2006-1931", "@source": "CVE" }, { "#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-1931", "@id": "CVE-2006-1931", "@source": "NVD" }, { "#text": "http://secunia.com/advisories/16904/", "@id": "SA16904", "@source": "SECUNIA" }, { "#text": "http://www.securityfocus.com/bid/17645", "@id": "17645", "@source": "BID" }, { "#text": "http://xforce.iss.net/xforce/xfdb/26102", "@id": "26102", "@source": "XF" }, { "#text": "http://securitytracker.com/id?1015978", "@id": "1015978", "@source": "SECTRACK" }, { "#text": "http://www.osvdb.org/24972", "@id": "24972", "@source": "OSVDB" } ], "title": "Ruby XMLRPC Server Denial of Service Vulnerability" }
jvndb-2006-000858
Vulnerability from jvndb
Published
2008-05-21 00:00
Modified
2008-05-21 00:00
Summary
Ruby vulnerability caused by a problem with the alias funtion so that safe level 4 does not function as a sandbox
Details
Safe levels exist as a part of the Ruby language security model, in order to limit the operation of untrusted objects. Ruby contains a vulnerability which may allow an attacker to bypass the safe level restrictions and execute normally inaccessible methods, due to a problem in Ruby's alias function.
References
Impacted products
{ "@rdf:about": "https://jvndb.jvn.jp/en/contents/2006/JVNDB-2006-000858.html", "dc:date": "2008-05-21T00:00+09:00", "dcterms:issued": "2008-05-21T00:00+09:00", "dcterms:modified": "2008-05-21T00:00+09:00", "description": "Safe levels exist as a part of the Ruby language security model, in order to limit the operation of untrusted objects. Ruby contains a vulnerability which may allow an attacker to bypass the safe level restrictions and execute normally inaccessible methods, due to a problem in Ruby\u0027s alias function.", "link": "https://jvndb.jvn.jp/en/contents/2006/JVNDB-2006-000858.html", "sec:cpe": [ { "#text": "cpe:/a:ruby-lang:ruby", "@product": "Ruby", "@vendor": "Ruby", "@version": "2.2" }, { "#text": "cpe:/o:misc:miraclelinux_asianux_server", "@product": "Asianux Server", "@vendor": "Cybertrust Japan Co., Ltd.", "@version": "2.2" }, { "#text": "cpe:/o:redhat:enterprise_linux", "@product": "Red Hat Enterprise Linux", "@vendor": "Red Hat, Inc.", "@version": "2.2" } ], "sec:cvss": { "@score": "1.2", "@severity": "Low", "@type": "Base", "@vector": "AV:L/AC:H/Au:N/C:N/I:P/A:N", "@version": "2.0" }, "sec:identifier": "JVNDB-2006-000858", "sec:references": [ { "#text": "http://jvn.jp/en/jp/JVN83768862/index.html", "@id": "JVN#83768862", "@source": "JVN" }, { "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3694", "@id": "CVE-2006-3694", "@source": "CVE" }, { "#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-3694", "@id": "CVE-2006-3694", "@source": "NVD" }, { "#text": "http://secunia.com/advisories/21009/", "@id": "SA21009", "@source": "SECUNIA" }, { "#text": "http://www.securityfocus.com/bid/18944", "@id": "18944", "@source": "BID" }, { "#text": "http://www.frsirt.com/english/advisories/2006/2760", "@id": "FrSIRT/ADV-2006-2760", "@source": "FRSIRT" }, { "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html", "@id": "CWE-DesignError", "@title": "No Mapping(CWE-DesignError)" } ], "title": "Ruby vulnerability caused by a problem with the alias funtion so that safe level 4 does not function as a sandbox" }
jvndb-2006-000808
Vulnerability from jvndb
Published
2008-05-21 00:00
Modified
2008-11-14 12:20
Summary
Denial of service vulnerability in Ruby CGI library (cgi.rb)
Details
cgi.rb, a standard library in Ruby, contains a denial of service vulnerability.
This vulnerability is different from CVE-2006-5467.
References
Impacted products
{ "@rdf:about": "https://jvndb.jvn.jp/en/contents/2006/JVNDB-2006-000808.html", "dc:date": "2008-11-14T12:20+09:00", "dcterms:issued": "2008-05-21T00:00+09:00", "dcterms:modified": "2008-11-14T12:20+09:00", "description": "cgi.rb, a standard library in Ruby, contains a denial of service vulnerability.\r\n\r\nThis vulnerability is different from CVE-2006-5467.", "link": "https://jvndb.jvn.jp/en/contents/2006/JVNDB-2006-000808.html", "sec:cpe": [ { "#text": "cpe:/a:ruby-lang:ruby", "@product": "Ruby", "@vendor": "Ruby", "@version": "2.2" }, { "#text": "cpe:/o:misc:miraclelinux_asianux_server", "@product": "Asianux Server", "@vendor": "Cybertrust Japan Co., Ltd.", "@version": "2.2" }, { "#text": "cpe:/o:redhat:enterprise_linux", "@product": "Red Hat Enterprise Linux", "@vendor": "Red Hat, Inc.", "@version": "2.2" }, { "#text": "cpe:/o:redhat:enterprise_linux_desktop", "@product": "Red Hat Enterprise Linux Desktop", "@vendor": "Red Hat, Inc.", "@version": "2.2" }, { "#text": "cpe:/o:turbolinux:turbolinux", "@product": "Turbolinux", "@vendor": "Turbolinux, Inc.", "@version": "2.2" }, { "#text": "cpe:/o:turbolinux:turbolinux_appliance_server", "@product": "Turbolinux Appliance Server", "@vendor": "Turbolinux, Inc.", "@version": "2.2" }, { "#text": "cpe:/o:turbolinux:turbolinux_desktop", "@product": "Turbolinux Desktop", "@vendor": "Turbolinux, Inc.", "@version": "2.2" }, { "#text": "cpe:/o:turbolinux:turbolinux_fuji", "@product": "Turbolinux FUJI", "@vendor": "Turbolinux, Inc.", "@version": "2.2" }, { "#text": "cpe:/o:turbolinux:turbolinux_home", "@product": "Turbolinux Home", "@vendor": "Turbolinux, Inc.", "@version": "2.2" }, { "#text": "cpe:/o:turbolinux:turbolinux_multimedia", "@product": "Turbolinux Multimedia", "@vendor": "Turbolinux, Inc.", "@version": "2.2" }, { "#text": "cpe:/o:turbolinux:turbolinux_personal", "@product": "Turbolinux Personal", "@vendor": "Turbolinux, Inc.", "@version": "2.2" }, { "#text": "cpe:/o:turbolinux:turbolinux_server", "@product": "Turbolinux Server", "@vendor": "Turbolinux, Inc.", "@version": "2.2" } ], "sec:cvss": { "@score": "5.0", "@severity": "Medium", "@type": "Base", "@vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "@version": "2.0" }, "sec:identifier": "JVNDB-2006-000808", "sec:references": [ { "#text": "http://jvn.jp/en/jp/JVN84798830/index.html", "@id": "JVN#84798830", "@source": "JVN" }, { "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6303", "@id": "CVE-2006-6303", "@source": "CVE" }, { "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-6303", "@id": "CVE-2006-6303", "@source": "NVD" }, { "#text": "http://secunia.com/advisories/13123/", "@id": "SA13123", "@source": "SECUNIA" }, { "#text": "http://www.securityfocus.com/bid/21441", "@id": "21441", "@source": "BID" }, { "#text": "http://xforce.iss.net/xforce/xfdb/30734", "@id": "30734", "@source": "XF" }, { "#text": "http://securitytracker.com/id?1017363", "@id": "1017363", "@source": "SECTRACK" }, { "#text": "http://www.frsirt.com/english/advisories/2006/4855", "@id": "FrSIRT/ADV-2006-4855", "@source": "FRSIRT" }, { "#text": "http://jvndb.jvn.jp/ja/contents/2006/JVNDB-2006-000808.html", "@id": "JVNDB-2006-000808", "@source": "JVNDB_Ja" }, { "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html", "@id": "CWE-399", "@title": "Resource Management Errors(CWE-399)" } ], "title": "Denial of service vulnerability in Ruby CGI library (cgi.rb)" }
jvndb-2005-000538
Vulnerability from jvndb
Published
2008-05-21 00:00
Modified
2008-05-21 00:00
Summary
Ruby vulnerability allowing to bypass safe level 4 as a sandbox
Details
Ruby is a object-oriented scripting language that supports execution of untrusted code with two mechanisms: "object taint" and "safe level". Ruby contains a vulnerability that may allow an attacker to execute an arbitrary script by bypassing the "safe level" checks.
References
Impacted products
{ "@rdf:about": "https://jvndb.jvn.jp/en/contents/2005/JVNDB-2005-000538.html", "dc:date": "2008-05-21T00:00+09:00", "dcterms:issued": "2008-05-21T00:00+09:00", "dcterms:modified": "2008-05-21T00:00+09:00", "description": "Ruby is a object-oriented scripting language that supports execution of untrusted code with two mechanisms: \"object taint\" and \"safe level\". Ruby contains a vulnerability that may allow an attacker to execute an arbitrary script by bypassing the \"safe level\" checks.", "link": "https://jvndb.jvn.jp/en/contents/2005/JVNDB-2005-000538.html", "sec:cpe": [ { "#text": "cpe:/a:ruby-lang:ruby", "@product": "Ruby", "@vendor": "Ruby", "@version": "2.2" }, { "#text": "cpe:/o:misc:miraclelinux_asianux_server", "@product": "Asianux Server", "@vendor": "Cybertrust Japan Co., Ltd.", "@version": "2.2" }, { "#text": "cpe:/o:redhat:enterprise_linux", "@product": "Red Hat Enterprise Linux", "@vendor": "Red Hat, Inc.", "@version": "2.2" } ], "sec:cvss": { "@score": "4.4", "@severity": "Medium", "@type": "Base", "@vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P", "@version": "2.0" }, "sec:identifier": "JVNDB-2005-000538", "sec:references": [ { "#text": "http://jvn.jp/en/jp/JVN62914675/index.html", "@id": "JVN#62914675", "@source": "JVN" }, { "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2337", "@id": "CVE-2005-2337", "@source": "CVE" }, { "#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2005-2337", "@id": "CVE-2005-2337", "@source": "NVD" }, { "#text": "http://www.kb.cert.org/vuls/id/160012", "@id": "VU#160012", "@source": "CERT-VN" }, { "#text": "http://www.securityfocus.com/bid/14909", "@id": "14909", "@source": "BID" } ], "title": "Ruby vulnerability allowing to bypass safe level 4 as a sandbox" }
cve-2016-2336
Vulnerability from cvelistv5
Published
2017-01-06 21:00
Modified
2024-08-05 23:24
Severity ?
EPSS score ?
Summary
Type confusion exists in two methods of Ruby's WIN32OLE class, ole_invoke and ole_query_interface. Attacker passing different type of object than this assumed by developers can cause arbitrary code execution.
References
▼ | URL | Tags |
---|---|---|
http://www.talosintelligence.com/reports/TALOS-2016-0029/ | x_refsource_MISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T23:24:48.901Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.talosintelligence.com/reports/TALOS-2016-0029/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Ruby", "vendor": "Ruby", "versions": [ { "status": "affected", "version": "2.3.0 dev" }, { "status": "affected", "version": "2.2.2" } ] } ], "datePublic": "2016-06-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Type confusion exists in two methods of Ruby\u0027s WIN32OLE class, ole_invoke and ole_query_interface. Attacker passing different type of object than this assumed by developers can cause arbitrary code execution." } ], "problemTypes": [ { "descriptions": [ { "description": "type confusion", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-01-06T20:57:01", "orgId": "37e5125f-f79b-445b-8fad-9564f167944b", "shortName": "certcc" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "http://www.talosintelligence.com/reports/TALOS-2016-0029/" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cert@cert.org", "ID": "CVE-2016-2336", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Ruby", "version": { "version_data": [ { "version_value": "2.3.0 dev" }, { "version_value": "2.2.2" } ] } } ] }, "vendor_name": "Ruby" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Type confusion exists in two methods of Ruby\u0027s WIN32OLE class, ole_invoke and ole_query_interface. Attacker passing different type of object than this assumed by developers can cause arbitrary code execution." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "type confusion" } ] } ] }, "references": { "reference_data": [ { "name": "http://www.talosintelligence.com/reports/TALOS-2016-0029/", "refsource": "MISC", "url": "http://www.talosintelligence.com/reports/TALOS-2016-0029/" } ] } } } }, "cveMetadata": { "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b", "assignerShortName": "certcc", "cveId": "CVE-2016-2336", "datePublished": "2017-01-06T21:00:00", "dateReserved": "2016-02-12T00:00:00", "dateUpdated": "2024-08-05T23:24:48.901Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-2339
Vulnerability from cvelistv5
Published
2017-01-06 21:00
Modified
2024-08-05 23:24
Severity ?
EPSS score ?
Summary
An exploitable heap overflow vulnerability exists in the Fiddle::Function.new "initialize" function functionality of Ruby. In Fiddle::Function.new "initialize" heap buffer "arg_types" allocation is made based on args array length. Specially constructed object passed as element of args array can increase this array size after mentioned allocation and cause heap overflow.
References
▼ | URL | Tags |
---|---|---|
https://lists.debian.org/debian-lts-announce/2018/07/msg00012.html | mailing-list, x_refsource_MLIST | |
http://www.securityfocus.com/bid/91234 | vdb-entry, x_refsource_BID | |
http://www.talosintelligence.com/reports/TALOS-2016-0034/ | x_refsource_MISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T23:24:48.934Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "[debian-lts-announce] 20180714 [SECURITY] [DLA 1421-1] ruby2.1 security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00012.html" }, { "name": "91234", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/91234" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.talosintelligence.com/reports/TALOS-2016-0034/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Ruby", "vendor": "Ruby", "versions": [ { "status": "affected", "version": "2.3.0 dev" }, { "status": "affected", "version": "2.2.2" } ] } ], "datePublic": "2016-06-14T00:00:00", "descriptions": [ { "lang": "en", "value": "An exploitable heap overflow vulnerability exists in the Fiddle::Function.new \"initialize\" function functionality of Ruby. In Fiddle::Function.new \"initialize\" heap buffer \"arg_types\" allocation is made based on args array length. Specially constructed object passed as element of args array can increase this array size after mentioned allocation and cause heap overflow." } ], "problemTypes": [ { "descriptions": [ { "description": "heap overflow vulnerability", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-07-14T09:57:01", "orgId": "37e5125f-f79b-445b-8fad-9564f167944b", "shortName": "certcc" }, "references": [ { "name": "[debian-lts-announce] 20180714 [SECURITY] [DLA 1421-1] ruby2.1 security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00012.html" }, { "name": "91234", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/91234" }, { "tags": [ "x_refsource_MISC" ], "url": "http://www.talosintelligence.com/reports/TALOS-2016-0034/" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cert@cert.org", "ID": "CVE-2016-2339", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Ruby", "version": { "version_data": [ { "version_value": "2.3.0 dev" }, { "version_value": "2.2.2" } ] } } ] }, "vendor_name": "Ruby" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An exploitable heap overflow vulnerability exists in the Fiddle::Function.new \"initialize\" function functionality of Ruby. In Fiddle::Function.new \"initialize\" heap buffer \"arg_types\" allocation is made based on args array length. Specially constructed object passed as element of args array can increase this array size after mentioned allocation and cause heap overflow." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "heap overflow vulnerability" } ] } ] }, "references": { "reference_data": [ { "name": "[debian-lts-announce] 20180714 [SECURITY] [DLA 1421-1] ruby2.1 security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00012.html" }, { "name": "91234", "refsource": "BID", "url": "http://www.securityfocus.com/bid/91234" }, { "name": "http://www.talosintelligence.com/reports/TALOS-2016-0034/", "refsource": "MISC", "url": "http://www.talosintelligence.com/reports/TALOS-2016-0034/" } ] } } } }, "cveMetadata": { "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b", "assignerShortName": "certcc", "cveId": "CVE-2016-2339", "datePublished": "2017-01-06T21:00:00", "dateReserved": "2016-02-12T00:00:00", "dateUpdated": "2024-08-05T23:24:48.934Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-2337
Vulnerability from cvelistv5
Published
2017-01-06 21:00
Modified
2024-08-05 23:24
Severity ?
EPSS score ?
Summary
Type confusion exists in _cancel_eval Ruby's TclTkIp class method. Attacker passing different type of object than String as "retval" argument can cause arbitrary code execution.
References
▼ | URL | Tags |
---|---|---|
http://www.talosintelligence.com/reports/TALOS-2016-0031/ | x_refsource_MISC | |
http://www.securityfocus.com/bid/91233 | vdb-entry, x_refsource_BID | |
https://lists.debian.org/debian-lts-announce/2018/08/msg00028.html | mailing-list, x_refsource_MLIST | |
https://security.gentoo.org/glsa/201710-18 | vendor-advisory, x_refsource_GENTOO |
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T23:24:49.158Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.talosintelligence.com/reports/TALOS-2016-0031/" }, { "name": "91233", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/91233" }, { "name": "[debian-lts-announce] 20180827 [SECURITY] [DLA 1480-1] ruby2.1 security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00028.html" }, { "name": "GLSA-201710-18", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201710-18" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Ruby", "vendor": "Ruby", "versions": [ { "status": "affected", "version": "2.3.0 dev" }, { "status": "affected", "version": "2.2.2" } ] }, { "product": "Tcl/Tk", "vendor": "Tcl", "versions": [ { "status": "affected", "version": "8.6 or later" } ] } ], "datePublic": "2016-06-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Type confusion exists in _cancel_eval Ruby\u0027s TclTkIp class method. Attacker passing different type of object than String as \"retval\" argument can cause arbitrary code execution." } ], "problemTypes": [ { "descriptions": [ { "description": "type confusion", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-08-28T09:57:01", "orgId": "37e5125f-f79b-445b-8fad-9564f167944b", "shortName": "certcc" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "http://www.talosintelligence.com/reports/TALOS-2016-0031/" }, { "name": "91233", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/91233" }, { "name": "[debian-lts-announce] 20180827 [SECURITY] [DLA 1480-1] ruby2.1 security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00028.html" }, { "name": "GLSA-201710-18", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201710-18" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cert@cert.org", "ID": "CVE-2016-2337", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Ruby", "version": { "version_data": [ { "version_value": "2.3.0 dev" }, { "version_value": "2.2.2" } ] } } ] }, "vendor_name": "Ruby" }, { "product": { "product_data": [ { "product_name": "Tcl/Tk", "version": { "version_data": [ { "version_value": "8.6 or later" } ] } } ] }, "vendor_name": "Tcl" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Type confusion exists in _cancel_eval Ruby\u0027s TclTkIp class method. Attacker passing different type of object than String as \"retval\" argument can cause arbitrary code execution." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "type confusion" } ] } ] }, "references": { "reference_data": [ { "name": "http://www.talosintelligence.com/reports/TALOS-2016-0031/", "refsource": "MISC", "url": "http://www.talosintelligence.com/reports/TALOS-2016-0031/" }, { "name": "91233", "refsource": "BID", "url": "http://www.securityfocus.com/bid/91233" }, { "name": "[debian-lts-announce] 20180827 [SECURITY] [DLA 1480-1] ruby2.1 security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00028.html" }, { "name": "GLSA-201710-18", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201710-18" } ] } } } }, "cveMetadata": { "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b", "assignerShortName": "certcc", "cveId": "CVE-2016-2337", "datePublished": "2017-01-06T21:00:00", "dateReserved": "2016-02-12T00:00:00", "dateUpdated": "2024-08-05T23:24:49.158Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2011-3624
Vulnerability from cvelistv5
Published
2019-11-26 02:50
Modified
2024-08-06 23:37
Severity ?
EPSS score ?
Summary
Various methods in WEBrick::HTTPRequest in Ruby 1.9.2 and 1.8.7 and earlier do not validate the X-Forwarded-For, X-Forwarded-Host and X-Forwarded-Server headers in requests, which might allow remote attackers to inject arbitrary text into log files or bypass intended address parsing via a crafted header.
References
▼ | URL | Tags |
---|---|---|
https://security-tracker.debian.org/tracker/CVE-2011-3624 | x_refsource_MISC | |
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-3624 | x_refsource_MISC | |
https://access.redhat.com/security/cve/cve-2011-3624 | x_refsource_MISC | |
https://redmine.ruby-lang.org/issues/5418 | x_refsource_MISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T23:37:48.555Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://security-tracker.debian.org/tracker/CVE-2011-3624" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-3624" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://access.redhat.com/security/cve/cve-2011-3624" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://redmine.ruby-lang.org/issues/5418" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Ruby", "vendor": "Ruby", "versions": [ { "status": "affected", "version": "1.9.2" }, { "status": "affected", "version": "1.8.7 and earlier" } ] } ], "descriptions": [ { "lang": "en", "value": "Various methods in WEBrick::HTTPRequest in Ruby 1.9.2 and 1.8.7 and earlier do not validate the X-Forwarded-For, X-Forwarded-Host and X-Forwarded-Server headers in requests, which might allow remote attackers to inject arbitrary text into log files or bypass intended address parsing via a crafted header." } ], "problemTypes": [ { "descriptions": [ { "description": "UNKNOWN_TYPE", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2019-12-11T21:51:22", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://security-tracker.debian.org/tracker/CVE-2011-3624" }, { "tags": [ "x_refsource_MISC" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-3624" }, { "tags": [ "x_refsource_MISC" ], "url": "https://access.redhat.com/security/cve/cve-2011-3624" }, { "tags": [ "x_refsource_MISC" ], "url": "https://redmine.ruby-lang.org/issues/5418" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2011-3624", "datePublished": "2019-11-26T02:50:40", "dateReserved": "2011-09-21T00:00:00", "dateUpdated": "2024-08-06T23:37:48.555Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2015-1855
Vulnerability from cvelistv5
Published
2019-11-29 20:46
Modified
2024-08-06 04:54
Severity ?
EPSS score ?
Summary
verify_certificate_identity in the OpenSSL extension in Ruby before 2.0.0 patchlevel 645, 2.1.x before 2.1.6, and 2.2.x before 2.2.2 does not properly validate hostnames, which allows remote attackers to spoof servers via vectors related to (1) multiple wildcards, (1) wildcards in IDNA names, (3) case sensitivity, and (4) non-ASCII characters.
References
▼ | URL | Tags |
---|---|---|
http://www.debian.org/security/2015/dsa-3247 | x_refsource_MISC | |
http://www.debian.org/security/2015/dsa-3245 | x_refsource_MISC | |
http://www.debian.org/security/2015/dsa-3246 | x_refsource_MISC | |
https://www.ruby-lang.org/en/news/2015/04/13/ruby-openssl-hostname-matching-vulnerability/ | x_refsource_MISC | |
https://puppetlabs.com/security/cve/cve-2015-1855 | x_refsource_MISC | |
https://bugs.ruby-lang.org/issues/9644 | x_refsource_MISC |
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T04:54:16.307Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.debian.org/security/2015/dsa-3247" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.debian.org/security/2015/dsa-3245" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.debian.org/security/2015/dsa-3246" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.ruby-lang.org/en/news/2015/04/13/ruby-openssl-hostname-matching-vulnerability/" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://puppetlabs.com/security/cve/cve-2015-1855" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://bugs.ruby-lang.org/issues/9644" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Ruby", "vendor": "Ruby", "versions": [ { "status": "affected", "version": "before 2.0.0 patchlevel 645" }, { "status": "affected", "version": "2.1.x before 2.1.6" }, { "status": "affected", "version": "and 2.2.x before 2.2.2" } ] } ], "datePublic": "2015-05-02T00:00:00", "descriptions": [ { "lang": "en", "value": "verify_certificate_identity in the OpenSSL extension in Ruby before 2.0.0 patchlevel 645, 2.1.x before 2.1.6, and 2.2.x before 2.2.2 does not properly validate hostnames, which allows remote attackers to spoof servers via vectors related to (1) multiple wildcards, (1) wildcards in IDNA names, (3) case sensitivity, and (4) non-ASCII characters." } ], "problemTypes": [ { "descriptions": [ { "description": "Other", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2019-11-29T20:46:48", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "http://www.debian.org/security/2015/dsa-3247" }, { "tags": [ "x_refsource_MISC" ], "url": "http://www.debian.org/security/2015/dsa-3245" }, { "tags": [ "x_refsource_MISC" ], "url": "http://www.debian.org/security/2015/dsa-3246" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.ruby-lang.org/en/news/2015/04/13/ruby-openssl-hostname-matching-vulnerability/" }, { "tags": [ "x_refsource_MISC" ], "url": "https://puppetlabs.com/security/cve/cve-2015-1855" }, { "tags": [ "x_refsource_MISC" ], "url": "https://bugs.ruby-lang.org/issues/9644" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2015-1855", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Ruby", "version": { "version_data": [ { "version_value": "before 2.0.0 patchlevel 645" }, { "version_value": "2.1.x before 2.1.6" }, { "version_value": "and 2.2.x before 2.2.2" } ] } } ] }, "vendor_name": "Ruby" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "verify_certificate_identity in the OpenSSL extension in Ruby before 2.0.0 patchlevel 645, 2.1.x before 2.1.6, and 2.2.x before 2.2.2 does not properly validate hostnames, which allows remote attackers to spoof servers via vectors related to (1) multiple wildcards, (1) wildcards in IDNA names, (3) case sensitivity, and (4) non-ASCII characters." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Other" } ] } ] }, "references": { "reference_data": [ { "name": "http://www.debian.org/security/2015/dsa-3247", "refsource": "MISC", "url": "http://www.debian.org/security/2015/dsa-3247" }, { "name": "http://www.debian.org/security/2015/dsa-3245", "refsource": "MISC", "url": "http://www.debian.org/security/2015/dsa-3245" }, { "name": "http://www.debian.org/security/2015/dsa-3246", "refsource": "MISC", "url": "http://www.debian.org/security/2015/dsa-3246" }, { "name": "https://www.ruby-lang.org/en/news/2015/04/13/ruby-openssl-hostname-matching-vulnerability/", "refsource": "MISC", "url": "https://www.ruby-lang.org/en/news/2015/04/13/ruby-openssl-hostname-matching-vulnerability/" }, { "name": "https://puppetlabs.com/security/cve/cve-2015-1855", "refsource": "MISC", "url": "https://puppetlabs.com/security/cve/cve-2015-1855" }, { "name": "https://bugs.ruby-lang.org/issues/9644", "refsource": "MISC", "url": "https://bugs.ruby-lang.org/issues/9644" } ] } } } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2015-1855", "datePublished": "2019-11-29T20:46:48", "dateReserved": "2015-02-17T00:00:00", "dateUpdated": "2024-08-06T04:54:16.307Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }