Количество 19
Количество 19
BDU:2021-04565
Уязвимость реализации класса Net::FTP интерпретатора Ruby, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
ROS-20240723-03
Множественные уязвимости ruby
CVE-2021-31810
An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. A malicious FTP server can use the PASV response to trick Net::FTP into connecting back to a given IP address and port. This potentially makes curl extract information about services that are otherwise private and not disclosed (e.g., the attacker can conduct port scans and service banner extractions).
CVE-2021-31810
An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. A malicious FTP server can use the PASV response to trick Net::FTP into connecting back to a given IP address and port. This potentially makes curl extract information about services that are otherwise private and not disclosed (e.g., the attacker can conduct port scans and service banner extractions).
CVE-2021-31810
An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. A malicious FTP server can use the PASV response to trick Net::FTP into connecting back to a given IP address and port. This potentially makes curl extract information about services that are otherwise private and not disclosed (e.g., the attacker can conduct port scans and service banner extractions).
CVE-2021-31810
An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, an ...
GHSA-wr95-679j-87v9
An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. A malicious FTP server can use the PASV response to trick Net::FTP into connecting back to a given IP address and port. This potentially makes curl extract information about services that are otherwise private and not disclosed (e.g., the attacker can conduct port scans and service banner extractions).
openSUSE-SU-2021:3838-1
Security update for ruby2.5
openSUSE-SU-2021:1535-1
Security update for ruby2.5
SUSE-SU-2021:3838-1
Security update for ruby2.5
RLSA-2022:0672
Moderate: ruby:2.5 security update
ELSA-2022-0672
ELSA-2022-0672: ruby:2.5 security update (MODERATE)
ELSA-2022-0672-1
ELSA-2022-0672-1: ruby:2.5 security update (MODERATE)
SUSE-SU-2021:3837-1
Security update for ruby2.1
RLSA-2021:3020
Important: ruby:2.7 security update
ELSA-2021-3020
ELSA-2021-3020: ruby:2.7 security update (IMPORTANT)
SUSE-SU-2022:1512-1
Security update for ruby2.5
RLSA-2022:0543
Important: ruby:2.6 security update
ELSA-2022-0543
ELSA-2022-0543: ruby:2.6 security update (IMPORTANT)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | BDU:2021-04565 Уязвимость реализации класса Net::FTP интерпретатора Ruby, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации | CVSS3: 6.5 | 1% Низкий | около 4 лет назад |
 | ROS-20240723-03 Множественные уязвимости ruby | CVSS3: 6.5 | 11 месяцев назад | |
 | CVE-2021-31810 An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. A malicious FTP server can use the PASV response to trick Net::FTP into connecting back to a given IP address and port. This potentially makes curl extract information about services that are otherwise private and not disclosed (e.g., the attacker can conduct port scans and service banner extractions). | CVSS3: 5.8 | 1% Низкий | почти 4 года назад |
 | CVE-2021-31810 An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. A malicious FTP server can use the PASV response to trick Net::FTP into connecting back to a given IP address and port. This potentially makes curl extract information about services that are otherwise private and not disclosed (e.g., the attacker can conduct port scans and service banner extractions). | CVSS3: 5.4 | 1% Низкий | почти 4 года назад |
 | CVE-2021-31810 An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. A malicious FTP server can use the PASV response to trick Net::FTP into connecting back to a given IP address and port. This potentially makes curl extract information about services that are otherwise private and not disclosed (e.g., the attacker can conduct port scans and service banner extractions). | CVSS3: 5.8 | 1% Низкий | почти 4 года назад |
| CVE-2021-31810 An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, an ... | CVSS3: 5.8 | 1% Низкий | почти 4 года назад |
| GHSA-wr95-679j-87v9 An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. A malicious FTP server can use the PASV response to trick Net::FTP into connecting back to a given IP address and port. This potentially makes curl extract information about services that are otherwise private and not disclosed (e.g., the attacker can conduct port scans and service banner extractions). | CVSS3: 5.8 | 1% Низкий | около 3 лет назад |
 | openSUSE-SU-2021:3838-1 Security update for ruby2.5 | больше 3 лет назад | ||
| openSUSE-SU-2021:1535-1 Security update for ruby2.5 | больше 3 лет назад | ||
| SUSE-SU-2021:3838-1 Security update for ruby2.5 | больше 3 лет назад | ||
 | RLSA-2022:0672 Moderate: ruby:2.5 security update | больше 3 лет назад | ||
| ELSA-2022-0672 ELSA-2022-0672: ruby:2.5 security update (MODERATE) | больше 3 лет назад | ||
| ELSA-2022-0672-1 ELSA-2022-0672-1: ruby:2.5 security update (MODERATE) | больше 3 лет назад | ||
| SUSE-SU-2021:3837-1 Security update for ruby2.1 | больше 3 лет назад | ||
| RLSA-2021:3020 Important: ruby:2.7 security update | почти 4 года назад | ||
| ELSA-2021-3020 ELSA-2021-3020: ruby:2.7 security update (IMPORTANT) | почти 4 года назад | ||
| SUSE-SU-2022:1512-1 Security update for ruby2.5 | около 3 лет назад | ||
| RLSA-2022:0543 Important: ruby:2.6 security update | больше 3 лет назад | ||
| ELSA-2022-0543 ELSA-2022-0543: ruby:2.6 security update (IMPORTANT) | больше 3 лет назад |
Уязвимостей на страницу