Количество 25
Количество 25
RLSA-2021:2584
Moderate: ruby:2.7 security, bug fix, and enhancement update
ELSA-2021-2584
ELSA-2021-2584: ruby:2.7 security, bug fix, and enhancement update (MODERATE)
RLSA-2021:2587
Moderate: ruby:2.5 security, bug fix, and enhancement update
ELSA-2021-2587
ELSA-2021-2587: ruby:2.5 security, bug fix, and enhancement update (MODERATE)
RLSA-2021:2588
Moderate: ruby:2.6 security, bug fix, and enhancement update
ELSA-2021-2588
ELSA-2021-2588: ruby:2.6 security, bug fix, and enhancement update (MODERATE)
CVE-2021-28965
The REXML gem before 3.2.5 in Ruby before 2.6.7, 2.7.x before 2.7.3, and 3.x before 3.0.1 does not properly address XML round-trip issues. An incorrect document can be produced after parsing and serializing.
CVE-2021-28965
The REXML gem before 3.2.5 in Ruby before 2.6.7, 2.7.x before 2.7.3, and 3.x before 3.0.1 does not properly address XML round-trip issues. An incorrect document can be produced after parsing and serializing.
CVE-2021-28965
The REXML gem before 3.2.5 in Ruby before 2.6.7, 2.7.x before 2.7.3, and 3.x before 3.0.1 does not properly address XML round-trip issues. An incorrect document can be produced after parsing and serializing.
CVE-2021-28965
CVE-2021-28965
The REXML gem before 3.2.5 in Ruby before 2.6.7, 2.7.x before 2.7.3, a ...
CVE-2020-25613
An issue was discovered in Ruby through 2.5.8, 2.6.x through 2.6.6, and 2.7.x through 2.7.1. WEBrick, a simple HTTP server bundled with Ruby, had not checked the transfer-encoding header value rigorously. An attacker may potentially exploit this issue to bypass a reverse proxy (which also has a poor header check), which may lead to an HTTP Request Smuggling attack.
CVE-2020-25613
An issue was discovered in Ruby through 2.5.8, 2.6.x through 2.6.6, and 2.7.x through 2.7.1. WEBrick, a simple HTTP server bundled with Ruby, had not checked the transfer-encoding header value rigorously. An attacker may potentially exploit this issue to bypass a reverse proxy (which also has a poor header check), which may lead to an HTTP Request Smuggling attack.
CVE-2020-25613
An issue was discovered in Ruby through 2.5.8, 2.6.x through 2.6.6, and 2.7.x through 2.7.1. WEBrick, a simple HTTP server bundled with Ruby, had not checked the transfer-encoding header value rigorously. An attacker may potentially exploit this issue to bypass a reverse proxy (which also has a poor header check), which may lead to an HTTP Request Smuggling attack.
CVE-2020-25613
CVE-2020-25613
An issue was discovered in Ruby through 2.5.8, 2.6.x through 2.6.6, an ...
openSUSE-SU-2021:0607-1
Security update for ruby2.5
SUSE-SU-2021:1280-1
Security update for ruby2.5
GHSA-8cr8-4vfw-mr7h
REXML round-trip instability
BDU:2022-00302
Уязвимость интерпретатора языка программирования Ruby, связанная с неверным ограничением XML-ссылок на внешние объекты, позволяющая нарушителю оказать воздействие на целостность данных
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | RLSA-2021:2584 Moderate: ruby:2.7 security, bug fix, and enhancement update | около 4 лет назад | ||
| ELSA-2021-2584 ELSA-2021-2584: ruby:2.7 security, bug fix, and enhancement update (MODERATE) | около 4 лет назад | ||
| RLSA-2021:2587 Moderate: ruby:2.5 security, bug fix, and enhancement update | около 4 лет назад | ||
| ELSA-2021-2587 ELSA-2021-2587: ruby:2.5 security, bug fix, and enhancement update (MODERATE) | около 4 лет назад | ||
| RLSA-2021:2588 Moderate: ruby:2.6 security, bug fix, and enhancement update | около 4 лет назад | ||
| ELSA-2021-2588 ELSA-2021-2588: ruby:2.6 security, bug fix, and enhancement update (MODERATE) | около 4 лет назад | ||
 | CVE-2021-28965 The REXML gem before 3.2.5 in Ruby before 2.6.7, 2.7.x before 2.7.3, and 3.x before 3.0.1 does not properly address XML round-trip issues. An incorrect document can be produced after parsing and serializing. | CVSS3: 7.5 | 0% Низкий | больше 4 лет назад |
 | CVE-2021-28965 The REXML gem before 3.2.5 in Ruby before 2.6.7, 2.7.x before 2.7.3, and 3.x before 3.0.1 does not properly address XML round-trip issues. An incorrect document can be produced after parsing and serializing. | CVSS3: 7.5 | 0% Низкий | больше 4 лет назад |
 | CVE-2021-28965 The REXML gem before 3.2.5 in Ruby before 2.6.7, 2.7.x before 2.7.3, and 3.x before 3.0.1 does not properly address XML round-trip issues. An incorrect document can be produced after parsing and serializing. | CVSS3: 7.5 | 0% Низкий | больше 4 лет назад |
 | CVSS3: 7.5 | 0% Низкий | больше 4 лет назад | |
| CVE-2021-28965 The REXML gem before 3.2.5 in Ruby before 2.6.7, 2.7.x before 2.7.3, a ... | CVSS3: 7.5 | 0% Низкий | больше 4 лет назад |
| CVE-2020-25613 An issue was discovered in Ruby through 2.5.8, 2.6.x through 2.6.6, and 2.7.x through 2.7.1. WEBrick, a simple HTTP server bundled with Ruby, had not checked the transfer-encoding header value rigorously. An attacker may potentially exploit this issue to bypass a reverse proxy (which also has a poor header check), which may lead to an HTTP Request Smuggling attack. | CVSS3: 7.5 | 0% Низкий | почти 5 лет назад |
| CVE-2020-25613 An issue was discovered in Ruby through 2.5.8, 2.6.x through 2.6.6, and 2.7.x through 2.7.1. WEBrick, a simple HTTP server bundled with Ruby, had not checked the transfer-encoding header value rigorously. An attacker may potentially exploit this issue to bypass a reverse proxy (which also has a poor header check), which may lead to an HTTP Request Smuggling attack. | CVSS3: 7.5 | 0% Низкий | почти 5 лет назад |
| CVE-2020-25613 An issue was discovered in Ruby through 2.5.8, 2.6.x through 2.6.6, and 2.7.x through 2.7.1. WEBrick, a simple HTTP server bundled with Ruby, had not checked the transfer-encoding header value rigorously. An attacker may potentially exploit this issue to bypass a reverse proxy (which also has a poor header check), which may lead to an HTTP Request Smuggling attack. | CVSS3: 7.5 | 0% Низкий | почти 5 лет назад |
| CVSS3: 7.5 | 0% Низкий | почти 5 лет назад | |
| CVE-2020-25613 An issue was discovered in Ruby through 2.5.8, 2.6.x through 2.6.6, an ... | CVSS3: 7.5 | 0% Низкий | почти 5 лет назад |
 | openSUSE-SU-2021:0607-1 Security update for ruby2.5 | 0% Низкий | больше 4 лет назад | |
| SUSE-SU-2021:1280-1 Security update for ruby2.5 | 0% Низкий | больше 4 лет назад | |
| GHSA-8cr8-4vfw-mr7h REXML round-trip instability | CVSS3: 7.5 | 0% Низкий | больше 4 лет назад |
 | BDU:2022-00302 Уязвимость интерпретатора языка программирования Ruby, связанная с неверным ограничением XML-ссылок на внешние объекты, позволяющая нарушителю оказать воздействие на целостность данных | CVSS3: 7.5 | 0% Низкий | больше 4 лет назад |
Уязвимостей на страницу