Количество 19
Количество 19
CVE-2021-31810
An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. A malicious FTP server can use the PASV response to trick Net::FTP into connecting back to a given IP address and port. This potentially makes curl extract information about services that are otherwise private and not disclosed (e.g., the attacker can conduct port scans and service banner extractions).
CVE-2021-31810
An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. A malicious FTP server can use the PASV response to trick Net::FTP into connecting back to a given IP address and port. This potentially makes curl extract information about services that are otherwise private and not disclosed (e.g., the attacker can conduct port scans and service banner extractions).
CVE-2021-31810
An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. A malicious FTP server can use the PASV response to trick Net::FTP into connecting back to a given IP address and port. This potentially makes curl extract information about services that are otherwise private and not disclosed (e.g., the attacker can conduct port scans and service banner extractions).
CVE-2021-31810
An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, an ...
GHSA-wr95-679j-87v9
An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. A malicious FTP server can use the PASV response to trick Net::FTP into connecting back to a given IP address and port. This potentially makes curl extract information about services that are otherwise private and not disclosed (e.g., the attacker can conduct port scans and service banner extractions).
BDU:2021-04565
Уязвимость реализации класса Net::FTP интерпретатора Ruby, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
openSUSE-SU-2021:3838-1
Security update for ruby2.5
openSUSE-SU-2021:1535-1
Security update for ruby2.5
SUSE-SU-2021:3838-1
Security update for ruby2.5
RLSA-2022:0672
Moderate: ruby:2.5 security update
ELSA-2022-0672
ELSA-2022-0672: ruby:2.5 security update (MODERATE)
ELSA-2022-0672-1
ELSA-2022-0672-1: ruby:2.5 security update (MODERATE)
SUSE-SU-2021:3837-1
Security update for ruby2.1
ROS-20240723-03
Множественные уязвимости ruby
RLSA-2021:3020
Important: ruby:2.7 security update
ELSA-2021-3020
ELSA-2021-3020: ruby:2.7 security update (IMPORTANT)
SUSE-SU-2022:1512-1
Security update for ruby2.5
RLSA-2022:0543
Important: ruby:2.6 security update
ELSA-2022-0543
ELSA-2022-0543: ruby:2.6 security update (IMPORTANT)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2021-31810 An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. A malicious FTP server can use the PASV response to trick Net::FTP into connecting back to a given IP address and port. This potentially makes curl extract information about services that are otherwise private and not disclosed (e.g., the attacker can conduct port scans and service banner extractions). | CVSS3: 5.8 | 1% Низкий | около 4 лет назад |
 | CVE-2021-31810 An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. A malicious FTP server can use the PASV response to trick Net::FTP into connecting back to a given IP address and port. This potentially makes curl extract information about services that are otherwise private and not disclosed (e.g., the attacker can conduct port scans and service banner extractions). | CVSS3: 5.4 | 1% Низкий | около 4 лет назад |
 | CVE-2021-31810 An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. A malicious FTP server can use the PASV response to trick Net::FTP into connecting back to a given IP address and port. This potentially makes curl extract information about services that are otherwise private and not disclosed (e.g., the attacker can conduct port scans and service banner extractions). | CVSS3: 5.8 | 1% Низкий | около 4 лет назад |
| CVE-2021-31810 An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, an ... | CVSS3: 5.8 | 1% Низкий | около 4 лет назад |
| GHSA-wr95-679j-87v9 An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. A malicious FTP server can use the PASV response to trick Net::FTP into connecting back to a given IP address and port. This potentially makes curl extract information about services that are otherwise private and not disclosed (e.g., the attacker can conduct port scans and service banner extractions). | CVSS3: 5.8 | 1% Низкий | около 3 лет назад |
 | BDU:2021-04565 Уязвимость реализации класса Net::FTP интерпретатора Ruby, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации | CVSS3: 6.5 | 1% Низкий | больше 4 лет назад |
 | openSUSE-SU-2021:3838-1 Security update for ruby2.5 | больше 3 лет назад | ||
| openSUSE-SU-2021:1535-1 Security update for ruby2.5 | больше 3 лет назад | ||
| SUSE-SU-2021:3838-1 Security update for ruby2.5 | больше 3 лет назад | ||
 | RLSA-2022:0672 Moderate: ruby:2.5 security update | больше 3 лет назад | ||
| ELSA-2022-0672 ELSA-2022-0672: ruby:2.5 security update (MODERATE) | больше 3 лет назад | ||
| ELSA-2022-0672-1 ELSA-2022-0672-1: ruby:2.5 security update (MODERATE) | больше 3 лет назад | ||
| SUSE-SU-2021:3837-1 Security update for ruby2.1 | больше 3 лет назад | ||
 | ROS-20240723-03 Множественные уязвимости ruby | CVSS3: 6.5 | около 1 года назад | |
| RLSA-2021:3020 Important: ruby:2.7 security update | около 4 лет назад | ||
| ELSA-2021-3020 ELSA-2021-3020: ruby:2.7 security update (IMPORTANT) | около 4 лет назад | ||
| SUSE-SU-2022:1512-1 Security update for ruby2.5 | больше 3 лет назад | ||
| RLSA-2022:0543 Important: ruby:2.6 security update | больше 3 лет назад | ||
| ELSA-2022-0543 ELSA-2022-0543: ruby:2.6 security update (IMPORTANT) | больше 3 лет назад |
Уязвимостей на страницу