Количество 30
Количество 30
CVE-2019-8325
An issue was discovered in RubyGems 2.6 and later through 3.0.2. Since Gem::CommandManager#run calls alert_error without escaping, escape sequence injection is possible. (There are many ways to cause an error.)
CVE-2019-8325
An issue was discovered in RubyGems 2.6 and later through 3.0.2. Since ...
CVE-2019-8323
An issue was discovered in RubyGems 2.6 and later through 3.0.2. Gem::GemcutterUtilities#with_response may output the API response to stdout as it is. Therefore, if the API side modifies the response, escape sequence injection may occur.
CVE-2019-8323
An issue was discovered in RubyGems 2.6 and later through 3.0.2. Gem::GemcutterUtilities#with_response may output the API response to stdout as it is. Therefore, if the API side modifies the response, escape sequence injection may occur.
CVE-2019-8323
An issue was discovered in RubyGems 2.6 and later through 3.0.2. Gem::GemcutterUtilities#with_response may output the API response to stdout as it is. Therefore, if the API side modifies the response, escape sequence injection may occur.
CVE-2019-8323
An issue was discovered in RubyGems 2.6 and later through 3.0.2. Gem:: ...
GHSA-4wm8-fjv7-j774
RubyGems Escape sequence injection in errors
GHSA-3h4r-pjv6-cph9
RubyGems Escape sequence injection vulnerability in api response handling
BDU:2020-00755
Уязвимость модуля Gem::CommandManage системы управления пакетами RubyGems, связанная с недостаточным экранированием, позволяющая нарушителю нарушить целостность данных
BDU:2020-00754
Уязвимость модуля Gem::GemcutterUtilities системы управления пакетами RubyGems, связанная с выводом содержимого ответа API в стандартный поток вывода, позволяющая нарушителю нарушить целостность данных
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2019-8325 An issue was discovered in RubyGems 2.6 and later through 3.0.2. Since Gem::CommandManager#run calls alert_error without escaping, escape sequence injection is possible. (There are many ways to cause an error.) | CVSS3: 7.5 | 0% Низкий | около 6 лет назад |
| CVE-2019-8325 An issue was discovered in RubyGems 2.6 and later through 3.0.2. Since ... | CVSS3: 7.5 | 0% Низкий | около 6 лет назад |
 | CVE-2019-8323 An issue was discovered in RubyGems 2.6 and later through 3.0.2. Gem::GemcutterUtilities#with_response may output the API response to stdout as it is. Therefore, if the API side modifies the response, escape sequence injection may occur. | CVSS3: 7.5 | 0% Низкий | около 6 лет назад |
 | CVE-2019-8323 An issue was discovered in RubyGems 2.6 and later through 3.0.2. Gem::GemcutterUtilities#with_response may output the API response to stdout as it is. Therefore, if the API side modifies the response, escape sequence injection may occur. | CVSS3: 5.3 | 0% Низкий | больше 6 лет назад |
| CVE-2019-8323 An issue was discovered in RubyGems 2.6 and later through 3.0.2. Gem::GemcutterUtilities#with_response may output the API response to stdout as it is. Therefore, if the API side modifies the response, escape sequence injection may occur. | CVSS3: 7.5 | 0% Низкий | около 6 лет назад |
| CVE-2019-8323 An issue was discovered in RubyGems 2.6 and later through 3.0.2. Gem:: ... | CVSS3: 7.5 | 0% Низкий | около 6 лет назад |
| GHSA-4wm8-fjv7-j774 RubyGems Escape sequence injection in errors | CVSS3: 7.5 | 0% Низкий | почти 6 лет назад |
| GHSA-3h4r-pjv6-cph9 RubyGems Escape sequence injection vulnerability in api response handling | CVSS3: 7.5 | 0% Низкий | почти 6 лет назад |
 | BDU:2020-00755 Уязвимость модуля Gem::CommandManage системы управления пакетами RubyGems, связанная с недостаточным экранированием, позволяющая нарушителю нарушить целостность данных | CVSS3: 7.5 | 0% Низкий | около 6 лет назад |
| BDU:2020-00754 Уязвимость модуля Gem::GemcutterUtilities системы управления пакетами RubyGems, связанная с выводом содержимого ответа API в стандартный поток вывода, позволяющая нарушителю нарушить целостность данных | CVSS3: 7.5 | 0% Низкий | около 6 лет назад |
Уязвимостей на страницу