Количество 46
Количество 46
CVE-2021-41819
CGI::Cookie.parse in Ruby through 2.6.8 mishandles security prefixes in cookie names. This also affects the CGI gem through 0.3.0 for Ruby.
CVE-2021-41819
CGI::Cookie.parse in Ruby through 2.6.8 mishandles security prefixes in cookie names. This also affects the CGI gem through 0.3.0 for Ruby.
CVE-2021-41819
CVE-2021-41819
CGI::Cookie.parse in Ruby through 2.6.8 mishandles security prefixes i ...
ROS-20220516-06
Множественные уязвимости Ruby
SUSE-SU-2023:4176-1
Security update for ruby2.5
SUSE-SU-2022:3292-1
Security update for ruby2.5
GHSA-4vf4-qmvg-mh7h
Cookie Prefix Spoofing in CGI::Cookie.parse
BDU:2022-05837
Уязвимость функции CGI::Cookie.parse языка программирования Ruby, позволяющая нарушителю оказать воздействие на целостность данных
CVE-2022-28738
A double free was found in the Regexp compiler in Ruby 3.x before 3.0.4 and 3.1.x before 3.1.2. If a victim attempts to create a Regexp from untrusted user input, an attacker may be able to write to unexpected memory locations.
CVE-2022-28738
A double free was found in the Regexp compiler in Ruby 3.x before 3.0.4 and 3.1.x before 3.1.2. If a victim attempts to create a Regexp from untrusted user input, an attacker may be able to write to unexpected memory locations.
CVE-2022-28738
A double free was found in the Regexp compiler in Ruby 3.x before 3.0.4 and 3.1.x before 3.1.2. If a victim attempts to create a Regexp from untrusted user input, an attacker may be able to write to unexpected memory locations.
CVE-2022-28738
A double free was found in the Regexp compiler in Ruby 3.x before 3.0. ...
CVE-2022-28739
There is a buffer over-read in Ruby before 2.6.10, 2.7.x before 2.7.6, 3.x before 3.0.4, and 3.1.x before 3.1.2. It occurs in String-to-Float conversion, including Kernel#Float and String#to_f.
CVE-2022-28739
There is a buffer over-read in Ruby before 2.6.10, 2.7.x before 2.7.6, 3.x before 3.0.4, and 3.1.x before 3.1.2. It occurs in String-to-Float conversion, including Kernel#Float and String#to_f.
CVE-2022-28739
There is a buffer over-read in Ruby before 2.6.10, 2.7.x before 2.7.6, 3.x before 3.0.4, and 3.1.x before 3.1.2. It occurs in String-to-Float conversion, including Kernel#Float and String#to_f.
CVE-2022-28739
CVE-2022-28739
There is a buffer over-read in Ruby before 2.6.10, 2.7.x before 2.7.6, ...
GHSA-8pqg-8p79-j5j8
A double free was found in the Regexp compiler in Ruby 3.x before 3.0.4 and 3.1.x before 3.1.2. If a victim attempts to create a Regexp from untrusted user input, an attacker may be able to write to unexpected memory locations.
BDU:2022-03068
Уязвимость реализации класса Regexp интерпретатора языка программирования Ruby, позволяющая нарушителю вызвать отказ в обслуживании
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2021-41819 CGI::Cookie.parse in Ruby through 2.6.8 mishandles security prefixes in cookie names. This also affects the CGI gem through 0.3.0 for Ruby. | CVSS3: 7.5 | 1% Низкий | больше 3 лет назад |
 | CVE-2021-41819 CGI::Cookie.parse in Ruby through 2.6.8 mishandles security prefixes in cookie names. This also affects the CGI gem through 0.3.0 for Ruby. | CVSS3: 7.5 | 1% Низкий | больше 3 лет назад |
 | CVSS3: 7.5 | 1% Низкий | больше 3 лет назад | |
| CVE-2021-41819 CGI::Cookie.parse in Ruby through 2.6.8 mishandles security prefixes i ... | CVSS3: 7.5 | 1% Низкий | больше 3 лет назад |
 | ROS-20220516-06 Множественные уязвимости Ruby | около 3 лет назад | ||
 | SUSE-SU-2023:4176-1 Security update for ruby2.5 | больше 1 года назад | ||
| SUSE-SU-2022:3292-1 Security update for ruby2.5 | 1% Низкий | почти 3 года назад | |
| GHSA-4vf4-qmvg-mh7h Cookie Prefix Spoofing in CGI::Cookie.parse | CVSS3: 7.5 | 1% Низкий | больше 3 лет назад |
 | BDU:2022-05837 Уязвимость функции CGI::Cookie.parse языка программирования Ruby, позволяющая нарушителю оказать воздействие на целостность данных | CVSS3: 7.5 | 1% Низкий | больше 3 лет назад |
 | CVE-2022-28738 A double free was found in the Regexp compiler in Ruby 3.x before 3.0.4 and 3.1.x before 3.1.2. If a victim attempts to create a Regexp from untrusted user input, an attacker may be able to write to unexpected memory locations. | CVSS3: 9.8 | 0% Низкий | около 3 лет назад |
| CVE-2022-28738 A double free was found in the Regexp compiler in Ruby 3.x before 3.0.4 and 3.1.x before 3.1.2. If a victim attempts to create a Regexp from untrusted user input, an attacker may be able to write to unexpected memory locations. | CVSS3: 7.7 | 0% Низкий | около 3 лет назад |
| CVE-2022-28738 A double free was found in the Regexp compiler in Ruby 3.x before 3.0.4 and 3.1.x before 3.1.2. If a victim attempts to create a Regexp from untrusted user input, an attacker may be able to write to unexpected memory locations. | CVSS3: 9.8 | 0% Низкий | около 3 лет назад |
| CVE-2022-28738 A double free was found in the Regexp compiler in Ruby 3.x before 3.0. ... | CVSS3: 9.8 | 0% Низкий | около 3 лет назад |
| CVE-2022-28739 There is a buffer over-read in Ruby before 2.6.10, 2.7.x before 2.7.6, 3.x before 3.0.4, and 3.1.x before 3.1.2. It occurs in String-to-Float conversion, including Kernel#Float and String#to_f. | CVSS3: 7.5 | 0% Низкий | около 3 лет назад |
| CVE-2022-28739 There is a buffer over-read in Ruby before 2.6.10, 2.7.x before 2.7.6, 3.x before 3.0.4, and 3.1.x before 3.1.2. It occurs in String-to-Float conversion, including Kernel#Float and String#to_f. | CVSS3: 6.2 | 0% Низкий | около 3 лет назад |
| CVE-2022-28739 There is a buffer over-read in Ruby before 2.6.10, 2.7.x before 2.7.6, 3.x before 3.0.4, and 3.1.x before 3.1.2. It occurs in String-to-Float conversion, including Kernel#Float and String#to_f. | CVSS3: 7.5 | 0% Низкий | около 3 лет назад |
| CVSS3: 7.5 | 0% Низкий | около 3 лет назад | |
| CVE-2022-28739 There is a buffer over-read in Ruby before 2.6.10, 2.7.x before 2.7.6, ... | CVSS3: 7.5 | 0% Низкий | около 3 лет назад |
| GHSA-8pqg-8p79-j5j8 A double free was found in the Regexp compiler in Ruby 3.x before 3.0.4 and 3.1.x before 3.1.2. If a victim attempts to create a Regexp from untrusted user input, an attacker may be able to write to unexpected memory locations. | CVSS3: 9.8 | 0% Низкий | около 3 лет назад |
| BDU:2022-03068 Уязвимость реализации класса Regexp интерпретатора языка программирования Ruby, позволяющая нарушителю вызвать отказ в обслуживании | CVSS3: 6.2 | 0% Низкий | около 3 лет назад |
Уязвимостей на страницу