Количество 37
Количество 37
BDU:2023-02020
Уязвимость библиотеки Time интерпретатора Ruby, позволяющая нарушителю вызвать отказ в обслуживании
CVE-2023-36617
A ReDoS issue was discovered in the URI component before 0.12.2 for Ruby. The URI parser mishandles invalid URLs that have specific characters. There is an increase in execution time for parsing strings to URI objects with rfc2396_parser.rb and rfc3986_parser.rb. NOTE: this issue exists becuse of an incomplete fix for CVE-2023-28755. Version 0.10.3 is also a fixed version.
CVE-2023-36617
A ReDoS issue was discovered in the URI component before 0.12.2 for Ruby. The URI parser mishandles invalid URLs that have specific characters. There is an increase in execution time for parsing strings to URI objects with rfc2396_parser.rb and rfc3986_parser.rb. NOTE: this issue exists becuse of an incomplete fix for CVE-2023-28755. Version 0.10.3 is also a fixed version.
CVE-2023-36617
A ReDoS issue was discovered in the URI component before 0.12.2 for Ruby. The URI parser mishandles invalid URLs that have specific characters. There is an increase in execution time for parsing strings to URI objects with rfc2396_parser.rb and rfc3986_parser.rb. NOTE: this issue exists becuse of an incomplete fix for CVE-2023-28755. Version 0.10.3 is also a fixed version.
CVE-2023-36617
CVE-2023-36617
A ReDoS issue was discovered in the URI component before 0.12.2 for Ru ...
CVE-2021-33621
The cgi gem before 0.1.0.2, 0.2.x before 0.2.2, and 0.3.x before 0.3.5 for Ruby allows HTTP response splitting. This is relevant to applications that use untrusted user input either to generate an HTTP response or to create a CGI::Cookie object.
CVE-2021-33621
The cgi gem before 0.1.0.2, 0.2.x before 0.2.2, and 0.3.x before 0.3.5 for Ruby allows HTTP response splitting. This is relevant to applications that use untrusted user input either to generate an HTTP response or to create a CGI::Cookie object.
CVE-2021-33621
The cgi gem before 0.1.0.2, 0.2.x before 0.2.2, and 0.3.x before 0.3.5 for Ruby allows HTTP response splitting. This is relevant to applications that use untrusted user input either to generate an HTTP response or to create a CGI::Cookie object.
CVE-2021-33621
The cgi gem before 0.1.0.2, 0.2.x before 0.2.2, and 0.3.x before 0.3.5 ...
GHSA-hww2-5g85-429m
URI gem has ReDoS vulnerability
BDU:2024-00198
Уязвимость компонентов rfc2396_parser.rb и rfc3986_parser.rb языка программирования Ruby, позволяющее нарушителю вызвать отказ в обслуживании
GHSA-vc47-6rqg-c7f5
HTTP response splitting in CGI
BDU:2023-03834
Уязвимость компонента CGI языка программирования Ruby, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
ROS-20240827-04
Уязвимость ruby
ELSA-2024-4499
ELSA-2024-4499: ruby security update (MODERATE)
ROS-20230929-01
Множественные уязвимости Puppet
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | BDU:2023-02020 Уязвимость библиотеки Time интерпретатора Ruby, позволяющая нарушителю вызвать отказ в обслуживании | CVSS3: 7.5 | 1% Низкий | около 2 лет назад |
 | CVE-2023-36617 A ReDoS issue was discovered in the URI component before 0.12.2 for Ruby. The URI parser mishandles invalid URLs that have specific characters. There is an increase in execution time for parsing strings to URI objects with rfc2396_parser.rb and rfc3986_parser.rb. NOTE: this issue exists becuse of an incomplete fix for CVE-2023-28755. Version 0.10.3 is also a fixed version. | CVSS3: 5.3 | 1% Низкий | почти 2 года назад |
 | CVE-2023-36617 A ReDoS issue was discovered in the URI component before 0.12.2 for Ruby. The URI parser mishandles invalid URLs that have specific characters. There is an increase in execution time for parsing strings to URI objects with rfc2396_parser.rb and rfc3986_parser.rb. NOTE: this issue exists becuse of an incomplete fix for CVE-2023-28755. Version 0.10.3 is also a fixed version. | CVSS3: 5.3 | 1% Низкий | почти 2 года назад |
 | CVE-2023-36617 A ReDoS issue was discovered in the URI component before 0.12.2 for Ruby. The URI parser mishandles invalid URLs that have specific characters. There is an increase in execution time for parsing strings to URI objects with rfc2396_parser.rb and rfc3986_parser.rb. NOTE: this issue exists becuse of an incomplete fix for CVE-2023-28755. Version 0.10.3 is also a fixed version. | CVSS3: 5.3 | 1% Низкий | почти 2 года назад |
 | CVSS3: 5.3 | 1% Низкий | почти 2 года назад | |
| CVE-2023-36617 A ReDoS issue was discovered in the URI component before 0.12.2 for Ru ... | CVSS3: 5.3 | 1% Низкий | почти 2 года назад |
| CVE-2021-33621 The cgi gem before 0.1.0.2, 0.2.x before 0.2.2, and 0.3.x before 0.3.5 for Ruby allows HTTP response splitting. This is relevant to applications that use untrusted user input either to generate an HTTP response or to create a CGI::Cookie object. | CVSS3: 8.8 | 2% Низкий | больше 2 лет назад |
| CVE-2021-33621 The cgi gem before 0.1.0.2, 0.2.x before 0.2.2, and 0.3.x before 0.3.5 for Ruby allows HTTP response splitting. This is relevant to applications that use untrusted user input either to generate an HTTP response or to create a CGI::Cookie object. | CVSS3: 8.8 | 2% Низкий | больше 2 лет назад |
| CVE-2021-33621 The cgi gem before 0.1.0.2, 0.2.x before 0.2.2, and 0.3.x before 0.3.5 for Ruby allows HTTP response splitting. This is relevant to applications that use untrusted user input either to generate an HTTP response or to create a CGI::Cookie object. | CVSS3: 8.8 | 2% Низкий | больше 2 лет назад |
| CVE-2021-33621 The cgi gem before 0.1.0.2, 0.2.x before 0.2.2, and 0.3.x before 0.3.5 ... | CVSS3: 8.8 | 2% Низкий | больше 2 лет назад |
| GHSA-hww2-5g85-429m URI gem has ReDoS vulnerability | CVSS3: 5.3 | 1% Низкий | почти 2 года назад |
| BDU:2024-00198 Уязвимость компонентов rfc2396_parser.rb и rfc3986_parser.rb языка программирования Ruby, позволяющее нарушителю вызвать отказ в обслуживании | CVSS3: 5.3 | 1% Низкий | почти 2 года назад |
| GHSA-vc47-6rqg-c7f5 HTTP response splitting in CGI | CVSS3: 8.8 | 2% Низкий | больше 2 лет назад |
| BDU:2023-03834 Уязвимость компонента CGI языка программирования Ruby, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании | CVSS3: 8.8 | 2% Низкий | больше 2 лет назад |
 | ROS-20240827-04 Уязвимость ruby | CVSS3: 8.8 | 2% Низкий | 10 месяцев назад |
| ELSA-2024-4499 ELSA-2024-4499: ruby security update (MODERATE) | 11 месяцев назад | ||
| ROS-20230929-01 Множественные уязвимости Puppet | CVSS3: 7.5 | больше 1 года назад |
Уязвимостей на страницу