Количество 50
Количество 50
CVE-2022-28739
There is a buffer over-read in Ruby before 2.6.10, 2.7.x before 2.7.6, 3.x before 3.0.4, and 3.1.x before 3.1.2. It occurs in String-to-Float conversion, including Kernel#Float and String#to_f.
CVE-2022-28739
There is a buffer over-read in Ruby before 2.6.10 2.7.x before 2.7.6 3.x before 3.0.4 and 3.1.x before 3.1.2. It occurs in String-to-Float conversion including Kernel#Float and String#to_f.
CVE-2022-28739
There is a buffer over-read in Ruby before 2.6.10, 2.7.x before 2.7.6, ...
RLSA-2022:5338
Moderate: ruby:2.6 security, bug fix, and enhancement update
GHSA-mvgc-rxvg-hqc6
There is a buffer over-read in Ruby before 2.6.10, 2.7.x before 2.7.6, 3.x before 3.0.4, and 3.1.x before 3.1.2. It occurs in String-to-Float conversion, including Kernel#Float and String#to_f.
ELSA-2023-12064
ELSA-2023-12064: ruby:2.5 security update (IMPORTANT)
ELSA-2022-5338
ELSA-2022-5338: ruby:2.6 security, bug fix, and enhancement update (MODERATE)
BDU:2022-03067
Уязвимость методов алгоритма преобразования строки в число с плавающей запятой Kernel#Float и String#to_f интерпретатора языка программирования Ruby, позволяющая нарушителю вызвать отказ в обслуживании
RLSA-2022:6585
Moderate: ruby security, bug fix, and enhancement update
ELSA-2022-6585
ELSA-2022-6585: ruby security, bug fix, and enhancement update (MODERATE)
CVE-2021-33621
The cgi gem before 0.1.0.2, 0.2.x before 0.2.2, and 0.3.x before 0.3.5 for Ruby allows HTTP response splitting. This is relevant to applications that use untrusted user input either to generate an HTTP response or to create a CGI::Cookie object.
CVE-2021-33621
The cgi gem before 0.1.0.2, 0.2.x before 0.2.2, and 0.3.x before 0.3.5 for Ruby allows HTTP response splitting. This is relevant to applications that use untrusted user input either to generate an HTTP response or to create a CGI::Cookie object.
CVE-2021-33621
The cgi gem before 0.1.0.2, 0.2.x before 0.2.2, and 0.3.x before 0.3.5 for Ruby allows HTTP response splitting. This is relevant to applications that use untrusted user input either to generate an HTTP response or to create a CGI::Cookie object.
CVE-2021-33621
The cgi gem before 0.1.0.2, 0.2.x before 0.2.2, and 0.3.x before 0.3.5 ...
RLSA-2022:6447
Moderate: ruby:2.7 security, bug fix, and enhancement update
ELSA-2022-6447
ELSA-2022-6447: ruby:2.7 security, bug fix, and enhancement update (MODERATE)
CVE-2023-28755
A ReDoS issue was discovered in the URI component through 0.12.0 in Ruby through 3.2.1. The URI parser mishandles invalid URLs that have specific characters. It causes an increase in execution time for parsing strings to URI objects. The fixed versions are 0.12.1, 0.11.1, 0.10.2 and 0.10.0.1.
CVE-2023-28755
A ReDoS issue was discovered in the URI component through 0.12.0 in Ruby through 3.2.1. The URI parser mishandles invalid URLs that have specific characters. It causes an increase in execution time for parsing strings to URI objects. The fixed versions are 0.12.1, 0.11.1, 0.10.2 and 0.10.0.1.
CVE-2023-28755
A ReDoS issue was discovered in the URI component through 0.12.0 in Ruby through 3.2.1. The URI parser mishandles invalid URLs that have specific characters. It causes an increase in execution time for parsing strings to URI objects. The fixed versions are 0.12.1, 0.11.1, 0.10.2 and 0.10.0.1.
CVE-2023-28755
A ReDoS issue was discovered in the URI component through 0.12.0 in Ru ...
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2022-28739 There is a buffer over-read in Ruby before 2.6.10, 2.7.x before 2.7.6, 3.x before 3.0.4, and 3.1.x before 3.1.2. It occurs in String-to-Float conversion, including Kernel#Float and String#to_f. | CVSS3: 7.5 | 1% Низкий | больше 3 лет назад |
 | CVE-2022-28739 There is a buffer over-read in Ruby before 2.6.10 2.7.x before 2.7.6 3.x before 3.0.4 and 3.1.x before 3.1.2. It occurs in String-to-Float conversion including Kernel#Float and String#to_f. | CVSS3: 7.5 | 1% Низкий | больше 3 лет назад |
| CVE-2022-28739 There is a buffer over-read in Ruby before 2.6.10, 2.7.x before 2.7.6, ... | CVSS3: 7.5 | 1% Низкий | больше 3 лет назад |
 | RLSA-2022:5338 Moderate: ruby:2.6 security, bug fix, and enhancement update | 1% Низкий | больше 3 лет назад | |
| GHSA-mvgc-rxvg-hqc6 There is a buffer over-read in Ruby before 2.6.10, 2.7.x before 2.7.6, 3.x before 3.0.4, and 3.1.x before 3.1.2. It occurs in String-to-Float conversion, including Kernel#Float and String#to_f. | CVSS3: 7.5 | 1% Низкий | больше 3 лет назад |
| ELSA-2023-12064 ELSA-2023-12064: ruby:2.5 security update (IMPORTANT) | почти 3 года назад | ||
| ELSA-2022-5338 ELSA-2022-5338: ruby:2.6 security, bug fix, and enhancement update (MODERATE) | больше 3 лет назад | ||
 | BDU:2022-03067 Уязвимость методов алгоритма преобразования строки в число с плавающей запятой Kernel#Float и String#to_f интерпретатора языка программирования Ruby, позволяющая нарушителю вызвать отказ в обслуживании | CVSS3: 7.5 | 1% Низкий | больше 3 лет назад |
| RLSA-2022:6585 Moderate: ruby security, bug fix, and enhancement update | больше 3 лет назад | ||
| ELSA-2022-6585 ELSA-2022-6585: ruby security, bug fix, and enhancement update (MODERATE) | больше 3 лет назад | ||
 | CVE-2021-33621 The cgi gem before 0.1.0.2, 0.2.x before 0.2.2, and 0.3.x before 0.3.5 for Ruby allows HTTP response splitting. This is relevant to applications that use untrusted user input either to generate an HTTP response or to create a CGI::Cookie object. | CVSS3: 8.8 | 1% Низкий | около 3 лет назад |
 | CVE-2021-33621 The cgi gem before 0.1.0.2, 0.2.x before 0.2.2, and 0.3.x before 0.3.5 for Ruby allows HTTP response splitting. This is relevant to applications that use untrusted user input either to generate an HTTP response or to create a CGI::Cookie object. | CVSS3: 8.8 | 1% Низкий | около 3 лет назад |
| CVE-2021-33621 The cgi gem before 0.1.0.2, 0.2.x before 0.2.2, and 0.3.x before 0.3.5 for Ruby allows HTTP response splitting. This is relevant to applications that use untrusted user input either to generate an HTTP response or to create a CGI::Cookie object. | CVSS3: 8.8 | 1% Низкий | около 3 лет назад |
| CVE-2021-33621 The cgi gem before 0.1.0.2, 0.2.x before 0.2.2, and 0.3.x before 0.3.5 ... | CVSS3: 8.8 | 1% Низкий | около 3 лет назад |
| RLSA-2022:6447 Moderate: ruby:2.7 security, bug fix, and enhancement update | больше 3 лет назад | ||
| ELSA-2022-6447 ELSA-2022-6447: ruby:2.7 security, bug fix, and enhancement update (MODERATE) | больше 3 лет назад | ||
| CVE-2023-28755 A ReDoS issue was discovered in the URI component through 0.12.0 in Ruby through 3.2.1. The URI parser mishandles invalid URLs that have specific characters. It causes an increase in execution time for parsing strings to URI objects. The fixed versions are 0.12.1, 0.11.1, 0.10.2 and 0.10.0.1. | CVSS3: 5.3 | 1% Низкий | почти 3 года назад |
| CVE-2023-28755 A ReDoS issue was discovered in the URI component through 0.12.0 in Ruby through 3.2.1. The URI parser mishandles invalid URLs that have specific characters. It causes an increase in execution time for parsing strings to URI objects. The fixed versions are 0.12.1, 0.11.1, 0.10.2 and 0.10.0.1. | CVSS3: 5.3 | 1% Низкий | почти 3 года назад |
| CVE-2023-28755 A ReDoS issue was discovered in the URI component through 0.12.0 in Ruby through 3.2.1. The URI parser mishandles invalid URLs that have specific characters. It causes an increase in execution time for parsing strings to URI objects. The fixed versions are 0.12.1, 0.11.1, 0.10.2 and 0.10.0.1. | CVSS3: 5.3 | 1% Низкий | почти 3 года назад |
| CVE-2023-28755 A ReDoS issue was discovered in the URI component through 0.12.0 in Ru ... | CVSS3: 5.3 | 1% Низкий | почти 3 года назад |
Уязвимостей на страницу