Количество 10
Количество 10
CVE-2018-1000078
RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 series: 2.4.3 and earlier, Ruby 2.5 series: 2.5.0 and earlier, prior to trunk revision 62422 contains a Cross Site Scripting (XSS) vulnerability in gem server display of homepage attribute that can result in XSS. This attack appear to be exploitable via the victim must browse to a malicious gem on a vulnerable gem server. This vulnerability appears to have been fixed in 2.7.6.
CVE-2018-1000078
RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 series: 2.4.3 and earlier, Ruby 2.5 series: 2.5.0 and earlier, prior to trunk revision 62422 contains a Cross Site Scripting (XSS) vulnerability in gem server display of homepage attribute that can result in XSS. This attack appear to be exploitable via the victim must browse to a malicious gem on a vulnerable gem server. This vulnerability appears to have been fixed in 2.7.6.
CVE-2018-1000078
RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 series: 2.4.3 and earlier, Ruby 2.5 series: 2.5.0 and earlier, prior to trunk revision 62422 contains a Cross Site Scripting (XSS) vulnerability in gem server display of homepage attribute that can result in XSS. This attack appear to be exploitable via the victim must browse to a malicious gem on a vulnerable gem server. This vulnerability appears to have been fixed in 2.7.6.
CVE-2018-1000078
RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: ...
GHSA-87qx-g5wg-mwmj
RubyGems Cross-site Scripting vulnerability
BDU:2018-01597
Уязвимость системы управления пакетами RubyGems, связанная с возможностью осуществления межсайтового скриптинга, позволяющая нарушителю вызвать отказ в обслуживании
ELSA-2019-2028
ELSA-2019-2028: ruby security update (MODERATE)
openSUSE-SU-2019:1771-1
Security update for ruby-bundled-gems-rpmhelper, ruby2.5
SUSE-SU-2019:1804-1
Security update for ruby-bundled-gems-rpmhelper, ruby2.5
SUSE-SU-2020:1570-1
Security update for ruby2.1
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2018-1000078 RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 series: 2.4.3 and earlier, Ruby 2.5 series: 2.5.0 and earlier, prior to trunk revision 62422 contains a Cross Site Scripting (XSS) vulnerability in gem server display of homepage attribute that can result in XSS. This attack appear to be exploitable via the victim must browse to a malicious gem on a vulnerable gem server. This vulnerability appears to have been fixed in 2.7.6. | CVSS3: 6.1 | 1% Низкий | почти 8 лет назад |
 | CVE-2018-1000078 RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 series: 2.4.3 and earlier, Ruby 2.5 series: 2.5.0 and earlier, prior to trunk revision 62422 contains a Cross Site Scripting (XSS) vulnerability in gem server display of homepage attribute that can result in XSS. This attack appear to be exploitable via the victim must browse to a malicious gem on a vulnerable gem server. This vulnerability appears to have been fixed in 2.7.6. | CVSS3: 6.1 | 1% Низкий | почти 8 лет назад |
 | CVE-2018-1000078 RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 series: 2.4.3 and earlier, Ruby 2.5 series: 2.5.0 and earlier, prior to trunk revision 62422 contains a Cross Site Scripting (XSS) vulnerability in gem server display of homepage attribute that can result in XSS. This attack appear to be exploitable via the victim must browse to a malicious gem on a vulnerable gem server. This vulnerability appears to have been fixed in 2.7.6. | CVSS3: 6.1 | 1% Низкий | почти 8 лет назад |
| CVE-2018-1000078 RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: ... | CVSS3: 6.1 | 1% Низкий | почти 8 лет назад |
| GHSA-87qx-g5wg-mwmj RubyGems Cross-site Scripting vulnerability | CVSS3: 6.1 | 1% Низкий | больше 3 лет назад |
 | BDU:2018-01597 Уязвимость системы управления пакетами RubyGems, связанная с возможностью осуществления межсайтового скриптинга, позволяющая нарушителю вызвать отказ в обслуживании | CVSS3: 6.1 | 1% Низкий | почти 8 лет назад |
| ELSA-2019-2028 ELSA-2019-2028: ruby security update (MODERATE) | больше 6 лет назад | ||
 | openSUSE-SU-2019:1771-1 Security update for ruby-bundled-gems-rpmhelper, ruby2.5 | больше 6 лет назад | ||
| SUSE-SU-2019:1804-1 Security update for ruby-bundled-gems-rpmhelper, ruby2.5 | больше 6 лет назад | ||
| SUSE-SU-2020:1570-1 Security update for ruby2.1 | больше 5 лет назад |
Уязвимостей на страницу