Ruby Vulnerabilidad

Cronología

El año pasado

Versión

2.028
2.3.027
2.3.127
2.4.026
2.4.126

Contramedidas

Official Fix202
Temporary Fix0
Workaround0
Unavailable1
Not Defined44

Explotabilidad

High12
Functional0
Proof-of-Concept58
Unproven11
Not Defined166

Vector de acceso

Not Defined0
Physical0
Local11
Adjacent11
Network225

Autenticación

Not Defined0
High0
Low24
None223

La interacción del usuario

Not Defined0
Required48
None199

C3BM Index

El año pasado

CVSSv3 Base

≤10
≤20
≤30
≤48
≤525
≤661
≤761
≤860
≤920
≤1012

CVSSv3 Temp

≤10
≤20
≤30
≤49
≤538
≤668
≤772
≤831
≤922
≤107

VulDB

≤10
≤20
≤31
≤414
≤528
≤679
≤736
≤873
≤95
≤1011

NVD

≤10
≤20
≤30
≤43
≤51
≤613
≤714
≤830
≤911
≤1027

CNA

≤10
≤20
≤30
≤41
≤50
≤63
≤70
≤83
≤91
≤100

Proveedor

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Explotar día 0

<1k42
<2k104
<5k95
<10k1
<25k2
<50k3
<100k0
≥100k0

Explotar hoy

<1k244
<2k3
<5k0
<10k0
<25k0
<50k0
<100k0
≥100k0

Explotar el volumen del mercado

El año pasado

🔴 CTI Ocupaciones

Affected Versions (354): 0.0.1, 0.1, 0.1.7, 0.2, 0.2.1, 0.3, 0.4, 0.5, 0.5.1, 0.5.2, 0.5.3, 0.5.4, 0.6, 0.6.1, 0.6.2, 0.6.3, 0.6.4, 0.7, 0.8, 0.9, 0.10, 0.10.1, 0.11, 0.12, 0.12.1, 1, 1.0, 1.0.1, 1.0.2, 1.1, 1.1.1, 1.1.2, 1.1.3, 1.1.4, 1.2, 1.2.1, 1.2.2, 1.2.3, 1.3, 1.3.1, 1.3.2, 1.3.3, 1.4, 1.5, 1.5.1, 1.5.2, 1.5.3, 1.6, 1.6.1, 1.6.2, 1.6.3, 1.6.4, 1.6.5, 1.6.6, 1.6.7, 1.6.8, 1.7, 1.7.1, 1.7.2, 1.7.3, 1.7.4, 1.7.5, 1.7.6, 1.8, 1.8.1, 1.8.2, 1.8.2 Pre1, 1.8.2 Pre2, 1.8.3, 1.8.4, 1.8.5, 1.8.5-p23, 1.8.6, 1.8.6-26, 1.8.6-42, 1.8.6-p229, 1.8.6.23, 1.8.7, 1.8.7-16, 1.8.7-33, 1.8.7-173, 1.8.7-248, 1.8.7-249, 1.8.7-299, 1.8.7-302, 1.8.7-334, 1.8.7-p21, 1.8.7-p33, 1.8.7-p299, 1.8.7-p302, 1.8.7-p334, 1.8.7-p352, 1.8.8, 1.9, 1.9.0-, 1.9.0-1, 1.9.0-2, 1.9.0-20060415, 1.9.0-20070709, 1.9.1, 1.9.2, 1.9.2-p18, 1.9.2-p136, 1.9.3, 1.9.4, 1.9.5, 1.9.6, 1.9.7, 1.9.8, 1.9.9, 1.9.11, 1.9.12, 1.9.13, 1.9.14, 1.9.15, 1.9.16, 1.9.17, 1.9.18, 1.9.19, 1.9.21, 1.9.22, 1.9.23, 1.10, 1.11, 1.12, 2, 2.0, 2.0.0 Patchlevel 644, 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, 2.0.6, 2.0.7, 2.0.8, 2.0.9, 2.0.11, 2.0.12, 2.1, 2.1.1, 2.1.2, 2.1.3, 2.1.4, 2.1.5, 2.1.6, 2.1.7, 2.1.8, 2.1.9, 2.2, 2.2.1, 2.2.2, 2.2.3, 2.2.4, 2.2.5, 2.2.6, 2.2.7, 2.2.8, 2.2.9, 2.3, 2.3.1, 2.3.2, 2.3.3, 2.3.4, 2.3.5, 2.3.6, 2.3.7, 2.3.8, 2.3.9, 2.3.11, 2.3.12, 2.3.13, 2.3.14, 2.4, 2.4.1, 2.4.2, 2.4.3, 2.4.4, 2.4.5, 2.4.6, 2.4.7, 2.4.8, 2.4.9, 2.5, 2.5.1, 2.5.2, 2.5.3, 2.5.4, 2.5.5, 2.5.6, 2.5.7, 2.5.8, 2.6, 2.6.0-preview2, 2.6.1, 2.6.2, 2.6.3, 2.6.4, 2.6.5, 2.6.6, 2.6.7, 2.6.8, 2.6.9, 2.7, 2.7.1, 2.7.2, 2.7.3, 2.7.4, 2.7.5, 2.7.6, 2.7.7, 2.8, 2.8.1, 2.9, 2.9.1, 2.10.1, 2.10.2, 2.10.3, 2.11, 2.11.1, 2.11.2, 3, 3.0, 3.0.1, 3.0.2, 3.0.3, 3.0.4, 3.0.5, 3.0.6, 3.0.7, 3.0.8, 3.0.9, 3.0.11, 3.0.12, 3.0.13, 3.0.14, 3.0.15, 3.0.16, 3.0.17, 3.0.18, 3.0.19, 3.1, 3.1.1, 3.1.2, 3.1.3, 3.1.4, 3.1.5, 3.1.6, 3.1.7, 3.1.8, 3.2, 3.2.1, 3.2.2, 3.2.3, 3.2.4, 3.2.5, 3.2.6, 3.2.7, 3.2.8, 3.2.9, 3.2.11, 3.2.12, 3.2.13, 3.2.14, 3.2.15, 3.2.16, 3.2.17, 3.2.18, 3.2.22, 3.2.22.1, 3.2.22.2, 3.3, 3.4, 3.4.1, 3.4.2, 4, 4.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.5, 4.0.6, 4.0.7, 4.0.8, 4.1, 4.1.1, 4.1.2, 4.1.3, 4.1.4, 4.1.5, 4.1.6, 4.1.7, 4.1.8, 4.1.9, 4.1.14, 4.1.14.1, 4.2, 4.2.1, 4.2.2, 4.2.3, 4.2.4, 4.2.5, 4.2.6, 4.2.7, 4.2.8, 4.2.9, 4.2.11, 5, 5.0, 5.0.7, 5.0.7.1, 5.1, 5.1.1, 5.1.2, 5.1.3, 5.1.4, 5.1.6, 5.1.6.1, 5.2, 5.2.1, 5.2.2, 5.2.3, 5.2.4, 5.2.4.1, 5.2.4.2, 5.2.4.3, 6, 6.0.0.beta2, 6.0.1, 6.0.2, 6.0.3, 6.0.3.1, 6.0.3.2, 6.1.7, 6.1.7.1, 6.1.7.2, 6.1.7.3, 6.1.7.4, 6.1.7.5, 6.1.7.6, 7, 7.0.1, 7.0.2, 7.0.3, 7.0.4, 7.0.5, 7.0.6, 7.0.7, 7.0.8, 7.1, 7.1.1, 7.1.2, 7.1.3

Tipo de software: Programming Language Software

Fecha de publicaciónBaseTempVulnerabilidad0dayHoyExpConCTICVE
2024-04-243.53.4Ruby Regex Search desbordamiento de búfer$0-$5k$0-$5kNot DefinedOfficial Fix0.67-CVE-2024-27282
2024-02-275.75.6Ruby on Rails cross site scripting$0-$5k$0-$5kNot DefinedOfficial Fix0.04CVE-2024-26143
2024-02-275.35.2Ruby on Rails Active Storage divulgación de información$0-$5k$0-$5kNot DefinedOfficial Fix0.03CVE-2024-26144
2024-02-276.46.3Ruby on Rails Accept Header denegación de servicio$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2024-26142
2023-10-244.04.0ruby-rmagick denegación de servicio$0-$5k$0-$5kNot DefinedOfficial Fix0.01CVE-2023-5349
2023-06-294.44.3Ruby Incomplete Fix CVE-2023-28755 rfc2396_parser.rb denegación de servicio$0-$5k$0-$5kNot DefinedOfficial Fix0.02CVE-2023-36617
2023-05-286.66.6ruby-saml Gem xml_security.rb escalada de privilegios$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2015-20108
2023-05-026.46.2Ruby Help Desk Plugin Ticket escalada de privilegios$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2023-1125
2023-04-216.56.3oauth-ruby gem X.509 Certificate consumer.rb autenticación débil$0-$5k$0-$5kProof-of-ConceptNot Defined0.04CVE-2016-11086
2023-04-216.46.1MongoDB bson-ruby ObjecId.legal denegación de servicio$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.02CVE-2015-4411
2023-03-315.55.4Ruby Time denegación de servicio$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2023-28756
2023-03-315.55.4Ruby URI denegación de servicio$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2023-28755
2023-01-176.76.6ruby-git Filename Privilege Escalation$0-$5k$0-$5kNot DefinedOfficial Fix0.03CVE-2022-47318
2022-12-024.34.3ruby-mysql Gem escalada de privilegios$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2021-3270
2022-11-237.57.2Ruby cgi.rb Privilege Escalation$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.03CVE-2021-33621
2022-10-263.83.8Ruby on Rails _table.html.erb cross site scripting [Disputa]$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2022-3704
2022-09-297.37.1Ruby Tags Array Length Emitter desbordamiento de búfer$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2016-2338
2022-07-017.57.4opensearch-ruby YAML YAML.load escalada de privilegios$0-$5k$0-$5kNot DefinedOfficial Fix0.03CVE-2022-31115
2022-06-284.84.7ruby-mysql escalada de privilegios$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2021-3779
2022-05-107.37.0Ruby Regexp Compiler desbordamiento de búfer$0-$5k$0-$5kNot DefinedOfficial Fix0.02CVE-2022-28738
2022-05-105.55.3Ruby String-to-Float Conversion String#to_f desbordamiento de búfer$0-$5k$0-$5kNot DefinedOfficial Fix0.02CVE-2022-28739
2022-04-054.84.7yajl-ruby yajl_buf.c desbordamiento de búfer$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2022-24795
2022-02-075.65.4Ruby CGI.escape_html desbordamiento de búfer$0-$5k$0-$5kNot DefinedOfficial Fix0.06CVE-2021-41816
2022-01-015.55.5Ruby Cookie Name Cookie.parse Privilege Escalation$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2021-41819
2021-10-194.84.7Ruby on Rails auto_link cross site scripting$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2011-1497

222 no se muestran más entradas

🔒 Login Required

You need to signup and login to see more of the remaining 222 results.

AnteriorVisión De ConjuntoPróximo

Interested in the pricing of exploits?

See the underground prices here!