Ruby Vulnerabilità

Sequenza temporale

L'anno scorso

Versione

2.028
2.3.027
2.3.127
2.3.227
2.4.026

Contromisure

Official Fix202
Temporary Fix0
Workaround0
Unavailable1
Not Defined44

Sfruttabilità

High13
Functional0
Proof-of-Concept58
Unproven11
Not Defined165

Accesso al vettore

Not Defined0
Physical0
Local11
Adjacent11
Network225

Autenticazione

Not Defined0
High0
Low24
None223

Interazione dell'utente

Not Defined0
Required48
None199

C3BM Index

L'anno scorso

CVSSv3 Base

≤10
≤20
≤30
≤48
≤525
≤660
≤760
≤862
≤920
≤1012

CVSSv3 Temp

≤10
≤20
≤30
≤49
≤539
≤667
≤770
≤833
≤922
≤107

VulDB

≤10
≤20
≤31
≤414
≤528
≤679
≤736
≤873
≤95
≤1011

NVD

≤10
≤20
≤30
≤43
≤51
≤613
≤714
≤831
≤911
≤1027

CNA

≤10
≤20
≤30
≤41
≤50
≤63
≤72
≤82
≤93
≤100

Fornitore

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Exploiter 0 giorni

<1k41
<2k113
<5k87
<10k1
<25k2
<50k3
<100k0
≥100k0

Exploiter aujourd'hui

<1k244
<2k2
<5k1
<10k0
<25k0
<50k0
<100k0
≥100k0

Sfrutta il volume del mercato

L'anno scorso

🔴 CTI Attività

Affected Versions (359): 0.0.1, 0.1, 0.1.7, 0.2, 0.2.1, 0.3, 0.4, 0.5, 0.5.1, 0.5.2, 0.5.3, 0.5.4, 0.6, 0.6.1, 0.6.2, 0.6.3, 0.6.4, 0.6.5, 0.7, 0.8, 0.9, 0.10, 0.10.1, 0.11, 0.12, 0.12.1, 1, 1.0, 1.0.1, 1.0.2, 1.1, 1.1.1, 1.1.2, 1.1.3, 1.1.4, 1.1.5, 1.2, 1.2.1, 1.2.2, 1.2.3, 1.3, 1.3.1, 1.3.2, 1.3.3, 1.4, 1.5, 1.5.1, 1.5.2, 1.5.3, 1.5.4, 1.6, 1.6.1, 1.6.2, 1.6.3, 1.6.4, 1.6.5, 1.6.6, 1.6.7, 1.6.8, 1.7, 1.7.1, 1.7.2, 1.7.3, 1.7.4, 1.7.5, 1.7.6, 1.7.7, 1.8, 1.8.1, 1.8.2, 1.8.2 Pre1, 1.8.2 Pre2, 1.8.3, 1.8.4, 1.8.5, 1.8.5-p23, 1.8.6, 1.8.6-26, 1.8.6-42, 1.8.6-p229, 1.8.6.23, 1.8.7, 1.8.7-16, 1.8.7-33, 1.8.7-173, 1.8.7-248, 1.8.7-249, 1.8.7-299, 1.8.7-302, 1.8.7-334, 1.8.7-p21, 1.8.7-p33, 1.8.7-p299, 1.8.7-p302, 1.8.7-p334, 1.8.7-p352, 1.8.8, 1.9, 1.9.0-, 1.9.0-1, 1.9.0-2, 1.9.0-20060415, 1.9.0-20070709, 1.9.1, 1.9.2, 1.9.2-p18, 1.9.2-p136, 1.9.3, 1.9.4, 1.9.5, 1.9.6, 1.9.7, 1.9.8, 1.9.9, 1.9.11, 1.9.12, 1.9.13, 1.9.14, 1.9.15, 1.9.16, 1.9.17, 1.9.18, 1.9.19, 1.9.21, 1.9.22, 1.9.23, 1.10, 1.11, 1.12, 2, 2.0, 2.0.0 Patchlevel 644, 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, 2.0.6, 2.0.7, 2.0.8, 2.0.9, 2.0.11, 2.0.12, 2.1, 2.1.1, 2.1.2, 2.1.3, 2.1.4, 2.1.5, 2.1.6, 2.1.7, 2.1.8, 2.1.9, 2.2, 2.2.1, 2.2.2, 2.2.3, 2.2.4, 2.2.5, 2.2.6, 2.2.7, 2.2.8, 2.2.9, 2.3, 2.3.1, 2.3.2, 2.3.3, 2.3.4, 2.3.5, 2.3.6, 2.3.7, 2.3.8, 2.3.9, 2.3.11, 2.3.12, 2.3.13, 2.3.14, 2.3.15, 2.4, 2.4.1, 2.4.2, 2.4.3, 2.4.4, 2.4.5, 2.4.6, 2.4.7, 2.4.8, 2.4.9, 2.5, 2.5.1, 2.5.2, 2.5.3, 2.5.4, 2.5.5, 2.5.6, 2.5.7, 2.5.8, 2.6, 2.6.0-preview2, 2.6.1, 2.6.2, 2.6.3, 2.6.4, 2.6.5, 2.6.6, 2.6.7, 2.6.8, 2.6.9, 2.7, 2.7.1, 2.7.2, 2.7.3, 2.7.4, 2.7.5, 2.7.6, 2.7.7, 2.8, 2.8.1, 2.9, 2.9.1, 2.10.1, 2.10.2, 2.10.3, 2.11, 2.11.1, 2.11.2, 3, 3.0, 3.0.1, 3.0.2, 3.0.3, 3.0.4, 3.0.5, 3.0.6, 3.0.7, 3.0.8, 3.0.9, 3.0.11, 3.0.12, 3.0.13, 3.0.14, 3.0.15, 3.0.16, 3.0.17, 3.0.18, 3.0.19, 3.1, 3.1.1, 3.1.2, 3.1.3, 3.1.4, 3.1.5, 3.1.6, 3.1.7, 3.1.8, 3.2, 3.2.1, 3.2.2, 3.2.3, 3.2.4, 3.2.5, 3.2.6, 3.2.7, 3.2.8, 3.2.9, 3.2.11, 3.2.12, 3.2.13, 3.2.14, 3.2.15, 3.2.16, 3.2.17, 3.2.18, 3.2.22, 3.2.22.1, 3.2.22.2, 3.3, 3.4, 3.4.1, 3.4.2, 4, 4.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.5, 4.0.6, 4.0.7, 4.0.8, 4.1, 4.1.1, 4.1.2, 4.1.3, 4.1.4, 4.1.5, 4.1.6, 4.1.7, 4.1.8, 4.1.9, 4.1.14, 4.1.14.1, 4.2, 4.2.1, 4.2.2, 4.2.3, 4.2.4, 4.2.5, 4.2.6, 4.2.7, 4.2.8, 4.2.9, 4.2.11, 5, 5.0, 5.0.7, 5.0.7.1, 5.1, 5.1.1, 5.1.2, 5.1.3, 5.1.4, 5.1.6, 5.1.6.1, 5.2, 5.2.1, 5.2.2, 5.2.3, 5.2.4, 5.2.4.1, 5.2.4.2, 5.2.4.3, 6, 6.0.0.beta2, 6.0.1, 6.0.2, 6.0.3, 6.0.3.1, 6.0.3.2, 6.1.7, 6.1.7.1, 6.1.7.2, 6.1.7.3, 6.1.7.4, 6.1.7.5, 6.1.7.6, 7, 7.0.1, 7.0.2, 7.0.3, 7.0.4, 7.0.5, 7.0.6, 7.0.7, 7.0.8, 7.1, 7.1.1, 7.1.2, 7.1.3

Tipo di software: Programming Language Software

Data di pubblicazioneBaseTempVulnerabilità0dayOggiSfrConCTICVE
24/04/20243.53.4Ruby Regex Search buffer overflow$0-$5k$0-$5kNot DefinedOfficial Fix0.03CVE-2024-27282
27/02/20245.25.1Ruby on Rails cross site scripting$0-$5k$0-$5kNot DefinedOfficial Fix0.03CVE-2024-26143
27/02/20245.35.2Ruby on Rails Active Storage rivelazione di un 'informazione$0-$5k$0-$5kNot DefinedOfficial Fix0.02CVE-2024-26144
27/02/20246.46.3Ruby on Rails Accept Header denial of service$0-$5k$0-$5kNot DefinedOfficial Fix0.03CVE-2024-26142
24/10/20234.04.0ruby-rmagick denial of service$0-$5k$0-$5kNot DefinedOfficial Fix0.05CVE-2023-5349
29/06/20234.44.3Ruby Incomplete Fix CVE-2023-28755 rfc2396_parser.rb denial of service$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2023-36617
28/05/20236.66.6ruby-saml Gem xml_security.rb escalazione di privilegi$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2015-20108
02/05/20236.46.2Ruby Help Desk Plugin Ticket escalazione di privilegi$0-$5k$0-$5kNot DefinedOfficial Fix0.02CVE-2023-1125
21/04/20236.56.3oauth-ruby gem X.509 Certificate consumer.rb autenticazione debole$0-$5k$0-$5kProof-of-ConceptNot Defined0.00CVE-2016-11086
21/04/20236.46.1MongoDB bson-ruby ObjecId.legal denial of service$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.06CVE-2015-4411
31/03/20235.55.4Ruby Time denial of service$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2023-28756
31/03/20235.55.4Ruby URI denial of service$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2023-28755
17/01/20236.76.6ruby-git Filename Privilege Escalation$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2022-47318
02/12/20224.34.3ruby-mysql Gem escalazione di privilegi$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2021-3270
23/11/20227.57.2Ruby cgi.rb Privilege Escalation$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.00CVE-2021-33621
26/10/20223.83.8Ruby on Rails _table.html.erb cross site scripting [Contestazione]$0-$5k$0-$5kNot DefinedOfficial Fix0.02CVE-2022-3704
29/09/20227.37.1Ruby Tags Array Length Emitter buffer overflow$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2016-2338
01/07/20227.57.4opensearch-ruby YAML YAML.load escalazione di privilegi$0-$5k$0-$5kNot DefinedOfficial Fix0.05CVE-2022-31115
28/06/20224.84.7ruby-mysql escalazione di privilegi$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2021-3779
10/05/20227.37.0Ruby Regexp Compiler buffer overflow$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2022-28738
10/05/20225.55.3Ruby String-to-Float Conversion String#to_f buffer overflow$0-$5k$0-$5kNot DefinedOfficial Fix0.04CVE-2022-28739
05/04/20224.84.7yajl-ruby yajl_buf.c buffer overflow$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2022-24795
07/02/20225.65.4Ruby CGI.escape_html buffer overflow$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2021-41816
01/01/20225.55.5Ruby Cookie Name Cookie.parse Privilege Escalation$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2021-41819
19/10/20214.84.7Ruby on Rails auto_link cross site scripting$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2011-1497

222 non vengono visualizzate più voci

Do you know our Splunk app?

Download it now for free!