Ruby 漏洞

时间轴

去年

版本

2.0	28
2.3.0	27
2.3.1	27
2.4.0	26
2.4.1	26

修正

Official Fix	201
Temporary Fix	0
Workaround	0
Unavailable	1
Not Defined	44

易受攻击性

High	11
Functional	0
Proof-of-Concept	58
Unproven	11
Not Defined	166

访问向量

Not Defined	0
Physical	0
Local	11
Adjacent	10
Network	225

身份验证

Not Defined	0
High	0
Low	23
None	223

用户交互

Not Defined	0
Required	48
None	198

CVSSv3 Base

≤1	0
≤2	0
≤3	0
≤4	7
≤5	25
≤6	61
≤7	61
≤8	60
≤9	20
≤10	12

CVSSv3 Temp

≤1	0
≤2	0
≤3	0
≤4	8
≤5	38
≤6	68
≤7	73
≤8	30
≤9	22
≤10	7

VulDB

≤1	0
≤2	0
≤3	1
≤4	13
≤5	28
≤6	79
≤7	36
≤8	73
≤9	5
≤10	11

NVD

≤1	0
≤2	0
≤3	0
≤4	3
≤5	1
≤6	13
≤7	14
≤8	30
≤9	11
≤10	27

CNA

≤1	0
≤2	0
≤3	0
≤4	1
≤5	0
≤6	3
≤7	0
≤8	3
≤9	1
≤10	0

供应商

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Research

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

零日攻击

<1k	41
<2k	104
<5k	95
<10k	1
<25k	2
<50k	3
<100k	0
≥100k	0

本日攻击

<1k	243
<2k	3
<5k	0
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

Affected Versions (353): 0.0.1, 0.1, 0.1.7, 0.2, 0.2.1, 0.3, 0.4, 0.5, 0.5.1, 0.5.2, 0.5.3, 0.5.4, 0.6, 0.6.1, 0.6.2, 0.6.3, 0.6.4, 0.7, 0.8, 0.9, 0.10, 0.10.1, 0.11, 0.12, 0.12.1, 1, 1.0, 1.0.1, 1.0.2, 1.1, 1.1.1, 1.1.2, 1.1.3, 1.1.4, 1.2, 1.2.1, 1.2.2, 1.2.3, 1.3, 1.3.1, 1.3.2, 1.3.3, 1.4, 1.5, 1.5.1, 1.5.2, 1.5.3, 1.6, 1.6.1, 1.6.2, 1.6.3, 1.6.4, 1.6.5, 1.6.6, 1.6.7, 1.6.8, 1.7, 1.7.1, 1.7.2, 1.7.3, 1.7.4, 1.7.5, 1.7.6, 1.8, 1.8.1, 1.8.2, 1.8.2 Pre1, 1.8.2 Pre2, 1.8.3, 1.8.4, 1.8.5, 1.8.5-p23, 1.8.6, 1.8.6-26, 1.8.6-42, 1.8.6-p229, 1.8.6.23, 1.8.7, 1.8.7-16, 1.8.7-33, 1.8.7-173, 1.8.7-248, 1.8.7-249, 1.8.7-299, 1.8.7-302, 1.8.7-334, 1.8.7-p21, 1.8.7-p33, 1.8.7-p299, 1.8.7-p302, 1.8.7-p334, 1.8.7-p352, 1.8.8, 1.9, 1.9.0-, 1.9.0-1, 1.9.0-2, 1.9.0-20060415, 1.9.0-20070709, 1.9.1, 1.9.2, 1.9.2-p18, 1.9.2-p136, 1.9.3, 1.9.4, 1.9.5, 1.9.6, 1.9.7, 1.9.8, 1.9.9, 1.9.11, 1.9.12, 1.9.13, 1.9.14, 1.9.15, 1.9.16, 1.9.17, 1.9.18, 1.9.19, 1.9.21, 1.9.22, 1.9.23, 1.10, 1.11, 1.12, 2, 2.0, 2.0.0 Patchlevel 644, 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, 2.0.6, 2.0.7, 2.0.8, 2.0.9, 2.0.11, 2.0.12, 2.1, 2.1.1, 2.1.2, 2.1.3, 2.1.4, 2.1.5, 2.1.6, 2.1.7, 2.1.8, 2.1.9, 2.2, 2.2.1, 2.2.2, 2.2.3, 2.2.4, 2.2.5, 2.2.6, 2.2.7, 2.2.8, 2.2.9, 2.3, 2.3.1, 2.3.2, 2.3.3, 2.3.4, 2.3.5, 2.3.6, 2.3.7, 2.3.8, 2.3.9, 2.3.11, 2.3.12, 2.3.13, 2.3.14, 2.4, 2.4.1, 2.4.2, 2.4.3, 2.4.4, 2.4.5, 2.4.6, 2.4.7, 2.4.8, 2.4.9, 2.5, 2.5.1, 2.5.2, 2.5.3, 2.5.4, 2.5.5, 2.5.6, 2.5.7, 2.5.8, 2.6, 2.6.0-preview2, 2.6.1, 2.6.2, 2.6.3, 2.6.4, 2.6.5, 2.6.6, 2.6.7, 2.6.8, 2.6.9, 2.7, 2.7.1, 2.7.2, 2.7.3, 2.7.4, 2.7.5, 2.7.6, 2.7.7, 2.8, 2.8.1, 2.9, 2.9.1, 2.10.1, 2.10.2, 2.10.3, 2.11, 2.11.1, 2.11.2, 3, 3.0, 3.0.1, 3.0.2, 3.0.3, 3.0.4, 3.0.5, 3.0.6, 3.0.7, 3.0.8, 3.0.9, 3.0.11, 3.0.12, 3.0.13, 3.0.14, 3.0.15, 3.0.16, 3.0.17, 3.0.18, 3.0.19, 3.1, 3.1.1, 3.1.2, 3.1.3, 3.1.4, 3.1.5, 3.1.6, 3.1.7, 3.1.8, 3.2, 3.2.1, 3.2.2, 3.2.3, 3.2.4, 3.2.5, 3.2.6, 3.2.7, 3.2.8, 3.2.9, 3.2.11, 3.2.12, 3.2.13, 3.2.14, 3.2.15, 3.2.16, 3.2.17, 3.2.18, 3.2.22, 3.2.22.1, 3.2.22.2, 3.4, 3.4.1, 3.4.2, 4, 4.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.5, 4.0.6, 4.0.7, 4.0.8, 4.1, 4.1.1, 4.1.2, 4.1.3, 4.1.4, 4.1.5, 4.1.6, 4.1.7, 4.1.8, 4.1.9, 4.1.14, 4.1.14.1, 4.2, 4.2.1, 4.2.2, 4.2.3, 4.2.4, 4.2.5, 4.2.6, 4.2.7, 4.2.8, 4.2.9, 4.2.11, 5, 5.0, 5.0.7, 5.0.7.1, 5.1, 5.1.1, 5.1.2, 5.1.3, 5.1.4, 5.1.6, 5.1.6.1, 5.2, 5.2.1, 5.2.2, 5.2.3, 5.2.4, 5.2.4.1, 5.2.4.2, 5.2.4.3, 6, 6.0.0.beta2, 6.0.1, 6.0.2, 6.0.3, 6.0.3.1, 6.0.3.2, 6.1.7, 6.1.7.1, 6.1.7.2, 6.1.7.3, 6.1.7.4, 6.1.7.5, 6.1.7.6, 7, 7.0.1, 7.0.2, 7.0.3, 7.0.4, 7.0.5, 7.0.6, 7.0.7, 7.0.8, 7.1, 7.1.1, 7.1.2, 7.1.3

软件类型: Programming Language Software

已发布	Base	Temp	漏洞	0day	今天	易	修正	CTI	CVE
2024-02-27	5.7	5.6	Ruby on Rails 跨网站脚本	$0-$5k	$0-$5k	Not Defined	Official Fix	0.04	CVE-2024-26143
2024-02-27	5.3	5.2	Ruby on Rails Active Storage 信息公开	$0-$5k	$0-$5k	Not Defined	Official Fix	0.03	CVE-2024-26144
2024-02-27	6.4	6.3	Ruby on Rails Accept Header 拒绝服务	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2024-26142
2023-10-24	4.0	4.0	ruby-rmagick 拒绝服务	$0-$5k	$0-$5k	Not Defined	Official Fix	0.01	CVE-2023-5349
2023-06-29	4.4	4.3	Ruby Incomplete Fix CVE-2023-28755 rfc2396_parser.rb 拒绝服务	$0-$5k	$0-$5k	Not Defined	Official Fix	0.02	CVE-2023-36617
2023-05-28	6.6	6.6	ruby-saml Gem xml_security.rb 权限升级	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2015-20108
2023-05-02	6.4	6.2	Ruby Help Desk Plugin Ticket 权限升级	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2023-1125
2023-04-21	6.5	6.3	oauth-ruby gem X.509 Certificate consumer.rb 弱身份验证	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.04	CVE-2016-11086
2023-04-21	6.4	6.1	MongoDB bson-ruby ObjecId.legal 拒绝服务	$0-$5k	$0-$5k	Proof-of-Concept	Official Fix	0.02	CVE-2015-4411
2023-03-31	5.5	5.4	Ruby Time 拒绝服务	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2023-28756
2023-03-31	5.5	5.4	Ruby URI 拒绝服务	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2023-28755
2023-01-17	6.7	6.6	ruby-git Filename Privilege Escalation	$0-$5k	$0-$5k	Not Defined	Official Fix	0.03	CVE-2022-47318
2022-12-02	4.3	4.3	ruby-mysql Gem 权限升级	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00	CVE-2021-3270
2022-11-23	7.5	7.2	Ruby cgi.rb Privilege Escalation	$0-$5k	$0-$5k	Proof-of-Concept	Official Fix	0.03	CVE-2021-33621
2022-10-26	3.8	3.8	Ruby on Rails _table.html.erb 跨网站脚本 [有争议]	$0-$5k	$0-$5k	Not Defined	Official Fix	0.04	CVE-2022-3704
2022-09-29	7.3	7.1	Ruby Tags Array Length Emitter 内存损坏	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00	CVE-2016-2338
2022-07-01	7.5	7.4	opensearch-ruby YAML YAML.load 权限升级	$0-$5k	$0-$5k	Not Defined	Official Fix	0.03	CVE-2022-31115
2022-06-28	4.8	4.7	ruby-mysql 权限升级	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2021-3779
2022-05-10	7.3	7.0	Ruby Regexp Compiler 内存损坏	$0-$5k	$0-$5k	Not Defined	Official Fix	0.02	CVE-2022-28738
2022-05-10	5.5	5.3	Ruby String-to-Float Conversion String#to_f 内存损坏	$0-$5k	$0-$5k	Not Defined	Official Fix	0.02	CVE-2022-28739
2022-04-05	4.8	4.7	yajl-ruby yajl_buf.c 内存损坏	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2022-24795
2022-02-07	5.6	5.4	Ruby CGI.escape_html 内存损坏	$0-$5k	$0-$5k	Not Defined	Official Fix	0.06	CVE-2021-41816
2022-01-01	5.5	5.5	Ruby Cookie Name Cookie.parse Privilege Escalation	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00	CVE-2021-41819
2021-10-19	4.8	4.7	Ruby on Rails auto_link 跨网站脚本	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2011-1497
2021-08-02	5.3	5.1	Ruby StartTLS IMAP 弱身份验证	$0-$5k	$0-$5k	Not Defined	Official Fix	0.03	CVE-2021-32066

221 更多条目未显示

🔒 Login Required

You need to signup and login to see more of the remaining 221 results.

◂ 上一步一览下一步 ▸

Might our Artificial Intelligence support you?

Check our Alexa App!