pkg:Debian/rubygems

30 total CVEsCRITICAL3HIGH17MEDIUM5LOW1

✅ Check your installed version

All known vulnerabilities

  • CRITICAL9.8CVE-2018-1000076RubyGems Improper Verification of Cryptographic Signature vulnerability
    from 0, < 3.2.0~rc.1-1
  • CRITICAL9.8CVE-2017-0903RubyGems vulnerable to Deserialization of Untrusted Data
    from 0, < 3.2.0~rc.1-1
  • CRITICAL9.8CVE-2017-0899RubyGems Code Injection vulnerability
    from 0, < 3.2.0~rc.1-1
  • HIGH8.8CVE-2020-36327Dependency Confusion in Bundler
    from 0
  • HIGH8.8CVE-2019-8324Code injection in RubyGems
    from 0, < 3.2.0~rc.1-1
  • HIGH8.1CVE-2017-0902RubyGems has Origin Validation Error vulnerability
    from 0, < 3.2.0~rc.1-1
  • HIGH7.8CVE-2018-1000074jruby - security update
    from 0, < 3.2.0~rc.1-1
  • HIGH7.5CVE-2025-61594URI Credential Leakage Bypass over CVE-2025-27221
    from 0
  • HIGH7.5CVE-2023-28755Ruby URI component ReDoS issue
    from 0, < 3.2.5-2+deb11u1
  • HIGH7.5CVE-2017-0900rubygems - security update
    from 0, < 3.2.0~rc.1-1
  • HIGH7.5CVE-2017-0900rubygems - security update
    from 0, < 1.8.24-1+deb7u1
  • HIGH7.5CVE-2018-1000075jruby - security update
    from 0, < 3.2.0~rc.1-1
  • HIGH7.5CVE-2018-1000075jruby - security update
    from 0, < 1.8.24-1+deb7u2
  • HIGH7.5CVE-2017-0901RubyGems may allow a maliciously crafted gem to overwrite files
    from 0, < 3.2.0~rc.1-1
  • HIGH7.5CVE-2018-1000073jruby - security update
    from 0, < 3.2.0~rc.1-1
  • HIGH7.5CVE-2019-8325RubyGems Escape sequence injection in errors
    from 0, < 3.2.0~rc.1-1
  • HIGH7.5CVE-2019-8321RubyGems Escape sequence injection vulnerability in verbose
    from 0, < 3.2.0~rc.1-1
  • HIGH7.5CVE-2019-8322RubyGems Escape sequence injection vulnerability in gem owner
    from 0, < 3.2.0~rc.1-1
  • HIGH7.5CVE-2019-8323RubyGems Escape sequence injection vulnerability in api response handling
    from 0, < 3.2.0~rc.1-1
  • HIGH7.4CVE-2019-8320ruby2.3 - security update
    from 0, < 3.2.0~rc.1-1
  • MEDIUM6.7CVE-2021-43809Local Code Execution through Argument Injection via dash leading git url parameter in Gemfile.
    from 0, < 3.2.5-2+deb11u1
  • MEDIUM6.7CVE-2021-43809Local Code Execution through Argument Injection via dash leading git url parameter in Gemfile.
    from 0, < 3.2.5-2+deb11u1
  • MEDIUM6.1CVE-2018-1000078RubyGems Cross-site Scripting vulnerability
    from 0, < 3.2.0~rc.1-1
  • MEDIUM5.5CVE-2018-1000079RubyGems Path Traversal vulnerability
    from 0, < 3.2.0~rc.1-1
  • MEDIUM5.3CVE-2018-1000077RubyGems Improper Input Validation vulnerability
    from 0, < 3.2.0~rc.1-1
  • LOW3.2CVE-2025-27221URI allows for userinfo Leakage in URI#join, URI#merge, and URI#+
    from 0, < 3.2.5-2+deb11u1
  • CVE-2012-2125RubyGems HTTPS to HTTP redirect
    from 0, < 1.8.24-1
  • CVE-2012-2126RubyGems does not verify SSL certificate
    from 0, < 1.8.24-1
  • CVE-2013-4363RubyGems Regular Expression Denial of Service
    from 0, < 3.2.0~rc.1-1
  • CVE-2013-4287RubyGems Regular Expression Denial of Service vulnerability
    from 0, < 3.2.0~rc.1-1