pkg:RubyGems/rubygems-update

共 25 筆 CVECRITICAL3HIGH12MEDIUM3

✅ 檢查你的版本

所有已知漏洞

  • CRITICAL9.8CVE-2018-1000076RubyGems Improper Verification of Cryptographic Signature vulnerability
    >= 2.2.0, < 2.7.6
  • CRITICAL9.8CVE-2017-0903RubyGems vulnerable to Deserialization of Untrusted Data
    >= 2.0.0, < 2.6.14
  • CRITICAL9.8CVE-2017-0899RubyGems Code Injection vulnerability
    from 0, < 2.6.13
  • HIGH8.8CVE-2019-8324Code injection in RubyGems
    >= 2.6.0, < 2.7.9
  • HIGH8.1CVE-2017-0902RubyGems has Origin Validation Error vulnerability
    from 0, < 2.6.13
  • HIGH7.8CVE-2018-1000074jruby - security update
    from 0, < 2.7.6
  • HIGH7.5CVE-2017-0900rubygems - security update
    from 0, < 2.6.13
  • HIGH7.5CVE-2018-1000075jruby - security update
    from 0, < 2.7.6
  • HIGH7.5CVE-2017-0901RubyGems may allow a maliciously crafted gem to overwrite files
    from 0, < 2.6.13
  • HIGH7.5CVE-2018-1000073jruby - security update
    from 0, < 2.7.6
  • HIGH7.5CVE-2019-8325RubyGems Escape sequence injection in errors
    >= 2.6.0, < 2.7.9
  • HIGH7.5CVE-2019-8321RubyGems Escape sequence injection vulnerability in verbose
    >= 2.6.0, < 2.7.9
  • HIGH7.5CVE-2019-8322RubyGems Escape sequence injection vulnerability in gem owner
    >= 2.6.0, < 2.7.9
  • HIGH7.5CVE-2019-8323RubyGems Escape sequence injection vulnerability in api response handling
    >= 2.6.0, < 2.7.9
  • HIGH7.4CVE-2019-8320ruby2.3 - security update
    >= 2.7.6, < 2.7.9
  • MEDIUM6.1CVE-2018-1000078RubyGems Cross-site Scripting vulnerability
    from 0, < 2.7.6
  • MEDIUM5.5CVE-2018-1000079RubyGems Path Traversal vulnerability
    from 0, < 2.7.6
  • MEDIUM5.3CVE-2018-1000077RubyGems Improper Input Validation vulnerability
    from 0, < 2.7.6
  • CVE-2012-2125RubyGems HTTPS to HTTP redirect
    from 0, < 1.8.23
  • CVE-2012-2126RubyGems does not verify SSL certificate
    from 0, < 1.8.23
  • CVE-2015-4020RubyGems Improper Input Validation vulnerability
    from 0, < 2.0.17
  • CVE-2013-4363RubyGems Regular Expression Denial of Service
    from 0, < 1.8.23.2
  • CVE-2015-3900RubyGems vulnerable to DNS hijack attack
    >= 2.0.0, < 2.0.16
  • CVE-2013-4287RubyGems Regular Expression Denial of Service vulnerability
    from 0, < 1.8.23.1
  • CVE-2007-0469RubyGems file overwrite vulnerability
    from 0, < 0.9.1