ruby-lang.org

CVE-2018-6914: Unintentional file and directory creation with directory traversal in tempfile and tmpdir


5 months ago by ruby-lang.org on ruby-lang.org.
There is an unintentional directory creation vulnerability in tmpdir library bundled with Ruby. And there is also an unintentional file creation vulnerability...

CVE-2018-8779: Unintentional socket creation by poisoned NUL byte in UNIXServer and UNIXSocket


5 months ago by ruby-lang.org on ruby-lang.org.
There is a unintentional socket creation vulnerability in UNIXServer.open method of socket library bundled with Ruby. And there is also a unintentional...

CVE-2018-8780: Unintentional directory traversal by poisoned NUL byte in Dir


5 months ago by ruby-lang.org on ruby-lang.org.
There is an unintentional directory traversal in some methods in Dir. This vulnerability has been assigned the CVE identifier CVE-2018-8780. Details Dir...

CVE-2018-8777: DoS by large request in WEBrick


5 months ago by ruby-lang.org on ruby-lang.org.
There is a out-of-memory DoS vulnerability with a large request in WEBrick bundled with Ruby. This vulnerability has been assigned the CVE identifier CVE-2018-8777...

CVE-2017-17742: HTTP response splitting in WEBrick


5 months ago by ruby-lang.org on ruby-lang.org.
There is an HTTP response splitting vulnerability in WEBrick bundled with Ruby. This vulnerability has been assigned the CVE identifier CVE-2017-17742.Details...

CVE-2018-8778: Buffer under-read in String#unpack


5 months ago by ruby-lang.org on ruby-lang.org.
There is a buffer under-read vulnerability in String#unpack method. This vulnerability has been assigned the CVE identifier CVE-2018-8778. Details String...