Exposição de Ruby
Programming languages17
score de exposição
103.485
sites usam
0
em exploração
0
críticos
CVEs
8 resultadosCVE-2017-0898—Ruby before 2.4.2, 2.3.5, and 2.2.8 is vulnerable to a malicious format string which contains a precious specifier (*) with a huge minus valEPSS 9.7%CVE-2016-2337—Type confusion exists in _cancel_eval Ruby's TclTkIp class method. Attacker passing different type of object than String as "retval" argumenEPSS 6.2%CVE-2016-2339—An exploitable heap overflow vulnerability exists in the Fiddle::Function.new "initialize" function functionality of Ruby. In Fiddle::FunctiEPSS 5.1%CVE-2016-2336—Type confusion exists in two methods of Ruby's WIN32OLE class, ole_invoke and ole_query_interface. Attacker passing different type of objectEPSS 3.3%CVE-2015-1855—verify_certificate_identity in the OpenSSL extension in Ruby before 2.0.0 patchlevel 645, 2.1.x before 2.1.6, and 2.2.x before 2.2.2 does noEPSS 2.8%CVE-2011-3624—Various methods in WEBrick::HTTPRequest in Ruby 1.9.2 and 1.8.7 and earlier do not validate the X-Forwarded-For, X-Forwarded-Host and X-ForwEPSS 1.5%CVE-2025-0306HIGHRuby: openssl: ruby marvin attackEPSS 0.6%CVE-2026-46727HIGHAn issue was discovered in Ruby 4 before 4.0.5. A race condition leading to a use-after-free in the pthread-based getaddrinfo timeout handleEPSS 0.5%
Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →