Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo

Ruby Library

RubyGems

RubyGems is a package manager for the Ruby programming language that provides a standard format for distributing Ruby programs and libraries a tool designed to easily manage the installation of gems and a server for distributing them.

Official Site:

https://rubygems.org/

Severity Summary:

Critical: 3 High: 13 Medium: 9
Reference
Title
Severity
CVE-2018-1000076
RubyGems Improper Verification of Cryptographic Signature Vulnerability
Critical
CVE-2017-0899
RubyGems Improper Control of Generation of Code (Code Injection) Vulnerability
Critical
CVE-2017-0903
RubyGems Deserialization of Untrusted Data Vulnerability
Critical
CVE-2019-8323
RubyGems Improper Neutralization of Special Elements in Output Used by a Downstream Component (Injection) Vulnerability
High
CVE-2017-0900
RubyGems Improper Input Validation Vulnerability
High
CVE-2017-0901
RubyGems Improper Input Validation Vulnerability
High
CVE-2017-0902
RubyGems Origin Validation Error Vulnerability
High
CVE-2019-8322
RubyGems Improper Neutralization of Special Elements in Output Used by a Downstream Component (Injection) Vulnerability
High
CVE-2018-1000074
RubyGems Deserialization of Untrusted Data Vulnerability
High
CVE-2018-1000073
RubyGems Improper Link Resolution Before File Access (Link Following) Vulnerability
High
CVE-2018-1000075
RubyGems Loop with Unreachable Exit Condition (Infinite Loop) Vulnerability
High
CVE-2019-8320
RubyGems Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
High
CVE-2019-8324
RubyGems Improper Control of Generation of Code (Code Injection) Vulnerability
High
CVE-2019-8325
RubyGems Improper Neutralization of Special Elements in Output Used by a Downstream Component (Injection) Vulnerability
High
CVE-2019-8321
RubyGems Improper Neutralization of Argument Delimiters in a Command (Argument Injection) Vulnerability
High
CVE-2022-36073
RubyGems Improper Authentication Vulnerability
High
CVE-2018-1000077
RubyGems Improper Input Validation Vulnerability
Medium
CVE-2018-1000078
RubyGems Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2018-1000079
RubyGems Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
Medium
CVE-2015-4020
RubyGems Improper Input Validation Vulnerability
Medium
CVE-2015-3900
RubyGems 7PK - Security Features Vulnerability
Medium
CVE-2013-4363
RubyGems Cryptographic Issues Vulnerability
Medium
CVE-2013-4287
RubyGems Cryptographic Issues Vulnerability
Medium
CVE-2012-2126
RubyGems Cryptographic Issues Vulnerability
Medium
CVE-2012-2125
RubyGems Other Vulnerability
Medium