Search CVE reports
91 – 100 of 104 results
CVE-2008-3443
Medium prioritySome fixes available 5 of 9
The regular expression engine (regex.c) in Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 allows remote attackers to cause a denial of service (infinite loop and crash)...
2 affected packages
ruby1.8, ruby1.9
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
ruby1.8 | — | — | — | — | — |
ruby1.9 | — | — | — | — | — |
CVE-2008-3657
Medium prioritySome fixes available 8 of 12
The dl module in Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 does not check "taintness" of inputs, which allows context-dependent attackers to bypass safe levels and execute...
2 affected packages
ruby1.8, ruby1.9
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
ruby1.8 | — | — | — | — | — |
ruby1.9 | — | — | — | — | — |
CVE-2008-3656
Medium prioritySome fixes available 8 of 12
Algorithmic complexity vulnerability in the WEBrick::HTTPUtils.split_header_value function in WEBrick::HTTP::DefaultFileHandler in WEBrick in Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9...
2 affected packages
ruby1.8, ruby1.9
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
ruby1.8 | — | — | — | — | — |
ruby1.9 | — | — | — | — | — |
CVE-2008-3655
Low prioritySome fixes available 8 of 12
Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 does not properly restrict access to critical variables and methods at various safe levels, which allows context-dependent attackers...
2 affected packages
ruby1.8, ruby1.9
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
ruby1.8 | — | — | — | — | — |
ruby1.9 | — | — | — | — | — |
CVE-2008-2376
Low prioritySome fixes available 8 of 12
Integer overflow in the rb_ary_fill function in array.c in Ruby before revision 17756 allows context-dependent attackers to cause a denial of service (crash) or possibly have unspecified other impact via a call to the Array#fill...
2 affected packages
ruby1.8, ruby1.9
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
ruby1.8 | — | — | — | — | — |
ruby1.9 | — | — | — | — | — |
CVE-2008-2726
Medium prioritySome fixes available 8 of 12
Integer overflow in the (1) rb_ary_splice function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2; and (2) the rb_ary_replace function in 1.6.x allows...
2 affected packages
ruby1.8, ruby1.9
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
ruby1.8 | — | — | — | — | — |
ruby1.9 | — | — | — | — | — |
CVE-2008-2725
Medium prioritySome fixes available 8 of 12
Integer overflow in the (1) rb_ary_splice function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, and 1.8.7 before 1.8.7-p22; and (2) the rb_ary_replace function in 1.6.x allows context-dependent...
2 affected packages
ruby1.8, ruby1.9
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
ruby1.8 | — | — | — | — | — |
ruby1.9 | — | — | — | — | — |
CVE-2008-2664
Medium prioritySome fixes available 8 of 12
The rb_str_format function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2 allows context-dependent attackers to trigger memory corruption via...
2 affected packages
ruby1.8, ruby1.9
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
ruby1.8 | — | — | — | — | — |
ruby1.9 | — | — | — | — | — |
CVE-2008-2663
Medium prioritySome fixes available 8 of 12
Multiple integer overflows in the rb_ary_store function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, and 1.8.7 before 1.8.7-p22 allow context-dependent attackers to execute arbitrary code or cause a...
2 affected packages
ruby1.8, ruby1.9
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
ruby1.8 | — | — | — | — | — |
ruby1.9 | — | — | — | — | — |
CVE-2008-2662
Medium prioritySome fixes available 8 of 12
Multiple integer overflows in the rb_str_buf_append function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2 allow context-dependent attackers...
2 affected packages
ruby1.8, ruby1.9
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
ruby1.8 | — | — | — | — | — |
ruby1.9 | — | — | — | — | — |