rubygem-rake vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the rubygem-rake package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free
VulnerabilityVulnerable Version
  • L
Resource Exhaustion

*
  • M
Buffer Over-read

*
  • M
Out-of-bounds Read

*
  • M
Arbitrary Code Injection

*
  • M
Improper Input Validation

*
  • M
Improper Input Validation

*
  • M
HTTP Response Splitting

*
  • M
Out-of-bounds Write

*
  • M
Out-of-bounds Read

*
  • M
Reliance on Cookies without Validation and Integrity Checking

*
  • M
Resource Exhaustion

*
  • M
Null Byte Interaction Error (Poison Null Byte)

<0:0.9.6-36.el7
  • H
Out-of-Bounds

<0:0.9.6-33.el7_4
  • H
Heap-based Buffer Overflow

<0:0.9.6-33.el7_4
  • H
Improper Input Validation

<0:0.9.6-33.el7_4
  • H
Information Exposure

<0:0.9.6-33.el7_4
  • M
Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')

<0:0.9.6-22.el7_0
  • M
Off-by-one Error

<0:0.9.6-22.el7_0
  • M
Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')

<0:0.9.6-22.el7_0
  • M
XML External Entity (XXE) Injection

*
  • M
HTTP Request Smuggling

*
  • M
Improper Input Validation

*
  • M
Directory Traversal

<0:0.9.6-36.el7
  • M
Null Byte Interaction Error (Poison Null Byte)

<0:0.9.6-36.el7
  • M
Resource Exhaustion

<0:0.9.6-36.el7
  • M
Out-of-bounds Read

*
  • M
Directory Traversal

<0:0.9.6-36.el7
  • M
Arbitrary Code Injection

*
  • L
HTTP Response Splitting

*
  • M
Resource Exhaustion

*
  • M
Null Byte Interaction Error (Poison Null Byte)

*
  • H
Improper Certificate Validation

<0:0.9.6-34.el7_6
  • M
Improper Input Validation

<0:0.9.6-36.el7
  • M
Improper Verification of Cryptographic Signature

<0:0.9.6-36.el7
  • M
Directory Traversal

<0:0.9.6-36.el7
  • M
Cross-site Scripting (XSS)

<0:0.9.6-36.el7
  • M
Deserialization of Untrusted Data

<0:0.9.6-36.el7
  • M
Loop with Unreachable Exit Condition ('Infinite Loop')

<0:0.9.6-36.el7
  • M
Improper Input Validation

<0:0.9.6-36.el7
  • M
Directory Traversal

<0:0.9.6-36.el7
  • H
Improper Input Validation

<0:0.9.6-35.el7_6
  • M
Out-of-bounds Write

*
  • M
Heap-based Buffer Overflow

*
  • M
Out-of-bounds Read

*
  • M
Out-of-bounds Write

*
  • M
Out-of-bounds Read

*
  • M
HTTP Response Splitting

<0:0.9.6-36.el7
  • H
Arbitrary Command Injection

<0:0.9.6-33.el7_4
  • H
Improper Input Validation

<0:0.9.6-33.el7_4
  • H
Arbitrary Argument Injection

<0:0.9.6-35.el7_6
  • H
Arbitrary Argument Injection

<0:0.9.6-35.el7_6
  • H
Arbitrary Argument Injection

<0:0.9.6-35.el7_6
  • H
Arbitrary Argument Injection

<0:0.9.6-35.el7_6
  • H
Improper Neutralization of Special Elements

<0:0.9.6-33.el7_4
  • H
Improper Neutralization of Special Elements

<0:0.9.6-33.el7_4
  • H
Improper Neutralization of Special Elements

<0:0.9.6-33.el7_4
  • H
Improper Output Neutralization for Logs

<0:0.9.6-33.el7_4
  • H
Improper Neutralization of Special Elements

<0:0.9.6-33.el7_4
  • M
Cleartext Transmission of Sensitive Information

*
  • M
Information Exposure

*
  • M
Arbitrary Command Injection

*
  • M
Inadequate Encryption Strength

*
  • M
Heap-based Buffer Overflow

*
  • M
Access of Resource Using Incompatible Type ('Type Confusion')

*
  • M
Off-by-one Error

*
  • L
Arbitrary Argument Injection

*
  • L
Privilege Defined With Unsafe Actions

*
  • M
Out-of-bounds Read

*
  • L
NULL Pointer Dereference

*
  • H
Improper Input Validation

*
  • M
Improper Validation of Certificate with Host Mismatch

*
  • L
Privilege Defined With Unsafe Actions

*