Homepage

ruby vulnerabilities

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the https://cache.ruby-lang.org|ruby package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free
VulnerabilityVulnerable Version
  • C
Covert Timing Channel

[0,)
  • H
Privilege Escalation

[1.9.1-preview1,1.9.1-p429)
  • H
Denial of Service (DoS)

[0,)
  • M
Heap-based Buffer Overflow

[,1.9.1-p376)
  • L
Directory Traversal

[,1.8.6-p114)
  • H
Denial of Service (DoS)

[,1.8.6.230]
  • H
Information Exposure

[2.2.0,2.2.10)[2.3.0,2.3.7)[2.4.0,2.4.4)[2.5.0,2.5.1)
  • M
Denial of Service (DoS)

[1.8.6,1.8.7]
  • M
CVE-2004-0755

[,1.8.1)
  • H
Improper Input Validation

[,1.6)
  • H
Resource Management Errors

[,1.8.4](1.8.5,1.8.5.231)[1.8.6,1.8.6.230)[1.8.7,1.8.7.22)[1.9.0,1.9.0.2)
  • M
Improper Authentication

[1.8,1.9]
  • H
HTTP Request Smuggling

[,2.5.9)[2.6.0,2.6.7)[2.7.0,2.7.2)
  • H
Access Restriction Bypass

[,1.8.6)
  • C
Insecure Encryption

[1.8.7.334,1.9.3)
  • H
Symlink Attack

[1.8.6,1.9.3]
  • M
Arbitrary Code Injection

[1.8.7,1.9.2]
  • M
CVE-2019-15845

[2.4.0,2.4.8)[2.5.0,2.5.7)[2.6.0,2.6.5)
  • M
Information Exposure

[2.5.0,2.5.8)[2.6.0,2.6.6)
  • M
Improper Input Validation

[2.1.0,2.1.6)[2.2.0,2.2.2)
  • M
Denial of Service (DoS)

[,1.8.2)
  • M
Denial of Service (DoS)

[,1.9.3)
  • M
Improper Input Validation

[1.8.6,1.9.2]
  • M
HTTP Response Splitting

[2.2.0,2.2.10)[2.3.0,2.3.7)[2.4.0,2.4.4)[2.5.0,2.5.1)
  • H
Arbitrary Code Injection

[,2.3.1)[2.4.0,2.4.8)[2.5.0,2.5.7)[2.6.0,2.6.5)
  • M
Access Restriction Bypass

[,1.8.7]
  • M
Improper Authentication

[,1.8.5][1.8.5,1.8.6][1.8.6,1.8.7][1.8.7,1.9.0.3)
  • M
Resource Management Errors

[,1.8.5)
  • M
Improper Input Validation

[,1.8.7.52)
  • M
Access Restriction Bypass

[,1.9.3)
  • M
Access Restriction Bypass

[,1.8.7p371)[1.9.3286,1.9.3p286)
  • M
Improper Input Validation

[,1.9.3)
  • H
Improper Input Validation

[,1.8.6)
  • C
Out-of-Bounds

[,2.2.8)
  • C
Arbitrary Code Execution

[2.2.2,2.3.0]
  • M
Cryptographic Issues

[,1.9.3)
  • H
CVE-2005-1992

[,1.8]
  • H
Resource Management Errors

[,1.8.6)
  • M
Cryptographic Issues

[,1.8.7.52)
  • M
Denial of Service (DoS)

[,1.6)
  • H
Improper Input Validation

[,2.4.0]
  • C
Use of Externally-Controlled Format String

[,2.2.8)[2.3.0,2.3.5)[2.4.0,2.4.2)
  • C
Directory Traversal

[,2.2.10)[2.3.0,2.3.7)[2.4.0,2.4.4)[2.5.0,2.5.1)
  • M
Resource Management Errors

[1.6.8,1.9.0]
  • M
Denial of Service (DoS)

[,1.6.8)[1.8.0,1.8.2)
  • M
CRLF Injection

[,2.4.1)
  • M
Improper Authentication

[1.8.5,1.8.6]
  • H
Improper Input Validation

[,2.0.0-p648)[2.1.0,2.1.8)[2.2.0,2.2.4)
  • H
Improper Input Validation

[,1.6)
  • H
Regular Expression Denial of Service (ReDoS)

[1.8.1,1.8.5]
  • M
Access Restriction Bypass

[0,1.9.3p286)
  • M
Denial of Service (DoS)

[,1.9.3)
  • H
Improper Input Validation

[2.2.0,2.2.10)[2.3.0,2.3.7)[2.4.0,2.4.4)[2.5.0,2.5.1)
  • M
Out-of-Bounds

[,1.9.3-p484)[2.0.0353,2.0.0-p353)
  • M
Access Restriction Bypass

[1.8.6,1.8.8]
  • H
Arbitrary Code Execution

[1.6,1.8.2_pre2]
  • M
Resource Management Errors

[,1.8]
  • M
CVE-2006-3694

[,1.8.5)
  • H
Improper Authentication

[,2.2.8)
  • H
Resource Management Errors

[,1.9.2.0)
  • H
Security Features

[2.3.0,2.3.8)[2.4.0,2.4.5)[2.5.0,2.5.2)
  • M
Directory Traversal

[,1.9.0.3)
  • M
Access Restriction Bypass

[0,1.9.3p286)
  • M
Cryptographic Issues

[,1.8.7-p374)[1.9.3448,1.9.3-p448)[2.0.0247,2.0.0-p247)
  • M
Security Features

[,2.0.16)[2.2.0,2.2.4)[2.4.0,2.4.7)
  • M
Information Exposure

[,2.6.8)[2.7.0,2.7.4)[3.0.0,3.0.2)
  • H
Denial of Service (DoS)

[2.2.0,2.2.10)[2.3.0,2.3.7)[2.4.0,2.4.4)[2.5.0,2.5.1)
  • H
Improper Authentication

[2.4.0,2.4.8)[2.5.0,2.5.7)[2.6.0,2.6.5)
  • C
Out-of-Bounds

[2.2.2,2.3.0]
  • M
Cryptographic Issues

[,1.8.23.2)[1.8.0,1.8.27)[2.0.0,2.0.10)[2.1.0,2.1.5)
  • C
Integer Overflow or Wraparound

[,1.8.4](1.8.5,1.8.5.231)[1.8.6,1.8.6.230)[1.8.7,1.8.7.22)
  • H
Denial of Service (DoS)

[,1.8.4][1.8.5,1.8.5.231)[1.8.6,1.8.6.230)[1.8.7,1.8.7.22)
  • H
Command Injection

[2.2,2.2.9)[2.3,2.3.6)[2.4,2.4.3)
  • H
Directory Traversal

[2.2.0,2.2.10)[2.3.0,2.3.7)[2.4.0,2.4.4)[2.5.0,2.5.1)
  • C
Arbitrary Code Injection

[2.2,2.2.9)[2.3,2.3.6)[2.4,2.4.3)
  • H
XML External Entity (XXE) Injection

[,2.6.7)[2.7.0,2.7.3)[3.0.0,3.0.1)
  • H
Insecure Encryption

[2.6.0,2.6.8)[2.7.0,2.7.4)[3.0.0,3.0.2)
  • M
Improper Input Validation

[1.8.6,1.9]
  • M
Out-of-Bounds

[,1.9.3)
  • M
Cryptographic Issues

[,1.8.23.1)[1.8.0,1.8.26)[2.0.0,2.0.8)
  • M
Cross-site Scripting (XSS)

[,3.9.5)[3.12.0,3.12.1)
  • M
Arbitrary Code Injection

[,2.3.1)[2.4.0,2.4.8)[2.5.0,2.5.7)[2.6.0,2.6.5)
  • H
Denial of Service (DoS)

[,1.8.4][1.8.5,1.8.5.231)[1.8.6,1.8.6.230)[1.8.7,1.8.7.22)[1.9.0,1.9.0.2)
  • H
Remote Code Execution (RCE)

[2.4.0,2.4.8)[2.5.0,2.5.7)[2.6.0,2.6.5)
  • H
Out-of-Bounds

[,2.2.8)[2.3.0,2.3.5)
  • M
Improper Authentication

[1.8.5,1.8.6]
  • C
Arbitrary Code Execution

[2.2.2,2.3.0]
  • C
Denial of Service (DoS)

[,1.8.4](1.8.5,1.8.5.231)[1.8.6,1.8.6.230)[1.8.7,1.8.7.22)[1.9.0,1.9.0.2)
  • H
Directory Traversal

[,3.0.1)
  • C
Out-of-bounds Read

[,2.4.1]
  • C
Improper Data Handling

[2.3.0,2.3.8)[2.4.0,2.4.5)[2.5.0,2.5.2)