Software
Rubygems Rubygems.orgrubygems.org MFA Bypass through password reset function could allow account takeover
Rubygems Rubygems.orgUnauthorized gem replacement for full names ending in numbers on rubygems.org
Rubygems RubygemsRubyGems allows creation of users with arbitrary unverified emails
Rubygems Rubygems.orgUnauthorized takeover for new versions of some platform-specific gems
Rubygems Rubygems.orgUnauthorized gem takeover for some gems on rubygems.org
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
rubygems/rubygems-updateAn issue was discovered in RubyGems 2.6 and later through 3.0.2. Since Gem::CommandManager#run calls…
rubygems/rubygems-updateAn issue was discovered in RubyGems 2.6 and later through 3.0.2. Gem::GemcutterUtilities#with_respon…
openSUSE LeapAn issue was discovered in RubyGems 2.6 and later through 3.0.2. The gem owner command outputs the c…
rubygems/rubygems-updateAn issue was discovered in RubyGems 2.6 and later through 3.0.2. Since Gem::UserInteraction#verbose …
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Canonical Ubuntu LinuxInput Validation, Path Traversal
Rubygems RubygemsRubyGems 2.0.x before 2.0.16, 2.2.x before 2.2.4, and 2.4.x before 2.4.7 does not validate the hostn…
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Rubygems RubygemsAlgorithmic complexity vulnerability in Gem::Version::ANCHORED_VERSION_PATTERN in lib/rubygems/versi…
Rubygems RubygemsAlgorithmic complexity vulnerability in Gem::Version::VERSION_PATTERN in lib/rubygems/version.rb in …
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Rubygems RubygemsRubyGems before 1.8.23 can redirect HTTPS connections to HTTP, which makes it easier for remote atta…
Rubygems RubygemsRubyGems before 1.8.23 does not verify an SSL certificate, which allows remote attackers to modify a…
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.