1. Home
  2. Packages
  3. maven
  4. rubygems-update

pkg:maven/rubygems-update

Type maven
Name rubygems-update

Known advisories, vulnerabilities and fixes for rubygems-update package.

Critical 1
High 3
Moderate 3
Type Version Distribution # CVEs # Advisory ID Title Severity Published
Affected < 2.7.6 CVE-2018-1000075
maven MAVEN:GHSA-74PV-V9GH-H25P RubyGems Infinite Loop vulnerability high 2022-05-13T01:48:31
(2 years ago)
Fixed = 2.7.6 CVE-2018-1000075
maven MAVEN:GHSA-74PV-V9GH-H25P RubyGems Infinite Loop vulnerability high 2022-05-13T01:48:31
(2 years ago)
Affected < 2.7.6 CVE-2018-1000078
maven MAVEN:GHSA-87QX-G5WG-MWMJ RubyGems Cross-site Scripting vulnerability moderate 2022-05-14T01:01:09
(2 years ago)
Fixed = 2.7.6 CVE-2018-1000078
maven MAVEN:GHSA-87QX-G5WG-MWMJ RubyGems Cross-site Scripting vulnerability moderate 2022-05-14T01:01:09
(2 years ago)
Affected < 2.7.6 CVE-2018-1000079
maven MAVEN:GHSA-8QXG-MFF5-J3WC RubyGems Path Traversal vulnerability moderate 2022-05-14T01:54:40
(2 years ago)
Fixed = 2.7.6 CVE-2018-1000079
maven MAVEN:GHSA-8QXG-MFF5-J3WC RubyGems Path Traversal vulnerability moderate 2022-05-14T01:54:40
(2 years ago)
Affected < 2.7.6 CVE-2018-1000077
maven MAVEN:GHSA-GV86-43RV-79M2 RubyGems Improper Input Validation vulnerability moderate 2022-05-14T01:01:09
(2 years ago)
Fixed = 2.7.6 CVE-2018-1000077
maven MAVEN:GHSA-GV86-43RV-79M2 RubyGems Improper Input Validation vulnerability moderate 2022-05-14T01:01:09
(2 years ago)
Affected < 2.7.6 CVE-2018-1000073
maven MAVEN:GHSA-GX69-6CP4-HXRJ RubyGems Link Following vulnerability high 2022-05-13T01:18:44
(2 years ago)
Fixed = 2.7.6 CVE-2018-1000073
maven MAVEN:GHSA-GX69-6CP4-HXRJ RubyGems Link Following vulnerability high 2022-05-13T01:18:44
(2 years ago)
Affected >= 2.2.0, < 2.7.6 CVE-2018-1000076
maven MAVEN:GHSA-MC6J-H948-V2P6 RubyGems Improper Verification of Cryptographic Signature vulnerability critical 2022-05-14T01:01:12
(2 years ago)
Fixed = 2.7.6 CVE-2018-1000076
maven MAVEN:GHSA-MC6J-H948-V2P6 RubyGems Improper Verification of Cryptographic Signature vulnerability critical 2022-05-14T01:01:12
(2 years ago)
Affected < 2.7.6 CVE-2018-1000074
maven MAVEN:GHSA-QJ2W-MW2R-PV39 RubyGems Deserialization of Untrusted Data vulnerability high 2022-05-14T01:01:12
(2 years ago)
Fixed = 2.7.6 CVE-2018-1000074
maven MAVEN:GHSA-QJ2W-MW2R-PV39 RubyGems Deserialization of Untrusted Data vulnerability high 2022-05-14T01:01:12
(2 years ago)