pkg:maven/rubygems-update
Type
maven
Name
rubygems-update
Known advisories, vulnerabilities and fixes for rubygems-update package.
Critical
1
High
3
Moderate
3
Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
---|---|---|---|---|---|---|---|
Affected | < 2.7.6 |
CVE-2018-1000075
|
MAVEN:GHSA-74PV-V9GH-H25P | RubyGems Infinite Loop vulnerability | high |
2022-05-13T01:48:31
(2 years ago) |
|
Fixed | = 2.7.6 |
CVE-2018-1000075
|
MAVEN:GHSA-74PV-V9GH-H25P | RubyGems Infinite Loop vulnerability | high |
2022-05-13T01:48:31
(2 years ago) |
|
Affected | < 2.7.6 |
CVE-2018-1000078
|
MAVEN:GHSA-87QX-G5WG-MWMJ | RubyGems Cross-site Scripting vulnerability | moderate |
2022-05-14T01:01:09
(2 years ago) |
|
Fixed | = 2.7.6 |
CVE-2018-1000078
|
MAVEN:GHSA-87QX-G5WG-MWMJ | RubyGems Cross-site Scripting vulnerability | moderate |
2022-05-14T01:01:09
(2 years ago) |
|
Affected | < 2.7.6 |
CVE-2018-1000079
|
MAVEN:GHSA-8QXG-MFF5-J3WC | RubyGems Path Traversal vulnerability | moderate |
2022-05-14T01:54:40
(2 years ago) |
|
Fixed | = 2.7.6 |
CVE-2018-1000079
|
MAVEN:GHSA-8QXG-MFF5-J3WC | RubyGems Path Traversal vulnerability | moderate |
2022-05-14T01:54:40
(2 years ago) |
|
Affected | < 2.7.6 |
CVE-2018-1000077
|
MAVEN:GHSA-GV86-43RV-79M2 | RubyGems Improper Input Validation vulnerability | moderate |
2022-05-14T01:01:09
(2 years ago) |
|
Fixed | = 2.7.6 |
CVE-2018-1000077
|
MAVEN:GHSA-GV86-43RV-79M2 | RubyGems Improper Input Validation vulnerability | moderate |
2022-05-14T01:01:09
(2 years ago) |
|
Affected | < 2.7.6 |
CVE-2018-1000073
|
MAVEN:GHSA-GX69-6CP4-HXRJ | RubyGems Link Following vulnerability | high |
2022-05-13T01:18:44
(2 years ago) |
|
Fixed | = 2.7.6 |
CVE-2018-1000073
|
MAVEN:GHSA-GX69-6CP4-HXRJ | RubyGems Link Following vulnerability | high |
2022-05-13T01:18:44
(2 years ago) |
|
Affected | >= 2.2.0, < 2.7.6 |
CVE-2018-1000076
|
MAVEN:GHSA-MC6J-H948-V2P6 | RubyGems Improper Verification of Cryptographic Signature vulnerability | critical |
2022-05-14T01:01:12
(2 years ago) |
|
Fixed | = 2.7.6 |
CVE-2018-1000076
|
MAVEN:GHSA-MC6J-H948-V2P6 | RubyGems Improper Verification of Cryptographic Signature vulnerability | critical |
2022-05-14T01:01:12
(2 years ago) |
|
Affected | < 2.7.6 |
CVE-2018-1000074
|
MAVEN:GHSA-QJ2W-MW2R-PV39 | RubyGems Deserialization of Untrusted Data vulnerability | high |
2022-05-14T01:01:12
(2 years ago) |
|
Fixed | = 2.7.6 |
CVE-2018-1000074
|
MAVEN:GHSA-QJ2W-MW2R-PV39 | RubyGems Deserialization of Untrusted Data vulnerability | high |
2022-05-14T01:01:12
(2 years ago) |