pkg:Debian/jruby

All known vulnerabilities

• CRITICAL9.8CVE-2018-1000076RubyGems Improper Verification of Cryptographic Signature vulnerability
  from 0, < 9.1.17.0-1
• HIGH8.8CVE-2019-8324Code injection in RubyGems
  from 0, < 9.1.17.0-3
• HIGH8.1CVE-2019-16255Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 allows code injection if the first argument (aka the "command" argument) t…
  from 0, < 9.3.9.0+ds-1
• HIGH7.8CVE-2018-1000074jruby - security update
  from 0, < 9.1.17.0-1
• HIGH7.8CVE-2018-1000074jruby - security update
  from 0, < 1.5.6-9+deb8u1
• HIGH7.8CVE-2018-1000074jruby - security update
  from 0, < 1.5.6-5+deb7u2
• HIGH7.5CVE-2023-28755Ruby URI component ReDoS issue
  from 0
• HIGH7.5CVE-2023-28756Ruby Time component ReDoS issue
  from 0
• HIGH7.5CVE-2020-25613WEBRick vulnerable to HTTP Request/Response Smuggling
  from 0, < 1.7.26-1+deb9u3
• HIGH7.5CVE-2020-25613WEBRick vulnerable to HTTP Request/Response Smuggling
  from 0, < 9.3.9.0+ds-1
• HIGH7.5CVE-2018-1000075jruby - security update
  from 0, < 1.5.6-5+deb7u1
• HIGH7.5CVE-2018-1000075jruby - security update
  from 0, < 9.1.17.0-1
• HIGH7.5CVE-2018-1000073jruby - security update
  from 0, < 9.1.17.0-2.1
• HIGH7.5CVE-2018-1000073jruby - security update
  from 0, < 1.7.26-1+deb9u1
• HIGH7.5CVE-2019-16201WEBrick::HTTPAuth::DigestAuth in Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 has a regular expression Denial of Servic…
  from 0, < 9.3.9.0+ds-1
• HIGH7.5CVE-2019-8325RubyGems Escape sequence injection in errors
  from 0, < 9.1.17.0-3
• HIGH7.5CVE-2019-8321RubyGems Escape sequence injection vulnerability in verbose
  from 0, < 9.1.17.0-3
• HIGH7.5CVE-2019-8322RubyGems Escape sequence injection vulnerability in gem owner
  from 0, < 9.1.17.0-3
• HIGH7.5CVE-2019-8323RubyGems Escape sequence injection vulnerability in api response handling
  from 0, < 9.1.17.0-3
• HIGH7.4CVE-2021-32066An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1.
  from 0, < 9.3.9.0+ds-1
• HIGH7.4CVE-2019-8320ruby2.3 - security update
  from 0, < 9.1.17.0-3
• MEDIUM6.1CVE-2018-1000078RubyGems Cross-site Scripting vulnerability
  from 0, < 9.1.17.0-1
• MEDIUM5.8CVE-2021-31810An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1.
  from 0, < 9.3.9.0+ds-1
• MEDIUM5.5CVE-2018-1000079RubyGems Path Traversal vulnerability
  from 0, < 9.1.17.0-1
• MEDIUM5.3CVE-2018-1000077RubyGems Improper Input Validation vulnerability
  from 0, < 9.1.17.0-1
• MEDIUM5.3CVE-2019-16254Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 allows HTTP Response Splitting.
  from 0, < 9.3.9.0+ds-1
• MEDIUM5.3CVE-2017-17742jruby - security update
  from 0, < 1.7.26-1+deb9u2
• MEDIUM5.3CVE-2017-17742jruby - security update
  from 0, < 9.3.9.0+ds-1
• MEDIUM5.3CVE-2017-17742jruby - security update
  from 0, < 1.5.6-9+deb8u2
• MEDIUM5.3CVE-2017-17742jruby - security update
  from 0, < 9.1.17.0-3+deb10u1
• —CVE-2012-5370JRuby denial of service via Hash Collision
  from 0, < 1.5.6-5
• —CVE-2015-3900RubyGems vulnerable to DNS hijack attack
  from 0, < 1.7.20.1-2
• —CVE-2010-1330Cross-site Scripting in in JRuby
  from 0, < 1.5.0~rc1-1
• —CVE-2011-4838jruby - security update
  from 0, < 1.5.1-1+deb6u1
• —CVE-2011-4838jruby - security update
  from 0, < 1.5.6-4