Skip to main content

Grape

2 CVEs product

Monthly

CVE-2018-3769 Ruby MEDIUM POC PATCH This Month

ruby-grape ruby gem suffers from a cross-site scripting (XSS) vulnerability via "format" parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS Grape
NVD GitHub
CVSS 3.1
6.1
EPSS
1.4%
CVE-2013-0175 Ruby HIGH PATCH This Week

multi_xml gem 0.5.2 for Ruby, as used in Grape before 0.2.6 and possibly other products, does not properly restrict casts of string values, which allows remote attackers to conduct object-injection. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service RCE Multi Xml Grape
NVD GitHub
CVSS 2.0
7.5
EPSS
1.3%
EPSS 1% CVSS 6.1
MEDIUM POC PATCH This Month

ruby-grape ruby gem suffers from a cross-site scripting (XSS) vulnerability via "format" parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS Grape
NVD GitHub
EPSS 1% CVSS 7.5
HIGH PATCH This Week

multi_xml gem 0.5.2 for Ruby, as used in Grape before 0.2.6 and possibly other products, does not properly restrict casts of string values, which allows remote attackers to conduct object-injection. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service RCE Multi Xml +1
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy