Skip to main content

Rdoc

2 CVEs product

Monthly

CVE-2021-31799 Ruby HIGH PATCH This Week

In RDoc 3.11 through 6.x before 6.3.1, as distributed with Ruby through 3.0.1, it is possible to execute arbitrary code via | and tags in a filename. Rated high severity (CVSS 7.0). This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

RCE Command Injection Debian Linux Rdoc Jd Edwards Enterpriseone Tools
NVD
CVSS 3.1
7.0
EPSS
1.5%
CVE-2013-0256 Ruby MEDIUM PATCH This Month

darkfish.js in RDoc 2.3.0 through 3.12 and 4.x before 4.0.0.preview2.1, as used in Ruby, does not properly generate documents, which allows remote attackers to conduct cross-site scripting (XSS). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

XSS Rdoc Ruby Ubuntu Linux
NVD GitHub
CVSS 2.0
4.3
EPSS
3.6%
EPSS 1% CVSS 7.0
HIGH PATCH This Week

In RDoc 3.11 through 6.x before 6.3.1, as distributed with Ruby through 3.0.1, it is possible to execute arbitrary code via | and tags in a filename. Rated high severity (CVSS 7.0). This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

RCE Command Injection Debian Linux +2
NVD
EPSS 4% CVSS 4.3
MEDIUM PATCH This Month

darkfish.js in RDoc 2.3.0 through 3.12 and 4.x before 4.0.0.preview2.1, as used in Ruby, does not properly generate documents, which allows remote attackers to conduct cross-site scripting (XSS). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

XSS Rdoc Ruby +1
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy