Skip to main content

Rubygems Org

4 CVEs product

Monthly

CVE-2024-21654 MEDIUM PATCH Monitor

Rubygems.org is the Ruby community's gem hosting service. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, no authentication required. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Authentication Bypass Rubygems Org
NVD GitHub
CVSS 3.1
4.8
EPSS
0.1%
CVE-2023-40165 HIGH PATCH This Week

rubygems.org is the Ruby community's primary gem (library) hosting service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Canonical Information Disclosure Rubygems Org
NVD GitHub
CVSS 3.1
7.5
EPSS
0.4%
CVE-2022-29218 HIGH POC This Week

RubyGems is a package registry used to supply software for the Ruby language ecosystem. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Rubygems Org
NVD GitHub
CVSS 3.1
7.5
EPSS
1.2%
CVE-2022-29176 HIGH This Week

Rubygems is a package registry used to supply software for the Ruby language ecosystem. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass Java Rubygems Org
NVD GitHub
CVSS 3.1
7.5
EPSS
1.8%
EPSS 0% CVSS 4.8
MEDIUM PATCH Monitor

Rubygems.org is the Ruby community's gem hosting service. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, no authentication required. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Authentication Bypass Rubygems Org
NVD GitHub
EPSS 0% CVSS 7.5
HIGH PATCH This Week

rubygems.org is the Ruby community's primary gem (library) hosting service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Canonical Information Disclosure Rubygems Org
NVD GitHub
EPSS 1% CVSS 7.5
HIGH POC This Week

RubyGems is a package registry used to supply software for the Ruby language ecosystem. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Rubygems Org
NVD GitHub
EPSS 2% CVSS 7.5
HIGH This Week

Rubygems is a package registry used to supply software for the Ruby language ecosystem. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass Java Rubygems Org
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy