RubyGems version 2.6.12 and earlier fails to validate specification names, allowing a malicious…

RubyGems versions between 2.0.0 and 2.6.13 are vulnerable to a possible remote code execution v…

RubyGems version 2.6.12 and earlier is vulnerable to maliciously crafted gem specifications tha…

RubyGems 2.0.x before 2.0.16, 2.2.x before 2.2.4, and 2.4.x before 2.4.7 does not validate the …

RubyGems version 2.6.12 and earlier is vulnerable to maliciously crafted gem specifications to …

Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-previ…

WEBrick::HTTPAuth::DigestAuth in Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6…

RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2…

RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2…

RubyGems version 2.6.12 and earlier is vulnerable to a DNS hijacking vulnerability that allows …

Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 allows HTTP Response Splitting…

JRuby before 1.6.5.1 computes hash values without restricting the ability to trigger hash colli…

Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 allows code injection if the f…

A Directory Traversal issue was discovered in RubyGems 2.7.6 and later through 3.0.2. Before ma…

RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2…

RubyGems 2.0.x before 2.0.17, 2.2.x before 2.2.5, and 2.4.x before 2.4.8 does not validate the …

An issue was discovered in RubyGems 2.6 and later through 3.0.2. Since Gem::CommandManager#run …

An issue was discovered in RubyGems 2.6 and later through 3.0.2. Gem::GemcutterUtilities#with_r…

An issue was discovered in RubyGems 2.6 and later through 3.0.2. The gem owner command outputs …

An issue was discovered in RubyGems 2.6 and later through 3.0.2. Since Gem::UserInteraction#ver…

Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 mishandles path checking withi…

An issue was discovered in RubyGems 2.6 and later through 3.0.2. A crafted gem with a multi-lin…

RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2…

RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2…

RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2…

RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2…

A ReDoS issue was discovered in the URI component through 0.12.0 in Ruby through 3.2.1. The URI…

RubyGems before 1.8.23 can redirect HTTPS connections to HTTP, which makes it easier for remote…

A ReDoS issue was discovered in the Time component through 0.2.1 in Ruby through 3.2.1. The Tim…

The cgi gem before 0.1.0.2, 0.2.x before 0.2.2, and 0.3.x before 0.3.5 for Ruby allows HTTP res…

JRuby computes hash values without properly restricting the ability to trigger hash collisions …

REXML is an XML toolkit for Ruby. The REXML gem before 3.2.6 has a denial of service vulnerabi…

An issue was discovered in RDoc 6.3.3 through 6.6.2, as distributed in Ruby 3.x through 3.3.0. …

A ReDoS issue was discovered in the URI component before 0.12.2 for Ruby. The URI parser mishan…

REXML is an XML toolkit for Ruby. The REXML gem before 3.3.9 has a ReDoS vulnerability when it …

REXML is an XML toolkit for Ruby. The REXML gem before 3.3.1 has some DoS vulnerabilities when…

RubyGems before 1.8.23 does not verify an SSL certificate, which allows remote attackers to mod…

REXML is an XML toolkit for Ruby. The REXML gem before 3.3.2 has some DoS vulnerabilities when …

REXML is an XML toolkit for Ruby. The REXML gem 3.3.2 has a DoS vulnerability when it parses an…

In the CGI gem before 0.4.2 for Ruby, the CGI::Cookie.parse method in the CGI library contains …