RubyGems - bundler-audit - Versions diffs - 0.4.0 → 0.5.0 - Mend

bundler-audit 0.4.0 → 0.5.0

Files changed (313) hide show

data/data/ruby-advisory-db/rubies/ruby/CVE-2008-1447.yml ADDED

@@ -0,0 +1,15 @@
+---
+engine: ruby
+cve: 2008-1447
+url: https://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/
+title: ruby -- DNS spoofing vulnerability in resolv.rb
+date: 2008-05-05
+description: |
+  resolv.rb allow remote attackers to spoof DNS answers. This risk can be
+  reduced by randomness of DNS transaction IDs and source ports, so
+  resolv.rb is fixed to randomize them.
+cvss_v2: 5.0
+patched_versions:
+  - ~> 1.8.6.287
+  - ~> 1.8.7.72
+  - ">= 1.9.0"

data/data/ruby-advisory-db/rubies/ruby/CVE-2008-1891.yml ADDED

@@ -0,0 +1,21 @@
+---
+engine: ruby
+cve: 2008-1891
+url: http://aluigi.altervista.org/adv/webrickcgi-adv.txt
+title: Directory traversal vulnerability in WEBrick
+date: 2008-04-15
+description: |
+  Directory traversal vulnerability in WEBrick in Ruby 1.8.4 and earlier, 1.8.5
+  before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0
+  before 1.9.0-2, when using NTFS or FAT filesystems, allows remote attackers
+  to read arbitrary CGI files via a trailing (1) + (plus), (2) %2b (encoded
+  plus), (3) . (dot), (4) %2e (encoded dot), or (5) %20 (encoded space)
+  character in the URI, possibly related to the
+  WEBrick::HTTPServlet::FileHandler and WEBrick::HTTPServer.new functionality
+  and the :DocumentRoot option.
+cvss_v2: 5.0
+patched_versions:
+  - ~> 1.8.5.231
+  - ~> 1.8.6.230
+  - ~> 1.8.7.22
+  - ">= 1.9.0.2"

data/data/ruby-advisory-db/rubies/ruby/CVE-2008-2376.yml ADDED

@@ -0,0 +1,18 @@
+---
+engine: ruby
+cve: 2008-2376
+url: http://www.openwall.com/lists/oss-security/2008/07/02/3
+title: More ruby integer overflows (rb_ary_fill / Array#fill)
+date: 2008-06-30
+description: |
+  Integer overflow in the rb_ary_fill function in array.c in Ruby before
+  revision 17756 allows context-dependent attackers to cause a denial of
+  service (crash) or possibly have unspecified other impact via a call to the
+  Array#fill method with a start (aka beg) argument greater than ARY_MAX_SIZE.
+  NOTE: this issue exists because of an incomplete fix for other closely
+  related integer overflows.
+cvss_v2: 7.5
+patched_versions:
+  - ~> 1.8.6.286
+  - ~> 1.8.7.71
+  - ">= 1.9.0"

data/data/ruby-advisory-db/rubies/ruby/CVE-2008-3443.yml ADDED

@@ -0,0 +1,17 @@
+---
+engine: ruby
+cve: 2008-3443
+url: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3443
+title: Ruby Memory allocation failure in Ruby regex engine (remotely exploitable DoS)
+date: 2008-08-14
+description: |
+  The regular expression engine (regex.c) in Ruby 1.8.5 and earlier, 1.8.6
+  through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 allows
+  remote attackers to cause a denial of service (infinite loop and crash) via
+  multiple long requests to a Ruby socket, related to memory allocation
+  failure, and as demonstrated against Webrick.
+cvss_v2: 5.0
+patched_versions:
+  - ~> 1.8.6.287
+  - ~> 1.8.7.72
+  - ">= 1.9.0"

data/data/ruby-advisory-db/rubies/ruby/CVE-2008-3655.yml ADDED

@@ -0,0 +1,18 @@
+---
+engine: ruby
+cve: 2008-3655
+url: https://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/
+title: Ruby multiple insufficient safe mode restrictions
+date: 2008-08-08
+description: |
+  Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71,
+  and 1.9 through r18423 does not properly restrict access to critical
+  variables and methods at various safe levels, which allows context-dependent
+  attackers to bypass intended access restrictions via (1) untrace_var, (2)
+  $PROGRAM_NAME, and (3) syslog at safe level 4, and (4) insecure methods at
+  safe levels 1 through 3.
+cvss_v2: 7.5
+patched_versions:
+  - ~> 1.8.6.287
+  - ~> 1.8.7.72
+  - ">= 1.9.0"

data/data/ruby-advisory-db/rubies/ruby/CVE-2008-3656.yml ADDED

@@ -0,0 +1,19 @@
+---
+engine: ruby
+cve: 2008-3656
+url: https://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/
+title: Ruby WEBrick::HTTP::DefaultFileHandler DoS
+date: 2008-08-08
+description: |
+  Algorithmic complexity vulnerability in the
+  WEBrick::HTTPUtils.split_header_value function in
+  WEBrick::HTTP::DefaultFileHandler in WEBrick in Ruby 1.8.5 and earlier, 1.8.6
+  through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 allows
+  context-dependent attackers to cause a denial of service (CPU consumption)
+  via a crafted HTTP request that is processed by a backtracking regular
+  expression.
+cvss_v2: 7.8
+patched_versions:
+  - ~> 1.8.6.287
+  - ~> 1.8.7.72
+  - ">= 1.9.0"

data/data/ruby-advisory-db/rubies/ruby/CVE-2008-3657.yml ADDED

@@ -0,0 +1,16 @@
+---
+engine: ruby
+cve: 2008-3657
+url: https://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/
+title: Ruby missing "taintness" checks in dl module
+date: 2008-08-08
+description: |
+  The dl module in Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7
+  through 1.8.7-p71, and 1.9 through r18423 does not check "taintness" of
+  inputs, which allows context-dependent attackers to bypass safe levels and
+  execute dangerous functions by accessing a library using DL.dlopen.
+cvss_v2: 7.5
+patched_versions:
+  - ~> 1.8.6.287
+  - ~> 1.8.7.72
+  - ">= 1.9.0"

data/data/ruby-advisory-db/rubies/ruby/CVE-2008-3905.yml ADDED

@@ -0,0 +1,17 @@
+---
+engine: ruby
+cve: 2008-3905
+url: https://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/
+title: ruby -- DNS spoofing vulnerability in resolv.rb
+date: 2008-05-05
+description: |
+  resolv.rb in Ruby 1.8.5 and earlier, 1.8.6 before 1.8.6-p287, 1.8.7 before
+  1.8.7-p72, and 1.9 r18423 and earlier uses sequential transaction IDs and
+  constant source ports for DNS requests, which makes it easier for remote
+  attackers to spoof DNS responses, a different vulnerability than
+  CVE-2008-1447.
+cvss_v2: 5.8
+patched_versions:
+  - ~> 1.8.6.287
+  - ~> 1.8.7.72
+  - ">= 1.9.0"

data/data/ruby-advisory-db/rubies/ruby/CVE-2009-0642.yml ADDED

@@ -0,0 +1,17 @@
+---
+engine: ruby
+cve: 2009-0642
+url: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=513528
+title: Ruby 'OCSP_basic_verify()' X.509 Certificate Verification Vulnerability
+date: 2009-01-29
+description: |
+  ext/openssl/ossl_ocsp.c in Ruby 1.8 and 1.9 does not properly check the
+  return value from the OCSP_basic_verify function, which might allow remote
+  attackers to successfully present an invalid X.509 certificate, possibly
+  involving a revoked certificate.
+cvss_v2: 6.8
+patched_versions:
+  - ~> 1.8.6.369
+  - ~> 1.8.7.173
+  - ~> 1.9.1.129
+  - ">= 1.9.2.preview.1"

data/data/ruby-advisory-db/rubies/ruby/CVE-2009-5147.yml ADDED

@@ -0,0 +1,13 @@
+---
+engine: ruby
+cve: 2009-5147
+url: https://www.ruby-lang.org/en/news/2009/05/12/ruby-1-9-1-p129-released/
+title: Ruby DL::dlopen could open a library with tainted library name even if $SAFE > 0
+date: 2009-05-12
+description: |
+  DL::dlopen could open a library with tainted library name even if $SAFE > 0
+unaffected_versions:
+  - "< 1.9.1"
+  - ">= 1.9.2"
+patched_versions:
+  - ~> 1.9.1.129

data/data/ruby-advisory-db/rubies/ruby/CVE-2011-0188.yml ADDED

@@ -0,0 +1,17 @@
+---
+engine: ruby
+cve: 2011-0188
+url: https://github.com/ruby/ruby/commit/f83651ac30c7c776dee8a6a401c654757cb8d1c2
+title: Ruby memory corruption in BigDecimal on 64bit platforms
+date: 2011-03-01
+description: |
+  The VpMemAlloc function in bigdecimal.c in the BigDecimal class in Ruby
+  1.9.2-p136 and earlier, as used on Apple Mac OS X before 10.6.7 and other
+  platforms, does not properly allocate memory, which allows context-dependent
+  attackers to execute arbitrary code or cause a denial of service (application
+  crash) via vectors involving creation of a large BigDecimal value within a
+  64-bit process, related to an "integer truncation issue."
+cvss_v2: 6.8
+patched_versions:
+  - ~> 1.8.7.370
+  - ">= 1.9.3.preview.1"

data/data/ruby-advisory-db/rubies/ruby/CVE-2011-2686.yml ADDED

@@ -0,0 +1,17 @@
+---
+engine: ruby
+cve: 2011-2686
+url: https://osdir.com/ml/lang-ruby-core/2011-01/msg00917.html
+title: Ruby Random Number Generation Local Denial Of Service Vulnerability
+date: 2011-07-02
+description: |
+  Ruby before 1.8.7-p352 does not reset the random seed upon forking, which
+  makes it easier for context-dependent attackers to predict the values of
+  random numbers by leveraging knowledge of the number sequence obtained in a
+  different child process, a related issue to CVE-2003-0900. NOTE: this issue
+  exists because of a regression during Ruby 1.8.6 development.
+cvss_v2: 5.0
+unaffected_versions:
+  - "< 1.8.6.399"
+patched_versions:
+  - ">= 1.8.7.352"

data/data/ruby-advisory-db/rubies/ruby/CVE-2011-2705.yml ADDED

@@ -0,0 +1,16 @@
+---
+engine: ruby
+cve: 2011-2705
+url: https://redmine.ruby-lang.org/issues/4579
+title: Ruby Random Number Generation Local Denial Of Service Vulnerability
+date: 2011-07-02
+description: |
+  The SecureRandom.random_bytes function in lib/securerandom.rb in Ruby before
+  1.8.7-p352 and 1.9.x before 1.9.2-p290 relies on PID values for
+  initialization, which makes it easier for context-dependent attackers to
+  predict the result string by leveraging knowledge of random strings obtained
+  in an earlier process with the same PID.
+cvss_v2: 5.0
+patched_versions:
+  - ~> 1.8.7.352
+  - ">= 1.9.2.290"

data/data/ruby-advisory-db/rubies/ruby/CVE-2011-3009.yml ADDED

@@ -0,0 +1,17 @@
+---
+engine: ruby
+cve: 2011-3009
+url: https://osdir.com/ml/lang-ruby-core/2011-01/msg00917.html
+title: |
+  Ruby Properly initialize the random number generator when forking new process
+date: 2011-07-02
+description: |
+  Ruby before 1.8.6-p114 does not reset the random seed upon forking, which
+  makes it easier for context-dependent attackers to predict the values of
+  random numbers by leveraging knowledge of the number sequence obtained in a
+  different child process, a related issue to CVE-2003-0900.
+cvss_v2: 5.0
+unaffected_versions:
+  - ">= 1.9.2"
+patched_versions:
+  - ">= 1.8.6.114"

data/data/ruby-advisory-db/rubies/ruby/CVE-2012-4464.yml ADDED

@@ -0,0 +1,17 @@
+---
+engine: ruby
+cve: 2012-4464
+url: https://www.ruby-lang.org/en/news/2012/10/12/cve-2012-4464-cve-2012-4466/
+title: Ruby Exception#to_s / NameError#to_s Methods Safe Level Security Bypass
+date: 2012-10-12
+description: |
+  Ruby 1.9.3 before patchlevel 286 and 2.0 before revision r37068 allows
+  context-dependent attackers to bypass safe-level restrictions and modify
+  untainted strings via the (1) exc_to_s or (2) name_err_to_s API function,
+  which marks the string as tainted, a different vulnerability than
+  CVE-2012-4466. NOTE: this issue might exist because of a CVE-2011-1005
+  regression.
+cvss_v2: 5.0
+patched_versions:
+  - ~> 1.8.7.371
+  - ">= 1.9.3.286"

data/data/ruby-advisory-db/rubies/ruby/CVE-2012-4466.yml ADDED

@@ -0,0 +1,16 @@
+---
+engine: ruby
+cve: 2012-4466
+url: https://www.ruby-lang.org/en/news/2012/10/12/cve-2012-4464-cve-2012-4466/
+title: Ruby name_err_mesg_to_str Method Safe Level Security Bypass
+date: 2012-10-12
+description: |
+  Ruby 1.8.7 before patchlevel 371, 1.9.3 before patchlevel 286, and 2.0 before
+  revision r37068 allows context-dependent attackers to bypass safe-level
+  restrictions and modify untainted strings via the name_err_mesg_to_str API
+  function, which marks the string as tainted, a different vulnerability than
+  CVE-2011-1005.
+cvss_v2: 5.0
+patched_versions:
+  - ~> 1.8.7.371
+  - ">= 1.9.3.286"

data/data/ruby-advisory-db/rubies/ruby/CVE-2012-4481.yml ADDED

@@ -0,0 +1,15 @@
+---
+engine: ruby
+cve: 2012-4481
+url: http://www.openwall.com/lists/oss-security/2012/10/05/2
+title: |
+  Ruby incomplete fix for CVE-2011-1005 for NameError#to_s method when used on
+  objects
+date: 2012-10-05
+description: |
+  The safe-level feature in Ruby 1.8.7 allows context-dependent attackers to
+  modify strings via the NameError#to_s method when operating on Ruby objects.
+  NOTE: this issue is due to an incomplete fix for CVE-2011-1005.
+cvss_v2: 4.3
+patched_versions:
+  - ">= 1.8.7.371"

data/data/ruby-advisory-db/rubies/ruby/CVE-2015-7551.yml ADDED

@@ -0,0 +1,19 @@
+---
+engine: ruby
+cve: 2015-7551
+url: https://www.ruby-lang.org/en/news/2015/12/16/unsafe-tainted-string-usage-in-fiddle-and-dl-cve-2015-7551/
+title: Unsafe tainted string usage in Fiddle and DL
+date: 2015-12-16
+description: |
+  There is an unsafe tainted string vulnerability in Fiddle and DL. This issue was
+  originally reported and fixed with CVE-2009-5147 in DL, but reappeared after DL
+  was reimplemented using Fiddle and libffi.
+  And, about DL, CVE-2009-5147 was fixed at Ruby 1.9.1, but not fixed at other
+  branches, then rubies which bundled DL except Ruby 1.9.1 are still vulnerable.
+patched_versions:
+  - ~> 2.0.0.648
+  - ~> 2.1.8
+  - ~> 2.2.4
+  - ">= 2.3.0"
+unaffected_versions:
+  - ~> 1.9.1.129

data/data/ruby-advisory-db/rubies/ruby/OSVDB-100113.yml ADDED

@@ -0,0 +1,17 @@
+---
+engine: ruby
+cve: 2013-4164
+osvdb: 100113
+url: http://www.osvdb.org/show/osvdb/100113
+title: Heap Overflow in Floating Point Parsing (CVE-2013-4164)
+date: 2013-11-22
+description: |
+  Heap-based buffer overflow in Ruby 1.8, 1.9 before 1.9.3-p484, 2.0 before 2.0.0-p353, 2.1 before
+  2.1.0 preview2, and trunk before revision 43780 allows context-dependent attackers to cause a
+  denial of service (segmentation fault) and possibly execute arbitrary code via a string that is
+  converted to a floating point value, as demonstrated using (1) the to_f method or (2) JSON.parse.
+cvss_v2: 6.8
+patched_versions:
+  - ~> 1.9.3.484
+  - ~> 2.0.0.353
+  - ">= 2.1.0.preview.2"

data/data/ruby-advisory-db/rubies/ruby/OSVDB-105027.yml ADDED

@@ -0,0 +1,20 @@
+---
+engine: ruby
+cve: 2014-2525
+osvdb: 105027
+url: http://www.osvdb.org/show/osvdb/105027
+title: |
+  LibYAML yaml_parser_scan_uri_escapes() Function Crafted Document Parsing Heap
+  Buffer Overflow
+date: 2014-03-26
+description: |
+  LibYAML contains an overflow condition in the yaml_parser_scan_uri_escapes()
+  function that is triggered as user-supplied input is not properly validated
+  when parsing a specially crafted YAML document. This may allow a
+  context-dependent attacker to cause a heap-based buffer overflow, resulting
+  in a denial of service or potentially allowing the execution of arbitrary
+  code in a program linked against the library.
+cvss_v2: 6.8
+patched_versions:
+  - ~> 2.0.0.481
+  - ">= 2.1.2"

data/data/ruby-advisory-db/rubies/ruby/OSVDB-107478.yml ADDED

@@ -0,0 +1,16 @@
+---
+engine: ruby
+cve: 2014-3916
+osvdb: 107478
+url: http://www.osvdb.org/show/osvdb/107478
+title: Ruby string.c str_buf_cat() Function Crafted String Handling Remote DoS
+date: 2014-04-07
+description: |
+  Ruby contains a flaw in the str_buf_cat() function in string.c that is
+  triggered when handling an overly long string. This may allow a remote
+  attacker to cause a denial of service.
+cvss_v2: 5.0
+patched_versions:
+  - ~> 2.0.0.576
+  - ~> 2.1.3
+  - ">= 2.2.0.preview.1"

data/data/ruby-advisory-db/rubies/ruby/OSVDB-108971.yml ADDED

@@ -0,0 +1,17 @@
+---
+engine: ruby
+cve: 2014-4975
+osvdb: 108971
+url: http://www.osvdb.org/show/osvdb/108971
+title: Ruby pack.c encodes() Function Remote Stack Buffer Overflow
+date: 2014-07-09
+description: |
+  Ruby contains an overflow condition in the encodes() function in pack.c. The
+  issue is triggered as user-supplied input is not properly validated when
+  allocating buffer lengths. This may allow a remote attacker to cause a
+  stack-based buffer overflow, resulting in a denial of service or potentially
+  allowing the execution of arbitrary code.
+cvss_v2: 5.0
+patched_versions:
+  - ~> 2.1.3
+  - ">= 2.2.0.preview.1"

data/data/ruby-advisory-db/rubies/ruby/OSVDB-113747.yml ADDED

@@ -0,0 +1,19 @@
+---
+engine: ruby
+cve: 2014-8080
+osvdb: 113747
+url: http://www.osvdb.org/show/osvdb/113747
+title: Ruby lib/rexml/entity.rb XML External Entity (XXE) Expansion Remote DoS
+date: 2014-10-27
+description: |
+  Ruby contains an XXE (Xml eXternal Entity) injection flaw in
+  lib/rexml/entity.rb that is triggered during the parsing of XML data. The
+  issue is due to an incorrectly configured XML parser accepting XML external
+  entities from an untrusted source. By sending specially crafted XML data, a
+  remote attacker can consume all available memory and cause a denial of
+  service.
+cvss_v2: 5.0
+patched_versions:
+  - ~> 1.9.3.550
+  - ~> 2.0.0.594
+  - ">= 2.1.4"

data/data/ruby-advisory-db/rubies/ruby/OSVDB-114641.yml ADDED

@@ -0,0 +1,22 @@
+---
+engine: ruby
+cve: 2014-8090
+osvdb: 114641
+url: http://www.osvdb.org/show/osvdb/114641
+title: |
+  Ruby lib/rexml/entity.rb NULL String Handling Recursive XML External Entity
+  (XXE) Expansion Resource Consumption Remote DoS
+date: 2014-11-13
+description: |
+  Ruby contains an XXE (Xml eXternal Entity) injection flaw in the
+  lib/rexml/entity.rb that is triggered during the parsing of XML data when
+  handling recursive expansions in NULL strings. The issue is due to an
+  incorrectly configured XML parser accepting XML external entities from an
+  untrusted source. By sending specially crafted XML data, a remote attacker
+  can cause a consumption of system resources and a denial of service.
+cvss_v2: 5.0
+patched_versions:
+  - ~> 1.9.3.551
+  - ~> 2.0.0.598
+  - ">= 2.1.5"