| Bug | Description |
|---|
| CVE-2019-8325 | Escape sequence injection vulnerability in errors |
| CVE-2019-8324 | Installing a malicious gem may lead to arbitrary code execution |
| CVE-2019-8323 | Escape sequence injection vulnerability in API response handling |
| CVE-2019-8322 | Escape sequence injection vulnerability in gem owner |
| CVE-2019-8321 | Escape sequence injection vulnerability in verbose |
| CVE-2019-8320 | Delete directory using symlink when decompressing tar |
| CVE-2018-8780 | In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x b ... |
| CVE-2018-8779 | In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x b ... |
| CVE-2018-8778 | In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x b ... |
| CVE-2018-8777 | In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x b ... |
| CVE-2018-6914 | Directory traversal vulnerability in the Dir.mktmpdir method in the tm ... |
| CVE-2018-16396 | An issue was discovered in Ruby before 2.3.8, 2.4.x before 2.4.5, 2.5. ... |
| CVE-2018-16395 | An issue was discovered in the OpenSSL library in Ruby before 2.3.8, 2 ... |
| CVE-2018-1000079 | RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: ... |
| CVE-2018-1000078 | RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: ... |
| CVE-2018-1000077 | RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: ... |
| CVE-2018-1000076 | RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: ... |
| CVE-2018-1000075 | RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: ... |
| CVE-2018-1000074 | RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: ... |
| CVE-2018-1000073 | RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: ... |
| CVE-2017-17790 | The lazy_initialize function in lib/resolv.rb in Ruby through 2.4.3 us ... |
| CVE-2017-17742 | Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x befo ... |
| CVE-2017-17405 | Ruby before 2.4.3 allows Net::FTP command injection. Net::FTP#get, get ... |