Vulnerabilities > Ruby Lang > Ruby > 2.0.0.481
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-09-19 | CVE-2017-10784 | Improper Authentication vulnerability in Ruby-Lang Ruby The Basic authentication code in WEBrick library in Ruby before 2.2.8, 2.3.x before 2.3.5, and 2.4.x through 2.4.1 allows remote attackers to inject terminal emulator escape sequences into its log and possibly execute arbitrary commands via a crafted user name. | 8.8 |
| 2017-08-31 | CVE-2017-14064 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Ruby through 2.2.7, 2.3.x through 2.3.4, and 2.4.x through 2.4.1 can expose arbitrary memory during a JSON.generate call. | 9.8 |