Vulnerabilities > Yukihiro Matsumoto > Ruby > 1.8.3
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-12-06 | CVE-2006-6303 | Resource Management Errors vulnerability in Yukihiro Matsumoto Ruby The read_multipart function in cgi.rb in Ruby before 1.8.5-p2 does not properly detect boundaries in MIME multipart content, which allows remote attackers to cause a denial of service (infinite loop) via crafted HTTP requests, a different issue than CVE-2006-5467. | 5.0 |
2006-07-21 | CVE-2006-3694 | SAFE Level Restriction Bypass vulnerability in Yukihiro Matsumoto Ruby 1.8.2/1.8.3/1.8.4 Multiple unspecified vulnerabilities in Ruby before 1.8.5 allow remote attackers to bypass "safe level" checks via unspecified vectors involving (1) the alias function and (2) "directory operations". | 6.4 |