Debian Jruby vulnerabilities

CVE-2023-28755 [MEDIUM] CVE-2023-28755: jruby - A ReDoS issue was discovered in the URI component through 0.12.0 in Ruby through... A ReDoS issue was discovered in the URI component through 0.12.0 in Ruby through 3.2.1. The URI parser mishandles invalid URLs that have specific characters. It causes an increase in execution time for parsing strings to URI objects. The fixed versions are 0.12.1, 0.11.1, 0.10.2 and 0.10.0.1. Scope: local bookworm: open forky: resolved (fixed in 9.4.5.0+ds-1) sid: r

CVE-2023-28756 [MEDIUM] CVE-2023-28756: jruby - A ReDoS issue was discovered in the Time component through 0.2.1 in Ruby through... A ReDoS issue was discovered in the Time component through 0.2.1 in Ruby through 3.2.1. The Time parser mishandles invalid URLs that have specific characters. It causes an increase in execution time for parsing strings to Time objects. The fixed versions are 0.1.1 and 0.2.2. Scope: local bookworm: open forky: resolved (fixed in 9.4.5.0+ds-1) sid: resolved (fixed in

CVE-2023-36617 [MEDIUM] CVE-2023-36617: jruby - A ReDoS issue was discovered in the URI component before 0.12.2 for Ruby. The UR... A ReDoS issue was discovered in the URI component before 0.12.2 for Ruby. The URI parser mishandles invalid URLs that have specific characters. There is an increase in execution time for parsing strings to URI objects with rfc2396_parser.rb and rfc3986_parser.rb. NOTE: this issue exists becuse of an incomplete fix for CVE-2023-28755. Version 0.10.3 is also a fixed v

CVE-2021-32066 [HIGH] CVE-2021-32066: jruby - An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x thro... An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. Net::IMAP does not raise an exception when StartTLS fails with an an unknown response, which might allow man-in-the-middle attackers to bypass the TLS protections by leveraging a network position between the client and the registry to block the StartTLS command, aka a "StartTLS

CVE-2021-31810 [MEDIUM] CVE-2021-31810: jruby - An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x thro... An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. A malicious FTP server can use the PASV response to trick Net::FTP into connecting back to a given IP address and port. This potentially makes curl extract information about services that are otherwise private and not disclosed (e.g., the attacker can conduct port scans and se

CVE-2020-25613 [HIGH] CVE-2020-25613: jruby - An issue was discovered in Ruby through 2.5.8, 2.6.x through 2.6.6, and 2.7.x th... An issue was discovered in Ruby through 2.5.8, 2.6.x through 2.6.6, and 2.7.x through 2.7.1. WEBrick, a simple HTTP server bundled with Ruby, had not checked the transfer-encoding header value rigorously. An attacker may potentially exploit this issue to bypass a reverse proxy (which also has a poor header check), which may lead to an HTTP Request Smuggling attack. Sc

CVE-2019-16255 [HIGH] CVE-2019-16255: jruby - Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 allows code inj... Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 allows code injection if the first argument (aka the "command" argument) to Shell#[] or Shell#test in lib/shell.rb is untrusted data. An attacker can exploit this to call an arbitrary Ruby method. Scope: local bookworm: resolved (fixed in 9.3.9.0+ds-1) forky: resolved (fixed in 9.3.9.0+ds-1) sid: resolve

CVE-2019-8324 [HIGH] CVE-2019-8324: jruby - An issue was discovered in RubyGems 2.6 and later through 3.0.2. A crafted gem w... An issue was discovered in RubyGems 2.6 and later through 3.0.2. A crafted gem with a multi-line name is not handled correctly. Therefore, an attacker could inject arbitrary code to the stub line of gemspec, which is eval-ed by code in ensure_loadable_spec during the preinstall check. Scope: local bookworm: resolved (fixed in 9.1.17.0-3) forky: resolved (fixed in 9.1.17

CVE-2019-8322 [HIGH] CVE-2019-8322: jruby - An issue was discovered in RubyGems 2.6 and later through 3.0.2. The gem owner c... An issue was discovered in RubyGems 2.6 and later through 3.0.2. The gem owner command outputs the contents of the API response directly to stdout. Therefore, if the response is crafted, escape sequence injection may occur. Scope: local bookworm: resolved (fixed in 9.1.17.0-3) forky: resolved (fixed in 9.1.17.0-3) sid: resolved (fixed in 9.1.17.0-3) trixie: resolved (fi

CVE-2019-8323 [HIGH] CVE-2019-8323: jruby - An issue was discovered in RubyGems 2.6 and later through 3.0.2. Gem::GemcutterU... An issue was discovered in RubyGems 2.6 and later through 3.0.2. Gem::GemcutterUtilities#with_response may output the API response to stdout as it is. Therefore, if the API side modifies the response, escape sequence injection may occur. Scope: local bookworm: resolved (fixed in 9.1.17.0-3) forky: resolved (fixed in 9.1.17.0-3) sid: resolved (fixed in 9.1.17.0-3) trixie

CVE-2019-8320 [HIGH] CVE-2019-8320: jruby - A Directory Traversal issue was discovered in RubyGems 2.7.6 and later through 3... A Directory Traversal issue was discovered in RubyGems 2.7.6 and later through 3.0.2. Before making new directories or touching files (which now include path-checking code for symlinks), it would delete the target destination. If that destination was hidden behind a symlink, a malicious gem could delete arbitrary files on the user's machine, presuming the attacker could

CVE-2019-8325 [HIGH] CVE-2019-8325: jruby - An issue was discovered in RubyGems 2.6 and later through 3.0.2. Since Gem::Comm... An issue was discovered in RubyGems 2.6 and later through 3.0.2. Since Gem::CommandManager#run calls alert_error without escaping, escape sequence injection is possible. (There are many ways to cause an error.) Scope: local bookworm: resolved (fixed in 9.1.17.0-3) forky: resolved (fixed in 9.1.17.0-3) sid: resolved (fixed in 9.1.17.0-3) trixie: resolved (fixed in 9.1.17

CVE-2019-16201 [HIGH] CVE-2019-16201: jruby - WEBrick::HTTPAuth::DigestAuth in Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.... WEBrick::HTTPAuth::DigestAuth in Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 has a regular expression Denial of Service cause by looping/backtracking. A victim must expose a WEBrick server that uses DigestAuth to the Internet or a untrusted network. Scope: local bookworm: resolved (fixed in 9.3.9.0+ds-1) forky: resolved (fixed in 9.3.9.0+ds-1) sid

CVE-2019-8321 [HIGH] CVE-2019-8321: jruby - An issue was discovered in RubyGems 2.6 and later through 3.0.2. Since Gem::User... An issue was discovered in RubyGems 2.6 and later through 3.0.2. Since Gem::UserInteraction#verbose calls say without escaping, escape sequence injection is possible. Scope: local bookworm: resolved (fixed in 9.1.17.0-3) forky: resolved (fixed in 9.1.17.0-3) sid: resolved (fixed in 9.1.17.0-3) trixie: resolved (fixed in 9.1.17.0-3)

CVE-2019-16254 [MEDIUM] CVE-2019-16254: jruby - Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 allows HTTP Res... Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 allows HTTP Response Splitting. If a program using WEBrick inserts untrusted input into the response header, an attacker can exploit it to insert a newline character to split a header, and inject malicious content to deceive clients. NOTE: this issue exists because of an incomplete fix for CVE-2017-177

CVE-2019-15845 [MEDIUM] CVE-2019-15845: jruby - Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 mishandles path... Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 mishandles path checking within File.fnmatch functions. Scope: local bookworm: resolved forky: resolved sid: resolved trixie: resolved

CVE-2018-1000076 [CRITICAL] CVE-2018-1000076: jruby - RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and ... RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 series: 2.4.3 and earlier, Ruby 2.5 series: 2.5.0 and earlier, prior to trunk revision 62422 contains a Improper Verification of Cryptographic Signature vulnerability in package.rb that can result in a mis-signed gem could be installed, as the tarball would contai

CVE-2018-1000075 [HIGH] CVE-2018-1000075: jruby - RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and ... RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 series: 2.4.3 and earlier, Ruby 2.5 series: 2.5.0 and earlier, prior to trunk revision 62422 contains a infinite loop caused by negative size vulnerability in ruby gem package tar header that can result in a negative size could cause an infinite loop.. This vulnerabil

CVE-2018-1000073 [HIGH] CVE-2018-1000073: jruby - RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and ... RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 series: 2.4.3 and earlier, Ruby 2.5 series: 2.5.0 and earlier, prior to trunk revision 62422 contains a Directory Traversal vulnerability in install_location function of package.rb that can result in path traversal when writing to a symlinked basedir outside of the ro

CVE-2018-1000074 [HIGH] CVE-2018-1000074: jruby - RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and ... RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 series: 2.4.3 and earlier, Ruby 2.5 series: 2.5.0 and earlier, prior to trunk revision 62422 contains a Deserialization of Untrusted Data vulnerability in owner command that can result in code execution. This attack appear to be exploitable via victim must run the `ge