Search for packages
| purl | pkg:apk/alpine/ruby@2.4.2-r0?arch=armhf&distroversion=v3.11&reponame=main |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-91b7-xx8t-rqhr | Improper Authentication The Basic authentication code in WEBrick library in Ruby before 2.2.8, 2.3.x before 2.3.5, and 2.4.x through 2.4.1 allows remote attackers to inject terminal emulator escape sequences into its log and possibly execute arbitrary commands via a crafted user name. |
CVE-2017-10784
GHSA-369m-2gv6-mw28 |
| VCID-b36p-re17-n7dq | Improper Input Validation RubyGems is vulnerable to maliciously crafted gem specifications to cause a denial of service attack against RubyGems clients who have issued a `query` command. |
CVE-2017-0900
GHSA-p7f2-rr42-m9xm |
| VCID-fapg-pt6b-rfb2 | Improper Restriction of Operations within the Bounds of a Memory Buffer The decode method in the OpenSSL::ASN1 module in Ruby before 2.2.8, 2.3.x before 2.3.5, and 2.4.x through 2.4.1 allows attackers to cause a denial of service (interpreter crash) via a crafted string. |
CVE-2017-14033
GHSA-v6rp-3r3v-hf4p |
| VCID-jmzh-89dm-r7g2 | Origin Validation Error RubyGems is vulnerable to a DNS hijacking vulnerability that allows a MITM attacker to force the RubyGems client to download and install gems from a server that the attacker controls. |
CVE-2017-0902
GHSA-73w7-6w9g-gc8w |
| VCID-xgsa-5umz-qffr | Code Injection RubyGems is vulnerable to maliciously crafted gem specifications that include terminal escape characters. Printing the gem specification would execute terminal escape sequences. |
CVE-2017-0899
GHSA-7gcp-2gmq-w3xh |
| VCID-xkd6-jvma-skfk | Multiple vulnerabilities have been found in Ruby, the worst of which could lead to the remote execution of arbitrary code. |
CVE-2017-14064
GHSA-954h-8gv7-2q75 |
| VCID-xz68-vwz2-2ke4 | Improper Input Validation RubyGems fails to validate specification names, allowing a maliciously crafted gem to potentially overwrite any file on the filesystem. |
CVE-2017-0901
GHSA-pm9x-4392-2c2p |
| VCID-zybm-uuxu-67gh | Multiple vulnerabilities have been found in Ruby, the worst of which could lead to the remote execution of arbitrary code. |
CVE-2017-0898
GHSA-wvmx-3rv2-5jgf |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-06T04:53:04.218290+00:00 | Alpine Linux Importer | Fixing | VCID-xgsa-5umz-qffr | https://secdb.alpinelinux.org/v3.11/main.json | 38.1.0 |
| 2026-04-03T17:47:26.057416+00:00 | Alpine Linux Importer | Fixing | VCID-fapg-pt6b-rfb2 | https://secdb.alpinelinux.org/v3.11/main.json | 38.1.0 |
| 2026-04-01T19:16:26.874694+00:00 | Alpine Linux Importer | Fixing | VCID-zybm-uuxu-67gh | https://secdb.alpinelinux.org/v3.11/main.json | 38.0.0 |
| 2026-04-01T19:11:39.265429+00:00 | Alpine Linux Importer | Fixing | VCID-91b7-xx8t-rqhr | https://secdb.alpinelinux.org/v3.11/main.json | 38.0.0 |
| 2026-04-01T19:04:30.426550+00:00 | Alpine Linux Importer | Fixing | VCID-xkd6-jvma-skfk | https://secdb.alpinelinux.org/v3.11/main.json | 38.0.0 |
| 2026-04-01T19:02:18.285320+00:00 | Alpine Linux Importer | Fixing | VCID-jmzh-89dm-r7g2 | https://secdb.alpinelinux.org/v3.11/main.json | 38.0.0 |
| 2026-04-01T18:55:32.354098+00:00 | Alpine Linux Importer | Fixing | VCID-xz68-vwz2-2ke4 | https://secdb.alpinelinux.org/v3.11/main.json | 38.0.0 |
| 2026-04-01T18:50:21.430211+00:00 | Alpine Linux Importer | Fixing | VCID-b36p-re17-n7dq | https://secdb.alpinelinux.org/v3.11/main.json | 38.0.0 |