VulnerableCode Package Details - pkg:gem/rdoc@6.1.0.beta2

Search for packages

Vulnerability	Summary	Fixed by
VCID-3s9f-prpy-hbcx Aliases: CVE-2019-11358 GHSA-6c3j-c64m-qhgq	Cross-site Scripting The jQuery library, which is included in rdoc, mishandles `jQuery.extend(true, {}, ...)` because of Object.prototype pollution. If an unsanitized source object contained an enumerable `__proto__` property, it could extend the native `Object.prototype.`	6.1.2 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-a1z8-2fdu-1uhd Aliases: CVE-2021-31799 GHSA-ggxm-pgc9-g7fp	Arbitrary Code Execution in Rdoc In RDoc 3.11 through 6.x before 6.3.1, as distributed with Ruby through 3.0.1, it is possible to execute arbitrary code via \| and tags in a filename.	6.1.2.1 Affected by 0 other vulnerabilities. 6.2.1.1 Affected by 0 other vulnerabilities. 6.3.1 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-3s9f-prpy-hbcx
Aliases:
CVE-2019-11358
GHSA-6c3j-c64m-qhgq

Cross-site Scripting The jQuery library, which is included in rdoc, mishandles `jQuery.extend(true, {}, ...)` because of Object.prototype pollution. If an unsanitized source object contained an enumerable `__proto__` property, it could extend the native `Object.prototype.`

6.1.2
Affected by 1 other vulnerability.

VCID-a1z8-2fdu-1uhd
Aliases:
CVE-2021-31799
GHSA-ggxm-pgc9-g7fp

Arbitrary Code Execution in Rdoc In RDoc 3.11 through 6.x before 6.3.1, as distributed with Ruby through 3.0.1, it is possible to execute arbitrary code via | and tags in a filename.

6.1.2.1
Affected by 0 other vulnerabilities.

6.2.1.1
Affected by 0 other vulnerabilities.

6.3.1
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Vulnerability

Summary

Aliases

This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T21:30:31.929088+00:00	GitLab Importer	Affected by	VCID-a1z8-2fdu-1uhd	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/rdoc/CVE-2021-31799.yml	38.4.0
2026-04-16T20:53:50.999500+00:00	GitLab Importer	Affected by	VCID-3s9f-prpy-hbcx	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/rdoc/CVE-2019-11358.yml	38.4.0
2026-04-11T22:43:38.814841+00:00	GitLab Importer	Affected by	VCID-a1z8-2fdu-1uhd	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/rdoc/CVE-2021-31799.yml	38.3.0
2026-04-11T22:04:44.358838+00:00	GitLab Importer	Affected by	VCID-3s9f-prpy-hbcx	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/rdoc/CVE-2019-11358.yml	38.3.0
2026-04-02T22:53:44.954791+00:00	GitLab Importer	Affected by	VCID-a1z8-2fdu-1uhd	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/rdoc/CVE-2021-31799.yml	38.1.0
2026-04-02T22:17:40.442707+00:00	GitLab Importer	Affected by	VCID-3s9f-prpy-hbcx	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/rdoc/CVE-2019-11358.yml	38.1.0
2026-04-01T17:11:58.842675+00:00	GitLab Importer	Affected by	VCID-a1z8-2fdu-1uhd	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/rdoc/CVE-2021-31799.yml	38.0.0
2026-04-01T16:35:18.621239+00:00	GitLab Importer	Affected by	VCID-3s9f-prpy-hbcx	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/rdoc/CVE-2019-11358.yml	38.0.0