VulnerableCode Package Details - pkg:maven/org.jruby/jruby-stdlib@1.7.11

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:maven/org.jruby/jruby-stdlib@1.7.11

Essentials
History (21)

purl	pkg:maven/org.jruby/jruby-stdlib@1.7.11

Next non-vulnerable version	9.1.16.0
Latest non-vulnerable version	9.1.16.0
Risk	4.5

Vulnerabilities affecting this package (7)

Vulnerability	Summary	Fixed by
VCID-8d7n-bfhu-dkfd Aliases: CVE-2018-1000075 GHSA-74pv-v9gh-h25p	Loop with Unreachable Exit Condition (Infinite Loop) RubyGems contains an infinite loop caused by negative size vulnerability in ruby gem package tar header that can result in a negative size could cause an infinite loop.	9.1.16.0 Affected by 0 other vulnerabilities.
VCID-8hm4-c4w4-gfen Aliases: CVE-2018-1000078 GHSA-87qx-g5wg-mwmj	Cross-site Scripting RubyGems contains a Cross Site Scripting (XSS) vulnerability in gem server display of homepage attribute that can result in XSS. This attack appears to be exploitable by the victim browsing to a malicious gem on a vulnerable gem server.	9.1.16.0 Affected by 0 other vulnerabilities.
VCID-9t45-d5mf-3uar Aliases: CVE-2018-1000079 GHSA-8qxg-mff5-j3wc	Path Traversal RubyGems contains a Directory Traversal vulnerability in gem installation that can result in the gem being able to write to arbitrary filesystem locations during installation. This attack appears to be exploitable by a victim installing a malicious gem.	9.1.16.0 Affected by 0 other vulnerabilities.
VCID-af1f-xwwy-jfa8 Aliases: CVE-2018-1000074 GHSA-qj2w-mw2r-pv39	RubyGems contains a Deserialization of Untrusted Data vulnerability in owner command that can result in code execution. This attack appears to be exploitable when the victim runs the `gem owner` command on a gem with a specially crafted YAML file.	9.1.16.0 Affected by 0 other vulnerabilities.
VCID-mamm-cvdr-subf Aliases: CVE-2018-1000077 GHSA-gv86-43rv-79m2	RubyGems contains an Improper Input Validation vulnerability in ruby gems specification homepage attribute that can result in a malicious gem being able to set an invalid homepage URL.	9.1.16.0 Affected by 0 other vulnerabilities.
VCID-tq93-h2ag-s3bx Aliases: CVE-2018-1000073 GHSA-gx69-6cp4-hxrj	Path Traversal RubyGems contains a Directory Traversal vulnerability in install_location function of `package.rb` that can result in path traversal when writing to a symlinked basedir outside the root.	9.1.16.0 Affected by 0 other vulnerabilities.
VCID-w4ns-f42m-pyec Aliases: CVE-2018-1000076 GHSA-mc6j-h948-v2p6	RubyGems contains an Improper Verification of Cryptographic Signature vulnerability in `package.rb` that can result in a mis-signed gem being installed, as the tarball would contain multiple gem signatures.	9.1.16.0 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-11T23:07:53.946768+00:00	GitLab Importer	Affected by	VCID-9t45-d5mf-3uar	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.jruby/jruby-stdlib/CVE-2018-1000079.yml	38.3.0
2026-04-11T23:07:30.505990+00:00	GitLab Importer	Affected by	VCID-8hm4-c4w4-gfen	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.jruby/jruby-stdlib/CVE-2018-1000078.yml	38.3.0
2026-04-11T23:07:24.892671+00:00	GitLab Importer	Affected by	VCID-mamm-cvdr-subf	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.jruby/jruby-stdlib/CVE-2018-1000077.yml	38.3.0
2026-04-11T23:07:16.713983+00:00	GitLab Importer	Affected by	VCID-af1f-xwwy-jfa8	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.jruby/jruby-stdlib/CVE-2018-1000074.yml	38.3.0
2026-04-11T23:07:13.749307+00:00	GitLab Importer	Affected by	VCID-w4ns-f42m-pyec	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.jruby/jruby-stdlib/CVE-2018-1000076.yml	38.3.0
2026-04-11T23:05:01.327952+00:00	GitLab Importer	Affected by	VCID-8d7n-bfhu-dkfd	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.jruby/jruby-stdlib/CVE-2018-1000075.yml	38.3.0
2026-04-11T23:04:08.136178+00:00	GitLab Importer	Affected by	VCID-tq93-h2ag-s3bx	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.jruby/jruby-stdlib/CVE-2018-1000073.yml	38.3.0
2026-04-02T23:16:19.371593+00:00	GitLab Importer	Affected by	VCID-9t45-d5mf-3uar	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.jruby/jruby-stdlib/CVE-2018-1000079.yml	38.1.0
2026-04-02T23:15:48.254746+00:00	GitLab Importer	Affected by	VCID-8hm4-c4w4-gfen	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.jruby/jruby-stdlib/CVE-2018-1000078.yml	38.1.0
2026-04-02T23:15:39.918952+00:00	GitLab Importer	Affected by	VCID-mamm-cvdr-subf	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.jruby/jruby-stdlib/CVE-2018-1000077.yml	38.1.0
2026-04-02T23:15:29.197408+00:00	GitLab Importer	Affected by	VCID-af1f-xwwy-jfa8	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.jruby/jruby-stdlib/CVE-2018-1000074.yml	38.1.0
2026-04-02T23:15:24.631593+00:00	GitLab Importer	Affected by	VCID-w4ns-f42m-pyec	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.jruby/jruby-stdlib/CVE-2018-1000076.yml	38.1.0
2026-04-02T23:13:17.898235+00:00	GitLab Importer	Affected by	VCID-8d7n-bfhu-dkfd	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.jruby/jruby-stdlib/CVE-2018-1000075.yml	38.1.0
2026-04-02T23:12:29.787122+00:00	GitLab Importer	Affected by	VCID-tq93-h2ag-s3bx	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.jruby/jruby-stdlib/CVE-2018-1000073.yml	38.1.0
2026-04-01T17:36:24.580020+00:00	GitLab Importer	Affected by	VCID-9t45-d5mf-3uar	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.jruby/jruby-stdlib/CVE-2018-1000079.yml	38.0.0
2026-04-01T17:35:51.367351+00:00	GitLab Importer	Affected by	VCID-8hm4-c4w4-gfen	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.jruby/jruby-stdlib/CVE-2018-1000078.yml	38.0.0
2026-04-01T17:35:42.356384+00:00	GitLab Importer	Affected by	VCID-mamm-cvdr-subf	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.jruby/jruby-stdlib/CVE-2018-1000077.yml	38.0.0
2026-04-01T17:35:30.751011+00:00	GitLab Importer	Affected by	VCID-af1f-xwwy-jfa8	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.jruby/jruby-stdlib/CVE-2018-1000074.yml	38.0.0
2026-04-01T17:35:25.946276+00:00	GitLab Importer	Affected by	VCID-w4ns-f42m-pyec	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.jruby/jruby-stdlib/CVE-2018-1000076.yml	38.0.0
2026-04-01T17:33:16.060295+00:00	GitLab Importer	Affected by	VCID-8d7n-bfhu-dkfd	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.jruby/jruby-stdlib/CVE-2018-1000075.yml	38.0.0
2026-04-01T17:32:25.166448+00:00	GitLab Importer	Affected by	VCID-tq93-h2ag-s3bx	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.jruby/jruby-stdlib/CVE-2018-1000073.yml	38.0.0