QID 357267

A flaw was discovered in ruby in the way certain functions handled strings containing null bytes.
Specifically, the built-in methods file.fnmatch and its alias file.fnmatch?
Did not properly handle path patterns containing the null byte.
A remote attacker could exploit this flaw to make a ruby script access unexpected files and to bypass intended file system access restrictions. (
( CVE-2019-15845) webrick::httpauth::digestauth in ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 has a regular expression denial of service cause by looping/backtracking.
A victim must expose a webrick server that uses digestauth to the internet or a untrusted network. (
( CVE-2019-16201) ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 allows http response splitting.
If a program using webrick inserts untrusted input into the response header, an attacker can exploit it to insert a newline character to split a header, and inject malicious content to deceive clients.
Note: this issue exists because of an incomplete fix for( CVE-2017-17742, which addressed the crlf vector, but did not address an isolated cr or an isolated lf. (
( CVE-2019-16254) ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 allows code injection if the first argument (aka the "command" argument) to shell#[] or shell#test in lib/shell.rb is untrusted data.
An attacker can exploit this to call an arbitrary ruby method. (
( CVE-2019-16255) cgi::cookie.parse in ruby through 2.6.8 mishandles security prefixes in cookie names.
This also affects the cgi gem through 0.3.0 for ruby. (
( CVE-2021-41819)

Successful exploitation of this vulnerability could lead to a securitybreach or could affect integrity, availability, and confidentiality.