Known Vulnerabilities for products from Rubyzip Project
Listed below are 3 of the newest known vulnerabilities associated with the vendor "Rubyzip Project".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2019-16892 json | In Rubyzip before 1.3.0, a crafted ZIP file can bypass application checks on ZIP entry sizes because data about the uncompres... | 5.5 - MEDIUM | 2019-09-25 | 2023-12-28 |
| CVE-2018-1000544 json | rubyzip gem rubyzip version 1.2.1 and earlier contains a Directory Traversal vulnerability in Zip::File component that can re... | 9.8 - CRITICAL | 2018-06-26 | 2020-08-24 |
| CVE-2017-5946 json | The Zip::File component in the rubyzip gem before 1.2.1 for Ruby has a directory traversal vulnerability. If a site allows up... | 9.8 - CRITICAL | 2017-02-27 | 2020-05-14 |
Known software with vulnerabilities from Rubyzip Project
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Rubyzip Project | Rubyzip | - |