Evan Phoenix

3 exploits Active since Aug 2015
CVE-2017-0899 WRITEUP CRITICAL WRITEUP
RubyGems < 2.6.13 - Terminal Escape Sequence Injection via Gem Specification
RubyGems version 2.6.12 and earlier is vulnerable to maliciously crafted gem specifications that include terminal escape characters. Printing the gem specification would execute terminal escape sequences.
CVSS 9.8
CVE-2020-11076 WRITEUP HIGH WRITEUP
Puma 3.0.0-3.12.5 and 4.0.0-4.3.3 - HTTP Request Smuggling via Invalid Transfer-Encoding Header
In Puma (RubyGem) before 4.3.4 and 3.12.5, an attacker could smuggle an HTTP response, by using an invalid transfer-encoding header. The problem has been fixed in Puma 3.12.5 and Puma 4.3.4.
CVSS 7.5
CVE-2015-4020 WRITEUP WRITEUP
Oracle Solaris < 2.0.17 - Improper Input Validation
RubyGems 2.0.x before 2.0.17, 2.2.x before 2.2.5, and 2.4.x before 2.4.8 does not validate the hostname when fetching gems or making API requests, which allows remote attackers to redirect requests to arbitrary domains via a crafted DNS SRV record with a domain that is suffixed with the original domain name, aka a "DNS hijack attack." NOTE: this vulnerability exists because to an incomplete fix for CVE-2015-3900.