CVE-2025-46551
- EPSS 0.16%
- Veröffentlicht 07.05.2025 16:12:23
- Zuletzt bearbeitet 21.10.2025 15:36:54
JRuby-OpenSSL is an add-on gem for JRuby that emulates the Ruby OpenSSL native library. Starting in JRuby-OpenSSL version 0.12.1 and prior to version 0.15.4 (corresponding to JRuby versions starting in 9.3.4.0 prior to 9.4.12.1 and 10.0.0.0 prior to ...
- EPSS 2.25%
- Veröffentlicht 28.11.2012 13:03:10
- Zuletzt bearbeitet 16.06.2026 23:46:44
JRuby computes hash values without properly restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a h...
CVE-2010-1330
- EPSS 2.22%
- Veröffentlicht 23.11.2012 19:55:01
- Zuletzt bearbeitet 16.06.2026 23:18:08
The regular expression engine in JRuby before 1.4.1, when $KCODE is set to 'u', does not properly handle characters immediately after a UTF-8 character, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted string.
- EPSS 4.36%
- Veröffentlicht 30.12.2011 01:55:01
- Zuletzt bearbeitet 16.06.2026 23:35:29
JRuby before 1.6.5.1 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintai...