📦

rdoc

Vendor: ruby-lang

Actively Exploited 0 CISA KEV List

PoC / Exploits 0 Code Available

Total RCEs 1 Remote Access

Total CVEs 3 Total Indexed

Avg. EPSS 1.51% Exploit Prob.

Latest CVE CVE-2021-31799 Jul 30

Security Vulnerability Index

Page 1 / 1

7.0 CVSS

CVE-2021-31799

RCE

In RDoc 3.11 through 6.x before 6.3.1, as distributed with Ruby through 3.0.1, it is possible to execute arbitrary code via | and tags in a filename.

EPSS: 0.35%

Severity: HIGH

Jul 30, 2021

4.3 CVSS

CVE-2013-0256

darkfish.js in RDoc 2.3.0 through 3.12 and 4.x before 4.0.0.preview2.1, as used in Ruby, does not properly generate documents, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted URL.

EPSS: 2.67%

Severity: MEDIUM

Mar 01, 2013

Displaying 2 of 3 Total Entries

Total 1 Sections