VYPR

Rdoc

by Ruby Lang

gem: rdoc

Source repositories

CVEs (2)

  • CVE-2024-27281MedMay 14, 2024
    risk 0.22cvss 4.5epss 0.02

    An issue was discovered in RDoc 6.3.3 through 6.6.2, as distributed in Ruby 3.x through 3.3.0. When parsing .rdoc_options (used for configuration in RDoc) as a YAML file, object injection and resultant remote code execution are possible because there are no restrictions on the…

  • CVE-2013-0256Mar 1, 2013
    risk 0.00cvss epss 0.04

    darkfish.js in RDoc 2.3.0 through 3.12 and 4.x before 4.0.0.preview2.1, as used in Ruby, does not properly generate documents, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted URL.