Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. A malicious FTP server can use the PASV response to trick Net::FTP into connecting back to a given IP address and port. This potentially makes curl extract information about services that are otherwise private and not disclosed (e.g., the attacker can conduct port scans and service banner extractions).
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Ruby 安全漏洞
Vulnerability Description
Ruby是松本行弘个人开发者的一种跨平台、面向对象的动态类型编程语言。 Ruby 存在安全漏洞。恶意 FTP 服务器可以使用 PASV 响应来欺骗 Net::FTP 连接给定的 IP 地址和端口。
CVSS Information
N/A
Vulnerability Type
N/A