Lucene search
Copyright (C) 2024 Greenbone AGOPENVAS:13614125623111120245677HistoryMay 06, 2024 - 12:00 a.m.
Debian: Security Advisory (DSA-5677-1)
2024-05-0600:00:00
Copyright (C) 2024 Greenbone AG
plugins.openvas.org
7
debian
security advisory
dsa-5677-1
ruby3.1
package
cve-2024-27280
cve-2024-27281
cve-2024-27282
vendorfix
gpl-2.0-only
The remote host is missing an update for the Debian
# SPDX-FileCopyrightText: 2024 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.1.1.1.2024.5677");
script_cve_id("CVE-2024-27280", "CVE-2024-27281", "CVE-2024-27282");
script_tag(name:"creation_date", value:"2024-05-06 04:20:50 +0000 (Mon, 06 May 2024)");
script_version("2024-05-06T05:05:38+0000");
script_tag(name:"last_modification", value:"2024-05-06 05:05:38 +0000 (Mon, 06 May 2024)");
script_tag(name:"cvss_base", value:"5.0");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:N/A:N");
script_name("Debian: Security Advisory (DSA-5677-1)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2024 Greenbone AG");
script_family("Debian Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/debian_linux", "ssh/login/packages", re:"ssh/login/release=DEB12");
script_xref(name:"Advisory-ID", value:"DSA-5677-1");
script_xref(name:"URL", value:"https://www.debian.org/security/2024/DSA-5677-1");
script_tag(name:"summary", value:"The remote host is missing an update for the Debian 'ruby3.1' package(s) announced via the DSA-5677-1 advisory.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");
script_tag(name:"affected", value:"'ruby3.1' package(s) on Debian 12.");
script_tag(name:"solution", value:"Please install the updated package(s).");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"package");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-deb.inc");
release = dpkg_get_ssh_release();
if(!release)
exit(0);
res = "";
report = "";
if(release == "DEB12") {
if(!isnull(res = isdpkgvuln(pkg:"libruby3.1", ver:"3.1.2-7+deb12u1", rls:"DEB12"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"ruby3.1", ver:"3.1.2-7+deb12u1", rls:"DEB12"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"ruby3.1-dev", ver:"3.1.2-7+deb12u1", rls:"DEB12"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"ruby3.1-doc", ver:"3.1.2-7+deb12u1", rls:"DEB12"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
exit(0);
Related
openvas
openvas
Slackware: Security Advisory (SSA:2024-114-01)
2024-04-24 00:00:00
Fedora: Security Advisory for ruby (FEDORA-2024-14db7b21a2)
2024-05-27 00:00:00
Mageia: Security Advisory (MGASA-2024-0160)
2024-05-09 00:00:00
osv
osv
ruby3.1 - security update
2024-05-03 00:00:00
Moderate: ruby:3.3 security, bug fix, and enhancement update
2024-06-06 00:00:00
Moderate: ruby:3.1 security, bug fix, and enhancement update
2024-06-14 13:59:30
nessus
nessus
Rocky Linux 9 : ruby:3.3 (RLSA-2024:3671)
2024-06-14 00:00:00
AlmaLinux 8 : ruby:3.3 (ALSA-2024:3670)
2024-06-10 00:00:00
Debian dsa-5677 : libruby3.1 - security update
2024-05-04 00:00:00
almalinux
almalinux
Moderate: ruby:3.1 security, bug fix, and enhancement update
2024-06-03 00:00:00
Moderate: ruby:3.3 security, bug fix, and enhancement update
2024-06-06 00:00:00
Moderate: ruby:3.1 security, bug fix, and enhancement update
2024-06-06 00:00:00
rocky
rocky
ruby:3.1 security, bug fix, and enhancement update
2024-06-14 14:00:40
ruby:3.1 security, bug fix, and enhancement update
2024-06-14 13:59:30
ruby:3.3 security, bug fix, and enhancement update
2024-06-14 14:00:40
mageia
mageia
Updated ruby packages fix security vulnerabilities
2024-05-09 05:40:29
oraclelinux
oraclelinux
ruby:3.3 security, bug fix, and enhancement update
2024-06-07 00:00:00
ruby:3.3 security, bug fix, and enhancement update
2024-06-06 00:00:00
ruby:3.1 security, bug fix, and enhancement update
2024-06-06 00:00:00
redhat
redhat
(RHSA-2024:3500) Moderate: ruby:3.0 security update
2024-05-30 12:07:40
debian
debian
[SECURITY] [DSA 5677-1] ruby3.1 security update
2024-05-03 19:47:30
slackware
slackware
[slackware-security] ruby
2024-04-23 22:33:22
fedora
fedora
[SECURITY] Fedora 40 Update: ruby-3.3.1-7.fc40
2024-05-03 01:46:00
[SECURITY] Fedora 39 Update: ruby-3.2.4-182.fc39
2024-05-04 01:33:23
[SECURITY] Fedora 38 Update: ruby-3.2.4-182.fc38
2024-05-04 02:20:05
ubuntu
ubuntu
Ruby vulnerabilities
2024-06-17 00:00:00
cve
cve
cbl_mariner
cbl_mariner
CVE-2024-27282 affecting package ruby for versions less than 3.1.4-5
2024-06-12 22:23:00
CVE-2024-27281 affecting package ruby for versions less than 3.1.4-4
2024-04-17 01:35:34
cvelist
cvelist
freebsd
freebsd
ruby -- Arbitrary memory address read vulnerability with Regex search
2024-04-23 00:00:00
alpinelinux
alpinelinux
debiancve
debiancve
github
github
RDoc RCE vulnerability with .rdoc_options
2024-03-25 19:36:59
StringIO buffer overread vulnerability
2024-03-25 19:36:52
veracode
veracode
Remote Code Execution
2024-03-28 10:48:53
Buffer Over-read
2024-03-29 07:40:04
hackerone
hackerone
nvd
nvd
redhatcve
redhatcve
ubuntucve
ubuntucve
githubexploit
githubexploit
Exploit for CVE-2024-27282
2024-06-12 23:54:03
cgr
cgr
CVE-2024-27280 vulnerabilities
2024-05-19 03:07:16
CVE-2024-27281 vulnerabilities
2024-05-19 03:07:16
vulnrichment
vulnrichment
CVE-2024-27280
1976-01-01 00:00:00
wolfi
wolfi
CVE-2024-27280 vulnerabilities
2024-06-26 09:08:30
CVE-2024-27281 vulnerabilities
2024-06-26 09:08:30
gentoo
gentoo
RDoc: Remote Code Execution
2024-06-22 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2024-5.0-0236
2024-04-01 00:00:00
Important Photon OS Security Update - PHSA-2024-4.0-0600
2024-04-29 00:00:00
Important Photon OS Security Update - PHSA-2024-5.0-0259
2024-04-29 00:00:00