ROS-20250121-03

Vulnerability The contentsecuritypolicy function of the Ruby interpreter's Action Pack extension is related to a vulnerability in the dynamically set Content-Security-Policy CSP headers. Content-Security-Policy CSP dynamically set headers vulnerability. Exploitation The vulnerability could allow ...

OPENSUSE-SU-2025:14680-1 ruby3.4-rubygem-railties-8.0-8.0.1-1.1 on GA media

These are all security issues fixed in the ruby3.4-rubygem-railties-8.0-8.0.1-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2025:14676-1 ruby3.4-rubygem-activerecord-8.0-8.0.1-1.1 on GA media

These are all security issues fixed in the ruby3.4-rubygem-activerecord-8.0-8.0.1-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2025:14671-1 ruby3.4-rubygem-actionpack-8.0-8.0.1-1.1 on GA media

These are all security issues fixed in the ruby3.4-rubygem-actionpack-8.0-8.0.1-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2025:14679-1 ruby3.4-rubygem-rails-8.0-8.0.1-1.1 on GA media

These are all security issues fixed in the ruby3.4-rubygem-rails-8.0-8.0.1-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2025:14673-1 ruby3.4-rubygem-actionview-8.0-8.0.1-1.1 on GA media

These are all security issues fixed in the ruby3.4-rubygem-actionview-8.0-8.0.1-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2025:14677-1 ruby3.4-rubygem-activestorage-8.0-8.0.1-1.1 on GA media

These are all security issues fixed in the ruby3.4-rubygem-activestorage-8.0-8.0.1-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2025:14672-1 ruby3.4-rubygem-actiontext-8.0-8.0.1-1.1 on GA media

These are all security issues fixed in the ruby3.4-rubygem-actiontext-8.0-8.0.1-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2025:14675-1 ruby3.4-rubygem-activemodel-8.0-8.0.1-1.1 on GA media

These are all security issues fixed in the ruby3.4-rubygem-activemodel-8.0-8.0.1-1.1 package on the GA media of openSUSE Tumbleweed...

DLA-4018-1 ruby2.7 - security update

Bulletin has no description...

Security Bulletin: IBM Watson CP4D Data Stores is vulnerable to The Bouncy Castle Crypto Package For Java denial of service vulnerabilitiy( CVE-2024-29857)

Summary A potential denial of service vulnerability CVE-2024-29857 has been identified related to The Bouncy Castle Crypto Package For Java that may affect IBM Watson CP4D Data Stores. This vulnerability have been addressed. Refer to details for additional information. Vulnerability Details...

Security Bulletin: Vulnerability in Golang Go  (CVE-2024-24784) affects IBM Watson CP4D Data Stores

Summary A potential denial of service vulnerability CVE-2024-24784 has been identified related to Golang Go that may affect IBM Watson CP4D Data Stores. This vulnerability have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2024-24784 DESCRIPTION:...

Security Bulletin: CVE-2023-45288 - HTTP/2 CONTINUATION flood vulnerability affects IBM Watson CP4D Data Stores

Summary A potential vulnerability CVE-2023-45288 - HTTP/2 CONTINUATION flood has been identified that may affect IBM Watson CP4D Data Stores. This vulnerability have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2023-45288 DESCRIPTION: An attacker ma...

The vulnerability of the Action Pack framework for the Ruby interpreter allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the Action Pack framework’s Ruby interpreter lies in insufficient validation of input data. Exploiting this vulnerability allows an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2025-1014)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2025-1031)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2025-1063)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP9 : ruby (EulerOS-SA-2025-1046)

According to the versions of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : REXML is an XML toolkit for Ruby. The REXML gem before 3.3.6 has a DoS vulnerability when it parses an XML that has many deep elements that have sam...

Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2025-1046)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP10 : ruby (EulerOS-SA-2025-1014)

According to the versions of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An issue was discovered in the WEBrick toolkit through 1.8.1 for Ruby. It allows HTTP request smuggling by providing both a Content-Length header an...