13977 matches found
MAL-2026-1916 Malicious code in freshworks-ruby (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
MAL-2026-1915 Malicious code in doctolib (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in freshworks-ruby (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
OpenProject SQL注入漏洞
OpenProject is an open-source web-based project management software. Versions of OpenProject prior to 16.6.9, 17.0.6, 17.1.3, and 17.2.1 have a SQL injection vulnerability. This vulnerability arises from custom field names not being properly cleaned in SQL queries, which can allow SQL injection...
ruby4.0-rubygem-sprockets-4.2.1-1.9 on GA media (moderate)
ruby4.0-rubygem-sprockets-4.2.1-1.9 on GA media Announcement ID: openSUSE-SU-2026:10364-1 Rating: moderate Cross-References: CVE-2018-3760 CVSS scores: CVE-2018-3760 SUSE : 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: openSUSE Tumbleweed An update that solves one...
ruby4.0-rubygem-web-console-4.2.1-1.9 on GA media (moderate)
ruby4.0-rubygem-web-console-4.2.1-1.9 on GA media Announcement ID: openSUSE-SU-2026:10367-1 Rating: moderate Cross-References: CVE-2015-3224 Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can now be installed. Description: These are all security issues fixed in the...
ruby4.0-rubygem-websocket-extensions-0.1.5-1.24 on GA media (moderate)
ruby4.0-rubygem-websocket-extensions-0.1.5-1.24 on GA media Announcement ID: openSUSE-SU-2026:10368-1 Rating: moderate Cross-References: CVE-2020-7663 CVSS scores: CVE-2020-7663 SUSE : 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L Affected Products: openSUSE Tumbleweed An update that solves on...
Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2026-1621)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
ruby4.0-rubygem-rails-8.0-8.0.3-1.3 on GA media (moderate)
ruby4.0-rubygem-rails-8.0-8.0.3-1.3 on GA media Announcement ID: openSUSE-SU-2026:10360-1 Rating: moderate Cross-References: CVE-2024-54133 Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can now be installed. Description: These are all security issues fixed in the...
ruby4.0-rubygem-multi_xml-0.6.0-1.31 on GA media (moderate)
ruby4.0-rubygem-multixml-0.6.0-1.31 on GA media Announcement ID: openSUSE-SU-2026:10355-1 Rating: moderate Cross-References: CVE-2013-0175 Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can now be installed. Description: These are all security issues fixed in the...
ruby4.0-rubygem-minitar-0.9-1.21 on GA media (moderate)
ruby4.0-rubygem-minitar-0.9-1.21 on GA media Announcement ID: openSUSE-SU-2026:10354-1 Rating: moderate Cross-References: CVE-2016-10173 Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can now be installed. Description: These are all security issues fixed in the...
Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2026-1593)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
ruby4.0-rubygem-rack-3.1.18-1.3 on GA media (moderate)
ruby4.0-rubygem-rack-3.1.18-1.3 on GA media Announcement ID: openSUSE-SU-2026:10358-1 Rating: moderate Cross-References: CVE-2013-0262 CVE-2013-0263 CVE-2015-3225 CVE-2018-16471 CVE-2019-16782 CVE-2020-8184 CVE-2022-30122 CVE-2022-30123 CVE-2022-44570 CVE-2022-44571 CVE-2022-44572 CVE-2023-27530...
ruby4.0-rubygem-rack-session-2.1.1-1.3 on GA media (moderate)
ruby4.0-rubygem-rack-session-2.1.1-1.3 on GA media Announcement ID: openSUSE-SU-2026:10359-1 Rating: moderate Cross-References: CVE-2025-46336 CVSS scores: CVE-2025-46336 SUSE : 4.2 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N Affected Products: openSUSE Tumbleweed An update that solves one...
ruby4.0-rubygem-puma-6.4.3-1.5 on GA media (moderate)
ruby4.0-rubygem-puma-6.4.3-1.5 on GA media Announcement ID: openSUSE-SU-2026:10357-1 Rating: moderate Cross-References: CVE-2019-16770 CVE-2020-11076 CVE-2022-23634 CVE-2024-45614 CVSS scores: CVE-2019-16770 SUSE : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2020-11076 SUSE : 6.8...
Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2026-1380)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
ruby4.0-rubygem-fluentd-1.17.1-1.5 on GA media (moderate)
ruby4.0-rubygem-fluentd-1.17.1-1.5 on GA media Announcement ID: openSUSE-SU-2026:10346-1 Rating: moderate Cross-References: CVE-2021-41186 Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can now be installed. Description: These are all security issues fixed in the...
ruby4.0-rubygem-globalid-1.2.1-1.9 on GA media (moderate)
ruby4.0-rubygem-globalid-1.2.1-1.9 on GA media Announcement ID: openSUSE-SU-2026:10347-1 Rating: moderate Cross-References: CVE-2023-22799 CVSS scores: CVE-2023-22799 SUSE : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: openSUSE Tumbleweed An update that solves one...
Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2026-1411)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP12 : ruby (EulerOS-SA-2026-1411)
According to the versions of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : URI is a module providing classes to handle Uniform Resource Identifiers. In versions prior to 0.12.5, 0.13.3, and 1.0.4, a bypass exists for the fi...