13977 matches found
RockyLinux 8 : ruby:3.3 (RLSA-2025:23062)
The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:23062 advisory. resolv: Denial of Service in resolv gem CVE-2025-24294 rexml: REXML denial of service CVE-2025-58767 Tenable has extracted the preceding description blo...
AZL-73356 CVE-2025-61594 affecting package ruby for versions less than 3.3.5-7
URI is a module providing classes to handle Uniform Resource Identifiers. In versions prior to 0.12.5, 0.13.3, and 1.0.4, a bypass exists for the fix to CVE-2025-27221 that can expose user credentials. When using the + operator to combine URIs, sensitive information like passwords from the origin...
AZL-73391 CVE-2025-61594 affecting package ruby for versions less than 3.1.7-4
URI is a module providing classes to handle Uniform Resource Identifiers. In versions prior to 0.12.5, 0.13.3, and 1.0.4, a bypass exists for the fix to CVE-2025-27221 that can expose user credentials. When using the + operator to combine URIs, sensitive information like passwords from the origin...
GHSA-J4PR-3WM6-XX2R URI Credential Leakage Bypass over CVE-2025-27221
Impact In affected URI version, a bypass exists for the fix to CVE-2025-27221 that can expose user credentials. When using the + operator to combine URIs, sensitive information like passwords from the original URI can be leaked, violating RFC3986 and making applications vulnerable to credential...
URI Credential Leakage Bypass over CVE-2025-27221
Impact In affected URI version, a bypass exists for the fix to CVE-2025-27221 that can expose user credentials. When using the + operator to combine URIs, sensitive information like passwords from the original URI can be leaked, violating RFC3986 and making applications vulnerable to credential...
Mageia: Security Advisory (MGASA-2025-0334)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
URI 安全漏洞
URI is a Ruby open source module that provides classes to handle Uniform Resource Identifiers. A security vulnerability exists in URI versions prior to 0.12.5, 0.13.3, and 1.0.4, which stems from the possibility that sensitive information such as passwords in the original URI may be disclosed whe...
Exploit for CVE-2025-27407
PoCCVE-2025-27407 Proof of concept for a remote code executi...
RHSA-2025:23927 Red Hat Security Advisory: ruby security update
Bulletin has no description...
Malicious code in verificator (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-192924 Malicious code in u2f_client (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in u2f_client (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in test_gem_978483406ebb19126a2e8c001649a4eb (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-192922 Malicious code in stripe-server (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-192921 Malicious code in stripe-rubocop (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in stripe-rubocop (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-192919 Malicious code in sq-samsa (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in sq-samsa (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-192920 Malicious code in stripe-backup (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in stripe-backup (RubyGems)
--- -= Per source details. Do not edit below this line.=-...