Malicious code in chalk-interface (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in chalk-sentry (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in chalk-henson (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in chalk-cli (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

MAL-2025-192896 Malicious code in chalk-cli (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in activestorage-redundancy (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

MAL-2025-192894 Malicious code in activestorage-redundancy (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

rexml: REXML denial of service

A denial of service flaw has been discovered in the rubygem REXML. Certain input can cause excess cpu usage and given sufficiently large input this can affect program performance...

Moderate: Red Hat Security Advisory: ruby security update

An update for ruby is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

RHEL 10 : ruby (RHSA-2025:23927)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:23927 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system...

RHSA-2025:23648 Red Hat Security Advisory: ruby:3.3 security update

Bulletin has no description...

libruby3_4-3_4-3.4.8-1.1 on GA media (moderate)

libruby34-34-3.4.8-1.1 on GA media Announcement ID: openSUSE-SU-2025:15828-1 Rating: moderate Cross-References: CVE-2025-58767 CVSS scores: CVE-2025-58767 SUSE : 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2025-58767 SUSE : 5.1...

EUVD-2025-203943

AWS SDK for Ruby's S3 Encryption Client has a Key Commitment Issue...

GHSA-2XGQ-Q749-89FQ AWS SDK for Ruby's S3 Encryption Client has a Key Commitment Issue

Summary S3 Encryption Client for Ruby is an open-source client-side encryption library used to facilitate writing and reading encrypted records to S3. When the encrypted data key EDK is stored in an "Instruction File" instead of S3's metadata record, the EDK is exposed to an "Invisible Salamander...

AWS SDK for Ruby's S3 Encryption Client has a Key Commitment Issue

Summary S3 Encryption Client for Ruby is an open-source client-side encryption library used to facilitate writing and reading encrypted records to S3. When the encrypted data key EDK is stored in an "Instruction File" instead of S3's metadata record, the EDK is exposed to an "Invisible Salamander...

CVE-2025-14762

A flaw was found in the AWS SDK for Ruby, an open-source client-side encryption library. A user with write access to an S3 Simple Storage Service bucket can exploit a missing cryptographic key commitment. This allows the introduction of a new Encrypted Data Key EDK that decrypts to different...

rexml: REXML denial of service

A denial of service flaw has been discovered in the rubygem REXML. Certain input can cause excess cpu usage and given sufficiently large input this can affect program performance...

Linux Distros Unpatched Vulnerability : CVE-2025-14762

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Missing cryptographic key commitment in the AWS SDK for Ruby may allow a user with write access to the S3 bucket to introduce a new EDK that decrypts to differe...

OPENSUSE-SU-2025:15828-1 libruby3_4-3_4-3.4.8-1.1 on GA media

These are all security issues fixed in the libruby34-34-3.4.8-1.1 package on the GA media of openSUSE Tumbleweed...

RHEL 9 : ruby:3.3 (RHSA-2025:23648)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:23648 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system...