Lucene search
K

45 matches found

OpenVAS
OpenVAS
added 2019/07/22 12:0 a.m.33 views

openSUSE: Security Advisory for ruby-bundled-gems-rpmhelper, ruby2.5 (openSUSE-SU-2019:1771-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS7.8AI score0.10715EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2019/07/11 12:0 a.m.40 views

SUSE SLED15 / SLES15 Security Update : ruby-bundled-gems-rpmhelper, ruby2.5 (SUSE-SU-2019:1804-1)

This update for ruby2.5 and ruby-bundled-gems-rpmhelper fixes the following issues : Changes in ruby2.5 : Update to 2.5.5 and 2.5.4 : https://www.ruby-lang.org/en/news/2019/03/15/ruby-2-5-5-released/ https://www.ruby-lang.org/en/news/2019/03/13/ruby-2-5-4-released/ Security issues fixed :...

9.8CVSS6.9AI score0.10715EPSS
Exploits1References68
Tenable Nessus
Tenable Nessus
added 2019/05/30 12:0 a.m.32 views

EulerOS Virtualization for ARM 64 3.0.2.0 : ruby (EulerOS-SA-2019-1617)

According to the versions of the ruby packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to...

9.8CVSS7AI score0.10715EPSS
Exploits4References9
Tenable Nessus
Tenable Nessus
added 2019/03/18 12:0 a.m.32 views

Photon OS 1.0: Ruby PHSA-2019-1.0-0205

An update of the ruby package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-1.0-0205. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid122903;...

9.8CVSS7.7AI score0.10715EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2019/03/18 12:0 a.m.33 views

Photon OS 2.0: Ruby PHSA-2019-2.0-0130

An update of the ruby package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-2.0-0130. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid122896;...

9.8CVSS7.7AI score0.10715EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2019/03/18 12:0 a.m.25 views

Photon OS 1.0: Rubygem PHSA-2019-1.0-0205

An update of the rubygem package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-1.0-0205. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

9.8CVSS7.7AI score0.10715EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2018/12/04 12:0 a.m.29 views

Fedora Update for ruby FEDORA-2018-190ecd2ef8

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.2AI score0.10715EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2018/11/29 10:23 a.m.155 views

Important: Red Hat Security Advisory: rh-ruby25-ruby security, bug fix, and enhancement update

An update for rh-ruby25-ruby is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabili...

9.8CVSS7.2AI score0.10715EPSS
Exploits0References17
CVE
CVE
added 2018/11/16 6:0 p.m.328 views

CVE-2018-16396

CVE-2018-16396 is a taint propagation issue in Ruby: certain formats used when unpacking tainted strings do not propagate taint correctly. Affected versions are Ruby before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.2, and 2.6.x before 2.6.0-preview3. The root cause is that unpacked strings deri...

8.1CVSS7.3AI score0.07968EPSS
Exploits0References16Affected Software1
Debian CVE
Debian CVE
added 2018/11/16 6:0 p.m.29 views

CVE-2018-16396

Removed by vendor...

8.1CVSS8.9AI score0.07968EPSS
Exploits0
OpenVAS
OpenVAS
added 2018/11/06 12:0 a.m.33 views

Ubuntu: Security Advisory (USN-3808-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.2AI score0.10715EPSS
Exploits0References2
Cloud Foundry
Cloud Foundry
added 2018/11/06 12:0 a.m.509 views

USN-3808-1: Ruby vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description It was discovered that Ruby incorrectly handled certain X.509 certificates. An attacker could possibly use this issue to bypass the certificate check. CVE-2018-16395 It was discovered that Ruby incorrectl...

9.8CVSS8.5AI score0.10715EPSS
Exploits0
Ubuntu
Ubuntu
added 2018/11/05 7:26 p.m.443 views

USN-3808-1: Ruby vulnerabilities

It was discovered that Ruby incorrectly handled certain X.509 certificates. An attacker could possibly use this issue to bypass the certificate check. CVE-2018-16395 It was discovered that Ruby incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code...

9.8CVSS7.2AI score0.10715EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2018/11/05 12:0 a.m.36 views

Debian DSA-4332-1 : ruby2.3 - security update

Several vulnerabilities have been discovered in the interpreter for the Ruby language. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2018-16395 Tyler Eckstein reported that the equality check of OpenSSL::X509::Name could return true for non-equal...

9.8CVSS7AI score0.10715EPSS
Exploits0References7
Debian
Debian
added 2018/11/03 10:24 a.m.37 views

[SECURITY] [DSA 4332-1] ruby2.3 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4332-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso November 03, 2018 https://www.debian.org/security/faq -...

7.5CVSS0.10715EPSS
Exploits0
Debian
Debian
added 2018/11/03 10:24 a.m.539 views

[SECURITY] [DSA 4332-1] ruby2.3 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4332-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso November 03, 2018 https://www.debian.org/security/faq -...

9.8CVSS9AI score0.10715EPSS
Exploits0
Debian
Debian
added 2018/10/28 9:37 p.m.451 views

[SECURITY] [DLA 1558-1] ruby2.1 security update

Package : ruby2.1 Version : 2.1.5-2+deb8u6 CVE ID : CVE-2018-16395 CVE-2018-16396 CVE-2018-16395 Fix for OpenSSL::X509::Name equality check. CVE-2018-16396 Tainted flags are not propagated in Arraypack and Stringunpack with some directives. For Debian 8 "Jessie", these problems have been fixed in...

9.8CVSS8.6AI score0.10715EPSS
Exploits0
OpenVAS
OpenVAS
added 2018/10/28 12:0 a.m.37 views

Debian: Security Advisory (DLA-1558-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.2AI score0.10715EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2018/10/26 12:0 a.m.26 views

CVE-2018-16396

An issue was discovered in Ruby before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.2, and 2.6.x before 2.6.0-preview3. It does not taint strings that result from unpacking tainted strings with some formats...

8.1CVSS6.8AI score0.07968EPSS
Exploits0References3
FreeBSD
FreeBSD
added 2018/10/17 12:0 a.m.512 views

ruby -- multiple vulnerabilities

Ruby news: CVE-2018-16395: OpenSSL::X509::Name equality check does not work correctly An instance of OpenSSL::X509::Name contains entities such as CN, C and so on. Some two instances of OpenSSL::X509::Name are equal only when all entities are exactly equal. However, there is a bug that the equali...

9.8CVSS0.4AI score0.10715EPSS
Exploits0References3
Rows per page
Query Builder