Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

61 matches found

Tenable Nessus
Tenable Nessusadded 2025/03/04 12:0 a.m.16 views

Linux Distros Unpatched Vulnerability : CVE-2020-10663

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through 2.6.5, has an Unsafe Object Creation Vulnerability...

7.5CVSS7AI score0.06629EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2024/06/03 12:0 a.m.18 views

RHEL 7 : pcs (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - rubygem-json: Unsafe object creation vulnerability in JSON CVE-2020-10663 - ClusterLabs pcs before versio...

7.5CVSS7.8AI score0.06629EPSS
Exploits1References4
Tenable Nessus
Tenable Nessusadded 2023/09/07 12:0 a.m.40 views

Oracle Linux 8 : pcs (ELSA-2020-5724)

The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2020-5724 advisory. 0.10.4-6.0.1.el82.1 - Replace HAM-logo.png with a generic one 0.10.4-6.el82.1 - Fixed running pcs status on remote nodes - Fixed ruby daemon closing connection...

7.5CVSS7.2AI score0.06629EPSS
Exploits0References2
OSV
OSVadded 2023/08/31 12:13 p.m.0 views

BELL-CVE-2020-10663 CVE-2020-10663 does not affect BellSoft software

Bulletin has no description...

7.5CVSS5.8AI score0.06629EPSS
Exploits0References1
SUSE CVE
SUSE CVEadded 2023/02/15 4:0 a.m.2 views

SUSE CVE-2020-10663

The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through 2.6.5, has an Unsafe Object Creation Vulnerability. This is quite similar to CVE-2013-0269, but does not rely on poor garbage-collection behavior within Ruby. Specifically, use of JSON parsi...

8CVSS6.9AI score0.06629EPSS
Exploits0References12
IBM Security Bulletins
IBM Security Bulletinsadded 2023/01/04 6:11 a.m.34 views

Security Bulletin: IBM Sterling Global Mailbox vulnerable to security bypass due to Apache Zookeeper (CVE-2020-10663)

Summary IBM Sterling Global Mailbox has addressed a security bypass issue in Apache Zookeeper. Vulnerability Details CVEID:CVE-2020-10663 DESCRIPTION: RubyGems JSON gem for Ruby could allow a remote attacker to bypass security restrictions, caused by improper validation of input by the gem when...

7.5CVSS7.5AI score0.06629EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessusadded 2022/09/15 12:0 a.m.62 views

RHEL 7 : rh-ruby25-ruby (RHSA-2021:2104)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:2104 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system...

8.1CVSS6.8AI score0.06629EPSS
Exploits2References20
Tenable Nessus
Tenable Nessusadded 2022/02/22 12:0 a.m.32 views

RHEL 8 : ruby:2.6 (RHSA-2022:0582)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:0582 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system...

9.3CVSS6.8AI score0.06629EPSS
Exploits7References31
Tenable Nessus
Tenable Nessusadded 2022/02/09 12:0 a.m.252 views

Rocky Linux 8 : ruby:2.5 (RLSA-2021:2587)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:2587 advisory. - Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 mishandles path checking within File.fnmatch functions. CVE-2019-15845 -...

8.1CVSS7.8AI score0.06629EPSS
Exploits2References19
Tenable Nessus
Tenable Nessusadded 2022/02/09 12:0 a.m.39 views

Rocky Linux 8 : pcs (RLSA-2020:2462)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2020:2462 advisory. - The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through 2.6.5, has an Unsafe Object Creation Vulnerability...

7.5CVSS7.2AI score0.06629EPSS
Exploits0References6
OpenVAS
OpenVASadded 2022/01/28 12:0 a.m.19 views

Mageia: Security Advisory (MGASA-2020-0186)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8AI score0.06629EPSS
Exploits0References5
Tenable Nessus
Tenable Nessusadded 2021/07/02 12:0 a.m.66 views

Oracle Linux 8 : ruby:2.5 (ELSA-2021-2587)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-2587 advisory. ruby 2.5.9-107 - Update to Ruby 2.5.9. Remove Patch20: ruby-2.6.0-rdoc-6.0.1-fix-template-typo.patch; subsumed Resolves: rhbz1952626 - Resolv::DNS:...

8.1CVSS6.9AI score0.06629EPSS
Exploits2References9
RedHat Linux
RedHat Linuxadded 2021/06/29 4:24 p.m.69 views

Moderate: Red Hat Security Advisory: ruby:2.5 security, bug fix, and enhancement update

An update for the ruby:2.5 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.1CVSS6.7AI score0.06629EPSS
Exploits2References11
OSV
OSVadded 2021/06/29 1:58 p.m.20 views

ALSA-2021:2587 Moderate: ruby:2.5 security, bug fix, and enhancement update

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: ruby 2.5.9. BZ1952626 Security Fixes: ruby: NUL injection vulnerability of...

8.1CVSS8.2AI score0.06629EPSS
Exploits2References9
AlmaLinux
AlmaLinuxadded 2021/06/29 1:58 p.m.74 views

Moderate: ruby:2.5 security, bug fix, and enhancement update

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: ruby 2.5.9. BZ1952626 Security Fixes: ruby: NUL injection vulnerability of...

8.1CVSS8.1AI score0.06629EPSS
Exploits2References9
OpenVAS
OpenVASadded 2021/06/09 12:0 a.m.29 views

SUSE: Security Advisory (SUSE-SU-2020:0995-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.7AI score0.06629EPSS
Exploits1References2
RedHat Linux
RedHat Linuxadded 2021/05/26 7:41 a.m.95 views

Moderate: Red Hat Security Advisory: rh-ruby25-ruby security, bug fix, and enhancement update

An update for rh-ruby25-ruby is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabilit...

8.1CVSS6.7AI score0.06629EPSS
Exploits2References10
Amazon
Amazonadded 2021/05/24 12:0 a.m.119 views

Medium: ruby

Issue Overview: The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through 2.6.5, has an Unsafe Object Creation Vulnerability. This is quite similar to CVE-2013-0269, but does not rely on poor garbage-collection behavior within Ruby. Specifically, u...

7.5CVSS7.3AI score0.13911EPSS
Exploits0
Cloud Foundry
Cloud Foundryadded 2021/04/14 12:0 a.m.32 views

USN-4882-1: Ruby vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description It was discovered that the Ruby JSON gem incorrectly handled certain JSON files. If a user or automated system were tricked into parsing a specially crafted JSON file, a remote attacker could use this iss...

7.5CVSS7.7AI score0.06629EPSS
Exploits1Affected Software2
OpenVAS
OpenVASadded 2021/03/19 12:0 a.m.24 views

Ubuntu: Security Advisory (USN-4882-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.8AI score0.06629EPSS
Exploits1References2
Rows per page
Query Builder