MiracleLinux 7 : rh-ruby30-ruby-3.0.4-149.el7 (AXSA:2022-3890:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3890:01 advisory. ruby: buffer overflow in CGI.escapehtml CVE-2021-41816 ruby: Regular expression denial of service vulnerability of Date parsing methods CVE-2021-418...

MiracleLinux 7 : rh-ruby27-ruby-2.7.6-131.el7 (AXSA:2022-3889:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3889:01 advisory. ruby: buffer overflow in CGI.escapehtml CVE-2021-41816 ruby: Regular expression denial of service vulnerability of Date parsing methods CVE-2021-418...

BELL-CVE-2021-41816 CVE-2021-41816 does not affect BellSoft software

Bulletin has no description...

Moderate: Red Hat Security Advisory: rh-ruby27-ruby security, bug fix, and enhancement update

An update for rh-ruby27-ruby is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabilit...

RHEL 7 : rh-ruby27-ruby (RHSA-2022:6856)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:6856 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system...

USN-5235-1: Ruby vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description It was discovered that Ruby incorrectly handled certain HTML files. An attacker could possibly use this issue to cause a crash. This issue only affected Ubuntu 20.04 LTS, Ubuntu 21.04, and Ubuntu 21.10...

CVE-2021-41816

CGI.escapehtml in Ruby before 2.7.5 and 3.x before 3.0.3 has an integer overflow and resultant buffer overflow via a long string on platforms such as Windows where sizet and long have different numbers of bytes. This also affects the CGI gem before 0.3.1 for Ruby...

DEBIAN-CVE-2021-41816

CGI.escapehtml in Ruby before 2.7.5 and 3.x before 3.0.3 has an integer overflow and resultant buffer overflow via a long string on platforms such as Windows where sizet and long have different numbers of bytes. This also affects the CGI gem before 0.3.1 for Ruby...

CVE-2021-41816

CVE-2021-41816 affects CGI.escape_html in Ruby before 2.7.5 and 3.x before 3.0.3, with an integer overflow leading to a buffer overflow on platforms where size_t and long differ (Windows). The vulnerability also affects the CGI gem up to 0.3.1. Connected advisories confirm affected Ruby 2.7 and 3...

Debian DSA-5067-1 : ruby2.7 - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5067 advisory. Several vulnerabilities have been discovered in the interpreter for the Ruby language and the Rubygems included, which may result in information disclosure or...

[SECURITY] [DSA 5067-1] ruby2.7 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5067-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff February 03, 2022 https://www.debian.org/security/faq -...

Mageia: Security Advisory (MGASA-2021-0579)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2021-41816

A flaw was found in the ruby. This issue occurs due to improper bounds checking by a buffer overrun in CGI.escapehtml. By sending an overly long string using the sizet parameter, a remote attacker could overflow a buffer and execute arbitrary code on the system...