MiracleLinux 7 : ruby-2.0.0.648-39.0.1.el7.AXS7 (AXSA:2024-8934:03)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8934:03 advisory. CVE-2021-41819: when parsing cookies, only decode the values CVEs: CVE-2021-41819 CGI::Cookie.parse in Ruby through 2.6.8 mishandles security prefixes in...

MiracleLinux 7 : rh-ruby30-ruby-3.0.4-149.el7 (AXSA:2022-3890:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3890:01 advisory. ruby: buffer overflow in CGI.escapehtml CVE-2021-41816 ruby: Regular expression denial of service vulnerability of Date parsing methods CVE-2021-418...

MiracleLinux 7 : rh-ruby27-ruby-2.7.6-131.el7 (AXSA:2022-3889:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3889:01 advisory. ruby: buffer overflow in CGI.escapehtml CVE-2021-41816 ruby: Regular expression denial of service vulnerability of Date parsing methods CVE-2021-418...

Alibaba Cloud Linux 3 : 0080: ruby:2.7 (ALINUX3-SA-2023:0080)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2023:0080 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2021-33621: The cgi gem before 0.1.0.2...

CLSA-2024-1727115733 ruby: Fix of CVE-2021-41819

CVE-2021-41819: when parsing cookies, only decode the values...

RHEL 7 : ruby (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - ruby: Fiddle::Function.new heap buffer overflow CVE-2016-2339 - Type confusion exists in canceleval Ruby'...

Medium: ruby

Issue Overview: A flaw was found in ruby, where the date object was found to be vulnerable to a regular expression denial of service ReDoS during the parsing of dates. This flaw allows an attacker to hang a ruby application by providing a specially crafted date string. The highest threat to this...

BELL-CVE-2021-41819 CVE-2021-41819 does not affect BellSoft software

Bulletin has no description...

Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2023-1056)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2022-2588)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Moderate: Red Hat Security Advisory: rh-ruby27-ruby security, bug fix, and enhancement update

An update for rh-ruby27-ruby is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabilit...

RHEL 7 : rh-ruby27-ruby (RHSA-2022:6856)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:6856 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system...

Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2022-2536)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2022:3292-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLED15 / SLES15 Security Update : ruby2.5 (SUSE-SU-2022:3292-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:3292-1 advisory. - CGI::Cookie.parse in Ruby through 2.6.8 mishandles security prefixes in cookie names. This also affects the CGI gem...

SUSE-SU-2022:3292-1 Security update for ruby2.5

This update for ruby2.5 fixes the following issues: - CVE-2021-41819: Fixed cookie prefix spoofing in CGI::Cookie.parse bsc1193081...

ruby:2.7 security, bug fix, and enhancement update

ruby 2.7.6-138 - Upgrade to Ruby 2.7.6. Resolves: rhbz2109424 - Fix FTBFS due to an incompatible load directive. Related: rhbz2109424 - Fix a fiddle import test on an optimized glibc on Power 9. Related: rhbz2109424 - Fix regular Expression Denial of Service Vulnerability of Date Parsing Methods...

Moderate: Red Hat Security Advisory: ruby:2.7 security, bug fix, and enhancement update

An update for the ruby:2.7 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

RLSA-2022:6450 Moderate: ruby:3.0 security, bug fix, and enhancement update

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: ruby 3.0.4. BZ2109431 Security Fixes: ruby: Regular expression denial of...

RLSA-2022:6447 Moderate: ruby:2.7 security, bug fix, and enhancement update

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: ruby 2.7.6. BZ2109424 Security Fixes: ruby: Regular expression denial of...