54 matches found
MiracleLinux 7 : rh-ruby27-ruby-2.7.6-131.el7 (AXSA:2022-3889:01)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3889:01 advisory. ruby: buffer overflow in CGI.escapehtml CVE-2021-41816 ruby: Regular expression denial of service vulnerability of Date parsing methods CVE-2021-418...
MiracleLinux 7 : rh-ruby30-ruby-3.0.4-149.el7 (AXSA:2022-3890:01)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3890:01 advisory. ruby: buffer overflow in CGI.escapehtml CVE-2021-41816 ruby: Regular expression denial of service vulnerability of Date parsing methods CVE-2021-418...
EUVD-2025-41817
Malicious code in sinta-telurtahu70-ruro npm...
Alibaba Cloud Linux 3 : 0080: ruby:2.7 (ALINUX3-SA-2023:0080)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2023:0080 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2021-33621: The cgi gem before 0.1.0.2...
CVE-2024-41817
creationtimestamp| type| source ---|---|--- 2025-03-19 22:00:06+00:00| published-proof-of-concept| Telegram/wSGzmOjLrmEcQmMBXaHVXNxUHoaomU1r4hfeqWwSlXhrWUk 2025-06-21 21:00:05+00:00| published-proof-of-concept| Telegram/wPxuKkvaeObl7wP7fVpj1j1W8mLNT5U7Q8iJzLFoolh0zg 2025-09-12 07:24:53+00:00| see...
Linux Distros Unpatched Vulnerability : CVE-2021-41817
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Date.parse in the date gem through 3.2.0 for Ruby allows ReDoS regular expression Denial of Service via a long string. The fixed versions are 3.2.1, 3.1.2, 3.0....
OESA-2024-2581 ruby security update
Ruby is a fast and easy interpreted scripting language for object-oriented programming. It has many functions for processing text Files and perform system management tasks such as Perl. Security Fixes: CVE-2021-41817...
CVE-2024-41817 Arbitrary Code Execution in `AppImage` version `ImageMagick`
ImageMagick is a free and open-source software suite, used for editing and manipulating digital images. The AppImage version ImageMagick might use an empty path when setting MAGICKCONFIGUREPATH and LDLIBRARYPATH environment variables while executing, which might lead to arbitrary code execution b...
CVE-2024-41817
ImageMagick is a free and open-source software suite, used for editing and manipulating digital images. The AppImage version ImageMagick might use an empty path when setting MAGICKCONFIGUREPATH and LDLIBRARYPATH environment variables while executing, which might lead to arbitrary code execution b...
CVE-2023-41817
The CVE-2023-41817 case concerns the Motorola Phone Calls application, with an improper export vulnerability that could allow a local attacker to read unauthorized information. The vulnerability is described as a local-exploit, low-severity issue (CVSS v3.1: 2.8, LOW; AV:L/AC:L/PR:L/UI:R/S:U/C:L/...
openSUSE: Security Advisory for ruby2.5 (SUSE-SU-2023:4176-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Medium: ruby
Issue Overview: A flaw was found in ruby, where the date object was found to be vulnerable to a regular expression denial of service ReDoS during the parsing of dates. This flaw allows an attacker to hang a ruby application by providing a specially crafted date string. The highest threat to this...
Amazon Linux 2 : ruby (ALAS-2023-2345)
The version of ruby installed on the remote host is prior to 2.0.0.648-36. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2345 advisory. A flaw was found in ruby, where the date object was found to be vulnerable to a regular expression denial of service ReDoS during...
SUSE SLED15: libruby2_5-2_5 / ruby2.5 / ruby2.5-devel / ruby2.5-devel-extra / etc (SUSE-SU-2023:4176-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4176-1 advisory. - CVE-2023-28755: Fixed a ReDoS vulnerability in URI. bsc1209891 - CVE-2023-28756: Fixed an...
SUSE: Security Advisory (SUSE-SU-2023:4176-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Medium: ruby
Issue Overview: A flaw was found in ruby, where the date object was found to be vulnerable to a regular expression denial of service ReDoS during the parsing of dates. This flaw allows an attacker to hang a ruby application by providing a specially crafted date string. The highest threat to this...
K30272432: RubyGems vulnerability CVE-2021-41817
Security Advisory Description Date.parse in the date gem through 3.2.0 for Ruby allows ReDoS regular expression Denial of Service via a long string. The fixed versions are 3.2.1, 3.1.2, 3.0.2, and 2.0.1. CVE-2021-41817 Impact There is no impact; F5 products are not affected by this vulnerability...
Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2022-2588)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Moderate: Red Hat Security Advisory: rh-ruby27-ruby security, bug fix, and enhancement update
An update for rh-ruby27-ruby is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabilit...
RHEL 7 : rh-ruby27-ruby (RHSA-2022:6856)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:6856 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system...