Lucene search
K

87 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.10 views

Astra Linux – Vulnerability in Ruby 2.5

A ReDoS vulnerability was discovered in the URI component before 0.12.2 for Ruby. The URI parser improperly handles invalid URLs that contain specific characters. There is an increase in execution time when parsing strings into URI objects using rfc2396parser.rb and rfc3986parser.rb. NOTE: This...

5.3CVSS6.5AI score0.01698EPSS
Exploits0References2
Rockylinux
Rockylinux
added 2026/04/14 6:1 p.m.5 views

ruby:2.5 security update

An update is available for rubygem-bson, module.rubygem-bundler, rubygem-bundler, rubygem-abrt, module.rubygem-mongo, module.rubygem-pg, rubygem-mysql2, module.rubygem-mysql2, ruby, module.rubygem-abrt, module.rubygem-bson, rubygem-pg, module.ruby, rubygem-mongo. This update affects Rocky Linux 8...

8.8CVSS7AI score0.04127EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.7 views

MiracleLinux 9 : ruby-3.0.7-162.el9_4 (AXSA:2024-8427:02)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8427:02 advisory. ruby/cgi-gem: HTTP response splitting in CGI CVE-2021-33621 ruby: ReDoS vulnerability in URI CVE-2023-28755 ruby: ReDoS vulnerability in Time...

9.8CVSS8.3AI score0.02637EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2025/11/20 12:0 a.m.7 views

TencentOS Server 3: ruby:2.5 (TSSA-2023:0312)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2023:0312 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

8.8CVSS8.3AI score0.04127EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-1827

Malicious code in bioql PyPI...

5.3CVSS6.2AI score0.01698EPSS
Exploits0References19
OpenVAS
OpenVAS
added 2025/09/05 12:0 a.m.3 views

Ubuntu: Security Advisory (USN-7735-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.8AI score0.02637EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/05/14 12:0 a.m.13 views

Alibaba Cloud Linux 3 : 0080: ruby:2.7 (ALINUX3-SA-2023:0080)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2023:0080 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2021-33621: The cgi gem before 0.1.0.2...

8.8CVSS8.3AI score0.04127EPSS
Exploits3References7
OpenVAS
OpenVAS
added 2025/05/13 12:0 a.m.12 views

Debian: Security Advisory (DLA-4163-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS7.5AI score0.02796EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/05/07 12:0 a.m.10 views

RockyLinux 8 : ruby:3.0 (RLSA-2024:3500)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3500 advisory. ruby/cgi-gem: HTTP response splitting in CGI CVE-2021-33621 ruby: ReDoS vulnerability in URI CVE-2023-28755 ruby: ReDoS vulnerability in Time...

9.8CVSS7.6AI score0.02637EPSS
Exploits1References13
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.14 views

Linux Distros Unpatched Vulnerability : CVE-2023-28755

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A ReDoS issue was discovered in the URI component through 0.12.0 in Ruby through 3.2.1. The URI parser mishandles invalid URLs that have specific characters. It...

5.3CVSS6.9AI score0.02637EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2024/09/03 12:0 a.m.28 views

Debian: Security Advisory (DLA-3858-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS5.9AI score0.04127EPSS
Exploits1References2
Debian
Debian
added 2024/09/02 12:46 p.m.41 views

[SECURITY] [DLA 3858-1] ruby2.7 security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3858-1 [email protected] https://www.debian.org/lts/security/ Sylvain Beucler September 02, 2024 https://wiki.debian.org/LTS -...

9.8CVSS8.4AI score0.04127EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2024/09/02 12:0 a.m.37 views

Debian dla-3858 : libruby2.7 - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3858 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3858-1 [email protected]...

9.8CVSS8.6AI score0.04127EPSS
Exploits1References18
RedHat Linux
RedHat Linux
added 2024/07/11 11:55 a.m.6 views

rubygem-uri: ReDoS vulnerability - upstream's incomplete fix for CVE-2023-28755

A flaw was found in the rubygem URI. The URI parser mishandles invalid URLs that have specific characters, which causes an increase in execution time parsing strings to URI objects. This issue may result in a regular expression denial of service ReDoS...

5.3CVSS7.5AI score0.02637EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2024/07/11 12:0 a.m.49 views

RHEL 8 : ruby (RHSA-2024:4499)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:4499 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system...

9.8CVSS7.6AI score0.02637EPSS
Exploits1References13
AlmaLinux
AlmaLinux
added 2024/07/11 12:0 a.m.80 views

Moderate: ruby security update

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fixes: rubygem-uri: ReDoS vulnerability - upstream's incomplete fix for CVE-2023-28755 CVE-2023-36617 ruby: Buffer overread vulnerability...

9.8CVSS7.1AI score0.02637EPSS
Exploits1References12
Tenable Nessus
Tenable Nessus
added 2024/06/13 12:0 a.m.27 views

Oracle Linux 9 : ruby (ELSA-2024-3838)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3838 advisory. - Fix double free in Regexp compilation. Resolves: CVE-2022-28738 Tenable has extracted the preceding description block directly from the Oracle Linux...

9.8CVSS7.6AI score0.02744EPSS
Exploits1References7
AlmaLinux
AlmaLinux
added 2024/05/30 12:0 a.m.51 views

Moderate: ruby:3.0 security update

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fixes: ruby/cgi-gem: HTTP response splitting in CGI CVE-2021-33621 ruby: ReDoS vulnerability in URI CVE-2023-28755 ruby: ReDoS...

9.8CVSS6.7AI score0.02637EPSS
Exploits1References14
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.30 views

RHEL 7 : ruby (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - ruby: Fiddle::Function.new heap buffer overflow CVE-2016-2339 - Type confusion exists in canceleval Ruby'...

8.9AI score0.06204EPSS
Exploits11References13
Tenable Nessus
Tenable Nessus
added 2024/05/03 12:0 a.m.23 views

Fedora 39 : ruby (2024-31cac8b8ec)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-31cac8b8ec advisory. Upgrade to Ruby 3.2.4. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

9.8CVSS7.6AI score0.02637EPSS
Exploits0References6
Rows per page
Query Builder