Lucene search
K

33 matches found

OpenVAS
OpenVAS
added 2025/09/16 12:0 a.m.1 views

Ubuntu: Security Advisory (USN-7747-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.3CVSS6.8AI score0.01698EPSS
Exploits0References2
Amazon
Amazon
added 2025/02/05 12:0 a.m.4 views

Medium: ruby3.2

Issue Overview: A ReDoS issue was discovered in the URI component before 0.12.2 for Ruby. The URI parser mishandles invalid URLs that have specific characters. There is an increase in execution time for parsing strings to URI objects with rfc2396parser.rb and rfc3986parser.rb. NOTE: this issue...

5.3CVSS7.1AI score0.02637EPSS
Exploits0
Amazon
Amazon
added 2025/02/05 12:0 a.m.5 views

Medium: ruby3.2

Issue Overview: A ReDoS issue was discovered in the URI component before 0.12.2 for Ruby. The URI parser mishandles invalid URLs that have specific characters. There is an increase in execution time for parsing strings to URI objects with rfc2396parser.rb and rfc3986parser.rb. NOTE: this issue...

5.3CVSS7.4AI score0.02637EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/02/05 12:0 a.m.9 views

Amazon Linux 2023 : ruby3.2, ruby3.2-bundled-gems, ruby3.2-default-gems (ALAS2023-2025-839)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-839 advisory. A ReDoS issue was discovered in the URI component before 0.12.2 for Ruby. The URI parser mishandles invalid URLs that have specific characters. There is an increase in execution time for parsing strings...

5.3CVSS7.9AI score0.02637EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2024/09/03 12:0 a.m.28 views

Debian: Security Advisory (DLA-3858-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS5.9AI score0.04127EPSS
Exploits1References2
Debian
Debian
added 2024/09/02 12:46 p.m.41 views

[SECURITY] [DLA 3858-1] ruby2.7 security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3858-1 [email protected] https://www.debian.org/lts/security/ Sylvain Beucler September 02, 2024 https://wiki.debian.org/LTS -...

9.8CVSS8.4AI score0.04127EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2024/09/02 12:0 a.m.36 views

Debian dla-3858 : libruby2.7 - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3858 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3858-1 [email protected]...

9.8CVSS8.6AI score0.04127EPSS
Exploits1References18
OSV
OSV
added 2024/07/11 12:0 a.m.29 views

ALSA-2024:4499 Moderate: ruby security update

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fixes: rubygem-uri: ReDoS vulnerability - upstream's incomplete fix for CVE-2023-28755 CVE-2023-36617 ruby: Buffer overread vulnerability...

9.8CVSS7.2AI score0.02637EPSS
Exploits1References12
Tenable Nessus
Tenable Nessus
added 2024/05/03 12:0 a.m.23 views

Fedora 39 : ruby (2024-31cac8b8ec)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-31cac8b8ec advisory. Upgrade to Ruby 3.2.4. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

9.8CVSS7.6AI score0.02637EPSS
Exploits0References6
OSV
OSV
added 2024/03/27 4:34 a.m.37 views

RLSA-2024:1431 Moderate: ruby:3.1 security, bug fix, and enhancement update

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: ruby 3.1. Rocky Linux-28565 Security Fixes: ruby/cgi-gem: HTTP response...

8.8CVSS8.1AI score0.02637EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2024/03/19 12:0 a.m.42 views

RHEL 8 : ruby:3.1 (RHSA-2024:1431)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1431 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system...

8.8CVSS7.9AI score0.02637EPSS
Exploits1References11
AlmaLinux
AlmaLinux
added 2024/03/19 12:0 a.m.91 views

Moderate: ruby:3.1 security, bug fix, and enhancement update

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: ruby 3.1. AlmaLinux-28565 Security Fixes: ruby/cgi-gem: HTTP response...

8.8CVSS7.2AI score0.02637EPSS
Exploits1References10
OSV
OSV
added 2024/03/19 12:0 a.m.41 views

ALSA-2024:1431 Moderate: ruby:3.1 security, bug fix, and enhancement update

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: ruby 3.1. AlmaLinux-28565 Security Fixes: ruby/cgi-gem: HTTP response...

8.8CVSS8.1AI score0.02637EPSS
Exploits1References10
Tenable Nessus
Tenable Nessus
added 2024/01/16 12:0 a.m.33 views

EulerOS 2.0 SP11 : ruby (EulerOS-SA-2023-2868)

According to the versions of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A ReDoS issue was discovered in the URI component before 0.12.2 for Ruby. The URI parser mishandles invalid URLs that have specific characters...

5.3CVSS8AI score0.02637EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/01/16 12:0 a.m.30 views

EulerOS 2.0 SP10 : ruby (EulerOS-SA-2023-2824)

According to the versions of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A ReDoS issue was discovered in the URI component before 0.12.2 for Ruby. The URI parser mishandles invalid URLs that have specific characters...

5.3CVSS8AI score0.02637EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/01/16 12:0 a.m.29 views

EulerOS 2.0 SP11 : ruby (EulerOS-SA-2023-2851)

According to the versions of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A ReDoS issue was discovered in the URI component before 0.12.2 for Ruby. The URI parser mishandles invalid URLs that have specific characters...

5.3CVSS8AI score0.02637EPSS
Exploits0References2
Cloud Foundry
Cloud Foundry
added 2023/09/28 12:0 a.m.34 views

USN-6219-1: Ruby vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Canonical Ubuntu 22.04 Description It was discovered that Ruby incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu...

5.3CVSS7.3AI score0.02637EPSS
Exploits0Affected Software2
OpenVAS
OpenVAS
added 2023/09/20 12:0 a.m.26 views

Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2023-2851)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.3CVSS6.1AI score0.01698EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2023/09/11 12:0 a.m.26 views

Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2023-2824)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.3CVSS6.1AI score0.01698EPSS
Exploits0References2
Hacker One
Hacker One
added 2023/07/17 5:9 a.m.86 views

Internet Bug Bounty: CVE-2023-36617: ReDoS vulnerability in URI (Ruby)

A ReDoS vulnerability was discovered in the URI component of the Ruby uri gem versions 0.12.1 and earlier. The vulnerability allowed for the mishandling of invalid URLs with specific characters, resulting in an increase in execution time for parsing strings to URI objects. This issue was a result...

5.3CVSS7.2AI score0.02637EPSS
Exploits0
Rows per page
Query Builder