12 matches found
Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs Security Update
An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: ruby3.3: ruby3.3-3.3.10-23.2.hum1 aarch64, x8664 ruby3.3-bundled-gems-3.3.10-23.2.hum1 aarch64, x8664 ruby3.3-default-gems-3.3.10-23.2.hum1 noarch ruby3.3-devel-3.3.10-23.2.hum1 aarch64, x8664...
ruby:2.5 security update
An update is available for module.rubygem-abrt, rubygem-bson, rubygem-mongo, module.rubygem-mysql2, module.rubygem-mongo, module.rubygem-pg, rubygem-mysql2, module.rubygem-bson, rubygem-abrt, rubygem-bundler, rubygem-pg, module.rubygem-bundler. This update affects Rocky Linux 8. A Common...
ruby:3.3 security update
An update is available for module.rubygem-abrt, module.rubygem-mysql2, module.rubygem-pg, rubygem-mysql2, rubygem-abrt, rubygem-pg. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
Important: Red Hat Security Advisory: ruby security update
An update for ruby is now available for Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs Security Update
An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: ruby3.4: ruby3.4-3.4.8-31.2.hum1 aarch64, x8664 ruby3.4-bundled-gems-3.4.8-31.2.hum1 aarch64, x8664 ruby3.4-default-gems-3.4.8-31.2.hum1 noarch ruby3.4-devel-3.4.8-31.2.hum1 aarch64, x8664...
Important: Red Hat Security Advisory: ruby security update
An update for ruby is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...
USN-8431-1 ruby2.3, ruby2.5 vulnerabilities
It was discovered that Ruby's Net::IMAP library did not properly verify that Transport Layer Security TLS encryption was started after issuing a STARTTLS command. A remote attacker could possibly use this issue to perform a machine-in-the-middle attack and silently bypass TLS encryption...
Amazon Linux 2023 : ruby4.0, ruby4.0-bundled-gems, ruby4.0-default-gems (ALAS2023-2026-1806)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1806 advisory. Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. Prior to versions 0.3.10, 0.4.24, 0.5.14, and 0.6.4, a man-in-the-middle attacker can cause...
Linux Distros Unpatched Vulnerability : CVE-2026-42246
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. Prior to versions 0.3.10, 0.4.24, 0.5.14, and 0.6.4, a man-in-the-middl...
CVE-2026-42246 net-imap vulnerable to STARTTLS stripping via invalid response timing
Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. Prior to versions 0.3.10, 0.4.24, 0.5.14, and 0.6.4, a man-in-the-middle attacker can cause Net::IMAPstarttls to return "successfully", without starting TLS. This issue has been patched in versions 0.3.10,...
CVE-2026-42246 vulnerabilities
Vulnerabilities for packages: kube-logging-operator, kube-fluentd-operator, ruby3.3-net-imap, ruby3.3-rails, logstash, ruby3.4-net-imap, ruby3.4-rails, ruby3.2-net-imap, ruby4.0-rails, ruby3.2-rails, ruby4.0-net-imap...
CVE-2026-42246 vulnerabilities
Vulnerabilities for packages: ruby4.0-rails, gitlab-rails-ce-fips, gitlab-rails-ce, kube-logging-operator, kube-fluentd-operator, ruby3.2-rails, ruby3.2-net-imap, logstash-fips, ruby3.3-net-imap, ruby3.4-net-imap, ruby3.4-rails, ruby4.0-net-imap, truffleruby, logstash, ruby3.3-rails...