49 matches found
GHSA-V2FC-QM4H-8HQV vulnerabilities
Vulnerabilities for packages: ruby4.0-rails, kube-logging-operator, ruby3.3-rails, ruby3.2-rails, ruby3.4-rails...
GHSA-VGPV-F759-9WX3 vulnerabilities
Vulnerabilities for packages: ruby3.4-rails, logstash, ruby3.2-rails...
GHSA-V6X5-CG8R-VV6X vulnerabilities
Vulnerabilities for packages: ruby3.4-rails, logstash, ruby3.2-rails...
GHSA-V569-HP3G-36WR vulnerabilities
Vulnerabilities for packages: ruby3.4-rails, logstash, ruby3.2-rails...
CVE-2026-34230 vulnerabilities
Vulnerabilities for packages: ruby3.4-rails, logstash, ruby3.2-rails...
GHSA-7MQQ-6CF9-V2QP vulnerabilities
Vulnerabilities for packages: ruby3.4-rails, logstash, ruby3.2-rails...
CVE-2026-34829 vulnerabilities
Vulnerabilities for packages: ruby3.4-rails, logstash, ruby3.2-rails...
CVE-2026-34826 vulnerabilities
Vulnerabilities for packages: logstash, pact-broker-docker-fips, ruby3.2-rails, gitlab-rails-ce, pact-broker-docker, gitlab-cng, ruby3.4-rails, gitlab-rails-ce-fips...
CVE-2026-34786 vulnerabilities
Vulnerabilities for packages: logstash, pact-broker-docker-fips, ruby3.2-rails, gitlab-rails-ce, pact-broker-docker, gitlab-cng, ruby3.4-rails, gitlab-rails-ce-fips...
GHSA-V6X5-CG8R-VV6X vulnerabilities
Vulnerabilities for packages: pact-broker-docker-fips, pact-broker-docker, ruby3.2-rails, ruby3.4-rails, logstash...
GHSA-CG4J-Q9V8-6V38 vulnerabilities
Vulnerabilities for packages: kube-logging-operator, ruby3.2-rails, cinc-auditor, ruby3.4-rails, kube-fluentd-operator...
CVE-2025-24293
Active Storage allowed transformation methods potentially unsafe Active Storage attempts to prevent the use of potentially unsafe image transformation methods and parameters by default. The default allowed list contains three methods allow for the circumvention of the safe defaults which enables...
Debian: Security Advisory (DLA-4416-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DSA-6090-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DLA-4383-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MAL-2025-19279 Malicious code in ejson-rails (npm)
The package ejson-rails was found to contain malicious code...
Malicious code in measured-rails (npm)
The package measured-rails was found to contain malicious code...
Ubuntu: Security Advisory (USN-7646-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DSA-5881-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2023-38037
ActiveSupport::EncryptedFile writes contents that will be encrypted to a temporary file. The temporary file's permissions are defaulted to the user's current umask settings, meaning that it's possible for other users on the same system to read the contents of the temporary file. Attackers that ha...