Lucene search
K

696 matches found

OSV
OSV
added 2025/11/13 11:37 p.m.5 views

MGASA-2025-0290 Updated ruby packages fix security vulnerabilities

Net::IMAP vulnerable to possible DoS by memory exhaustion. CVE-2025-25186 In the CGI gem before 0.4.2 for Ruby, the CGI::Cookie.parse method in the CGI library contains a potential Denial of Service DoS vulnerability. The method does not impose any limit on the length of the raw cookie value it...

7.5CVSS6.8AI score0.00784EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2025/11/11 3:5 p.m.7 views

Important: Red Hat Security Advisory: pcs security update

An update for pcs is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

7.5CVSS6.8AI score0.00848EPSS
Exploits0References6
OSV
OSV
added 2025/11/06 9:31 p.m.7 views

GHSA-9C5Q-W6GR-FXCQ MQTT does not validate hostnames

A flaw was found in Rubygem MQTT. By default, the package used to not have hostname validation, resulting in possible Man-in-the-Middle MITM attack...

7.4CVSS6.6AI score0.00313EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2025/11/06 9:31 p.m.7 views

MQTT does not validate hostnames

A flaw was found in Rubygem MQTT. By default, the package used to not have hostname validation, resulting in possible Man-in-the-Middle MITM attack...

7.4CVSS6.6AI score0.00313EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2025/11/05 9:0 a.m.7 views

RLSA-2025:19719 Important: pcs security update

The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fixes: rubygem-rack: Rack QueryParser has an unsafe default allowing paramslimit bypass via semicolon-separated parameters CVE-2025-59830 rack: Rack's unbounded multipart preamble...

7.5CVSS6.9AI score0.00848EPSS
Exploits0References6
OSV
OSV
added 2025/11/04 12:0 a.m.7 views

ALSA-2025:19719 Important: pcs security update

The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fixes: rubygem-rack: Rack QueryParser has an unsafe default allowing paramslimit bypass via semicolon-separated parameters CVE-2025-59830 rack: Rack's unbounded multipart preamble...

7.5CVSS6.9AI score0.00848EPSS
Exploits0References12
OSV
OSV
added 2025/10/16 12:0 a.m.5 views

OPENSUSE-SU-2025:15642-1 ruby3.4-rubygem-rack-2.2-2.2.20-1.1 on GA media

These are all security issues fixed in the ruby3.4-rubygem-rack-2.2-2.2.20-1.1 package on the GA media of openSUSE Tumbleweed...

7.5CVSS7.1AI score0.00591EPSS
Exploits0References1
OSV
OSV
added 2025/10/10 12:0 a.m.6 views

OPENSUSE-SU-2025:15623-1 ruby3.4-rubygem-rack-session-2.1.1-1.1 on GA media

These are all security issues fixed in the ruby3.4-rubygem-rack-session-2.1.1-1.1 package on the GA media of openSUSE Tumbleweed...

4.2CVSS7.3AI score0.00271EPSS
Exploits0References1
OPENSUSE Linux
OPENSUSE Linux
added 2025/10/10 12:0 a.m.8 views

ruby3.4-rubygem-rack-2.2-2.2.19-1.1 on GA media (moderate)

ruby3.4-rubygem-rack-2.2-2.2.19-1.1 on GA media Announcement ID: openSUSE-SU-2025:15621-1 Rating: moderate Cross-References: CVE-2025-61770 CVE-2025-61771 CVE-2025-61772 CVSS scores: CVE-2025-61770 SUSE : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2025-61770 SUSE : 8.7...

8.7CVSS7.2AI score0.00848EPSS
Exploits0
OSV
OSV
added 2025/10/09 12:0 a.m.7 views

OPENSUSE-SU-2025:15621-1 ruby3.4-rubygem-rack-2.2-2.2.19-1.1 on GA media

These are all security issues fixed in the ruby3.4-rubygem-rack-2.2-2.2.19-1.1 package on the GA media of openSUSE Tumbleweed...

7.5CVSS6.9AI score0.00848EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/10/08 12:0 a.m.7 views

SUSE SLES15 / openSUSE 15 Security Update : rubygem-puma (SUSE-SU-2025:03467-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03467-1 advisory. Update to version 5.6.9. - CVE-2024-45614: improper header normalization allows for clients to clobber proxy set headers, which...

9.8CVSS6.6AI score0.00958EPSS
Exploits0References10
SUSE Linux
SUSE Linux
added 2025/10/07 11:33 a.m.6 views

Security update for rubygem-puma

This update for rubygem-puma fixes the following issues: Update to version 5.6.9. CVE-2024-45614: improper header normalization allows for clients to clobber proxy set headers, which can lead to information leaks bsc1230848, fixed in an earlier update. CVE-2024-21647: unbounded resource consumpti...

7.3CVSS6.8AI score0.00958EPSS
Exploits0References12
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-0223

Malware in sbrugna...

9.8CVSS9.3AI score0.0256EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2017-0184

Malware in sbrugna...

9.3CVSS6.2AI score0.01605EPSS
Exploits1References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2017-0279

Malware in sbrugna...

7.5CVSS6.3AI score0.03633EPSS
Exploits0References9
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2017-0187

Malware in sbrugna...

7.5CVSS6.3AI score0.02108EPSS
Exploits0References9
EUVD
EUVD
added 2025/10/07 12:30 a.m.12 views

EUVD-2017-0348

Malware in sbrugna...

8.1CVSS8AI score0.02415EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2017-0257

Malware in sbrugna...

5.3CVSS5.3AI score0.01565EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-0419

Malware in sbrugna...

8.8CVSS8.6AI score0.00983EPSS
Exploits1References9
EUVD
EUVD
added 2025/10/07 12:30 a.m.10 views

EUVD-2017-0179

Malware in sbrugna...

2.1CVSS6.2AI score0.00378EPSS
Exploits0References11
Rows per page
Query Builder