EUVD-2018-0172

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2020-25613

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Ruby through 2.5.8, 2.6.x through 2.6.6, and 2.7.x through 2.7.1. WEBrick, a simple HTTP server bundled with Ruby, had not checked th...

Linux Distros Unpatched Vulnerability : CVE-2011-3624

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Various methods in WEBrick::HTTPRequest in Ruby 1.9.2 and 1.8.7 and earlier do not validate the X-Forwarded-For, X-Forwarded-Host and X-Forwarded-Server headers...

CVE-2024-47220

The CVE-2024-47220 issue affects the WEBrick toolkit in Ruby (through 1.8.1). It enables HTTP request smuggling by sending both Content-Length and Transfer-Encoding in the same request, e.g., a crafted GET line embedded in a POST request. The advisory notes WEBrick should not be used in productio...

SUSE CVE-2007-5162

The connect method in lib/net/http.rb in the 1 Net::HTTP and 2 Net::HTTPS libraries in Ruby 1.8.5 and 1.8.6 does not verify that the commonName CN field in a server certificate matches the domain name in an HTTPS request, which makes it easier for remote attackers to intercept SSL transmissions v...

Agoo 安全漏洞

Agoo is a Ruby-based HTTP server from the individual developer Peter Ohler. A security vulnerability exists in Agoo version 2.14.2 and earlier versions, which can be exploited by an attacker to cause an application to crash...

Mageia: Security Advisory (MGASA-2015-0227)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization for ARM 64 3.0.2.0 : binutils (EulerOS-SA-2020-1548)

According to the versions of the binutils package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 allows HTTP Response Splitting. If a program using...

Ruby http gem man-in-the-middle attack vulnerability

The Ruby http gem is a standard package for managing Ruby libraries and programs. A man-in-the-middle attack vulnerability exists in Ruby http gem versions prior to 0.7.3, which stems from the program failing to validate the hostname during an SSL connection. A remote attacker could use this...

CVE-2015-1828

The Ruby http gem before 0.7.3 does not verify hostnames in SSL connections, which might allow remote attackers to obtain sensitive information via a man-in-the-middle-attack...

CVE-2015-1828

The Ruby http gem before 0.7.3 does not verify hostnames in SSL connections, which might allow remote attackers to obtain sensitive information via a man-in-the-middle-attack...

DEBIAN-CVE-2015-1828

The Ruby http gem before 0.7.3 does not verify hostnames in SSL connections, which might allow remote attackers to obtain sensitive information via a man-in-the-middle-attack...

CVE-2015-1828

The Ruby http gem before 0.7.3 does not verify hostnames in SSL connections, which might allow remote attackers to obtain sensitive information via a man-in-the-middle-attack...

CVE-2015-1828

The Ruby http gem before 0.7.3 does not verify hostnames in SSL connections, which might allow remote attackers to obtain sensitive information via a man-in-the-middle-attack...