OPENSUSE-SU-2024:14471-1 ruby3.3-rubygem-actionmailer-7.0-7.0.8.6-1.1 on GA media

These are all security issues fixed in the ruby3.3-rubygem-actionmailer-7.0-7.0.8.6-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:14474-1 ruby3.3-rubygem-puma-6.4.3-1.1 on GA media

These are all security issues fixed in the ruby3.3-rubygem-puma-6.4.3-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:14472-1 ruby3.3-rubygem-actionpack-7.0-7.0.8.6-1.1 on GA media

These are all security issues fixed in the ruby3.3-rubygem-actionpack-7.0-7.0.8.6-1.1 package on the GA media of openSUSE Tumbleweed...

RHEL 6 / 7 : rh-ror42-rubygem-actionpack (RHSA-2019:1149)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:1149 advisory. Ruby on Rails is a model-view-controller MVC framework for web application development. Action Pack implements the controller and the vi...

RHEL 6 / 7 : rh-ror42-rubygem-sprockets (RHSA-2018:2244)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:2244 advisory. Sprockets is a Ruby library for compiling and serving web assets. It features declarative dependency management for JavaScript and CSS assets, as...

SUSE: Security Advisory (SUSE-SU-2024:3873-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES15 Security Update : rubygem-actionpack-5_1 (SUSE-SU-2024:3877-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3877-1 advisory. - CVE-2024-47887: Fixed Possible ReDoS vulnerability in HTTP Token authentication in Action Controller bsc1231729. - CVE-2024-42228: Fixed...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : rubygem-bundler (SUSE-SU-2024:3873-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:3873-1 advisory. - CVE-2021-43809: Fixed remote execution via Gemfile argument injection bsc1193578 Tenable has extracted...

SUSE SLES15 Security Update : rubygem-actionmailer-5_1 (SUSE-SU-2024:3878-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2024:3878-1 advisory. - CVE-2024-47889: Fixed Possible ReDoS vulnerability in blockformat in Action Mailer bsc1231723. Tenable has extracted the preceding description block...

Security update for rubygem-actionmailer-5_1

This update for rubygem-actionmailer-51 fixes the following issues: CVE-2024-47889: Fixed Possible ReDoS vulnerability in blockformat in Action Mailer bsc1231723. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

SUSE-SU-2024:3878-1 Security update for rubygem-actionmailer-5_1

This update for rubygem-actionmailer-51 fixes the following issues: - CVE-2024-47889: Fixed Possible ReDoS vulnerability in blockformat in Action Mailer bsc1231723...

SUSE-SU-2024:3877-1 Security update for rubygem-actionpack-5_1

This update for rubygem-actionpack-51 fixes the following issues: - CVE-2024-47887: Fixed Possible ReDoS vulnerability in HTTP Token authentication in Action Controller bsc1231729. - CVE-2024-42228: Fixed uninitialized value size when calling amdgpuvcecsreloc bsc1228667...

Security update for rubygem-bundler

This update for rubygem-bundler fixes the following issues: CVE-2021-43809: Fixed remote execution via Gemfile argument injection bsc1193578 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you ca...

SUSE-SU-2024:3873-1 Security update for rubygem-bundler

This update for rubygem-bundler fixes the following issues: - CVE-2021-43809: Fixed remote execution via Gemfile argument injection bsc1193578...

SUSE SLES15 / openSUSE 15 Security Update : rubygem-puma (SUSE-SU-2024:3644-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3644-1 advisory. - CVE-2024-45614: Prevent underscores from clobbering hyphen headers bsc1230848. - CVE-2024-21647: Fixed DoS when parsing chunked...

openSUSE Security Advisory (SUSE-SU-2024:3644-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security update for rubygem-puma

This update for rubygem-puma fixes the following issues: CVE-2024-45614: Prevent underscores from clobbering hyphen headers bsc1230848. CVE-2024-21647: Fixed DoS when parsing chunked Transfer-Encoding bodies bsc1218638. Patch Instructions: To install this SUSE update use the SUSE recommended...

SUSE-SU-2024:3644-1 Security update for rubygem-puma

This update for rubygem-puma fixes the following issues: - CVE-2024-45614: Prevent underscores from clobbering hyphen headers bsc1230848. - CVE-2024-21647: Fixed DoS when parsing chunked Transfer-Encoding bodies bsc1218638...

CVE-2024-47889

A flaw was found in the rubygem actionmailer. Carefully crafted text can cause the blockformat helper to take an unexpected amount of time, possibly resulting in a denial of service. Mitigation Users can avoid calling the blockformat helper or upgrade to Ruby 3.2...

CVE-2024-41128

A flaw was found in rubygem actionpack. Carefully crafted query parameters can cause query parameter filtering to take an unexpected amount of time, possibly resulting in a denial of service...