FreeBSD : rubygem-cgi -- HTTP response splitting vulnerability (84ab03b6-6c20-11ed-b519-080027f5fec9)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 84ab03b6-6c20-11ed-b519-080027f5fec9 advisory. - The cgi gem before 0.1.0.2, 0.2.x before 0.2.2, and 0.3.x before 0.3.5 for Ruby allows HTTP response...

pcs security update

0.11.3-4 - Fixed ruby socket permissions - Resolves: rhbz2116841 0.11.3-3 - Fixed booth ticket mode value case insensitive - Fixed booth sync check whether /etc/booth exists - Resolves: rhbz2026725 rhbz2058243 0.11.3-2 - Fixed 'pcs resource restart' traceback - Resolves: rhbz2102663 0.11.3-1 -...

rubygem-cgi -- HTTP response splitting vulnerability

Hiroshi Tokumaru reports: If an application that generates HTTP responses using the cgi gem with untrusted user input, an attacker can exploit it to inject a malicious HTTP response header and/or body. Also, the contents for a CGI::Cookie object were not checked properly. If an application create...

SUSE-SU-2022:4075-1 Security update for rubygem-loofah

This update for rubygem-loofah fixes the following issues: - CVE-2019-15587: Fixed issue in sanitization of crafted SVG elements bsc1154751...

SUSE SLED15 / SLES15 Security Update : rubygem-nokogiri (SUSE-SU-2022:4016-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4016-1 advisory. - Nokogiri is an open source XML and HTML library for Ruby. Nokogiri = 1.13.4. There are no known workarounds...

SUSE SLED15 / SLES15 Security Update : rubygem-nokogiri (SUSE-SU-2022:4015-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4015-1 advisory. - Nokogiri is an open source XML and HTML library for Ruby. Nokogiri = 1.13.4. There are no known workarounds...

SUSE: Security Advisory (SUSE-SU-2022:4015-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2022:4016-1 Security update for rubygem-nokogiri

This update for rubygem-nokogiri fixes the following issues: - CVE-2022-24836: Fixes possibility to DoS because of inefficient RE in HTML encoding. bsc1198408 - CVE-2022-29181: Fixes Improper Handling of Unexpected Data Typesi. bsc1199782...

SUSE-SU-2022:4015-1 Security update for rubygem-nokogiri

This update for rubygem-nokogiri fixes the following issues: - CVE-2022-24836: Fixes possibility to DoS because of inefficient RE in HTML encoding. bsc1198408 - CVE-2022-29181: Fixes Improper Handling of Unexpected Data Typesi. bsc1199782...

Satellite 6.12 Release

An update is available for libdb. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Rocky Enterprise Software Foundation Satellite is a systems management tool for...

CVE-2022-39379 affecting package rubygem-fluentd for versions less than 1.14.6-2

CVE-2022-39379 affecting package rubygem-fluentd for versions less than 1.14.6-2. A patched version of the package is available...

[SECURITY] Fedora 37 Update: rubygem-pdfkit-0.8.7.2-1.fc37

Create PDFs using plain old HTML+CSS. Uses wkhtmltopdf on the back-end which renders HTML using Webkit...

Scientific Linux Security Update : pcs on SL7.x x86_64 (2022:7343)

The remote Scientific Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the SLSA-2022:7343-1 advisory. - rubygem-rack: crafted requests can cause shell escape sequences CVE-2022-30123 - jquery: Prototype pollution in object's prototype leading to...

3.1 bug fix and enhancement update

An update is available for rubygem-mysql2, rubygem-pg, rubygem-abrt, ruby. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in...

SUSE-SU-2022:3890-1 Security update for rubygem-nokogiri

This update for rubygem-nokogiri fixes the following issues: - CVE-2022-24836: Fixes possibility to DoS because of inefficient RE in HTML encoding. bsc1198408 - CVE-2022-29181: Fixes Improper Handling of Unexpected Data Typesi. bsc1199782...

SUSE SLES15 Security Update : rubygem-loofah (SUSE-SU-2022:3868-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2022:3868-1 advisory. - In the Loofah gem for Ruby through v2.3.0 unsanitized JavaScript may occur in sanitized output when a crafted SVG element is republished...

SUSE-SU-2022:3868-1 Security update for rubygem-loofah

This update for rubygem-loofah fixes the following issues: - CVE-2019-15587: Fixed issue in sanitization of crafted SVG elements bsc1154751...

SUSE-SU-2022:3860-1 Security update for rubygem-actionview-4_2

This update for rubygem-actionview-42 fixes the following issues: - CVE-2022-27777: Fixed cross-site scripting vulnerability in Action View tag helpers bsc1199060...

pcs security update

0.9.169-3.0.1 - replace logo pcsd/public/favicon.ico in tarball - remove Source1 HAM-logo.png 0.9.169-3.el73.2 - Update rubygem rack - Upgrade jquery in web-ui - Resolves: rhbz2099578 rhbz2093232 0.9.169-3.el73.1 - Explicitly close libcurl connections to prevent stalled TCP connections in...

Oracle Linux 7 : pcs (ELSA-2022-7343)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-7343 advisory. 0.9.169-3.0.1 - replace logo pcsd/public/favicon.ico in tarball - remove Source1 HAM-logo.png 0.9.169-3.el73.2 - Update rubygem rack - Upgrade jquery i...