2145 matches found
RubyGems Suspends New Signups After Hundreds of Malicious Packages Are Uploaded
RubyGems , the standard package manager for the Ruby programming language, has temporarily paused account sign ups following what has been described as a "major malicious attack." "We're dealing with a major malicious attack on RubyGems right now," Maciej Mensfeld, senior product manager for...
RHCOS 2 : rubygems (RHSA-2014:0207)
The remote Red Hat Enterprise Linux CoreOS 2 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2014:0207 advisory. - rubygems: version regex algorithmic complexity vulnerability CVE-2013-4287 Note that Nessus has not tested for this issue but has instead...
RHCOS 1 : rubygems (RHSA-2013:1203)
The remote Red Hat Enterprise Linux CoreOS 1 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2013:1203 advisory. - rubygems: Two security fixes in v1.8.23 CVE-2012-2125, CVE-2012-2126 Note that Nessus has not tested for these issues but has...
Astra Linux - уязвимость в ruby2.5
In the URI gem before version 1.0.3 for Ruby, the URI handling methods URI.join, URImerge, URI+ inadvertently allowed authentication credentials to be leaked, as the userinfo was retained even after changing the host...
MAL-2026-2816 Malicious code in monolith-twirp-pullsd-users (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in gitlab-orchestrator (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in monolith-twirp-pullsd-teams (RubyGems)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis b0a21f2e863ad85bc56da074019b5369ed68dc7280d0c81ff65dd8425308c7f6 The OpenSSF Package Analysis project identified 'monolith-twirp-pullsd-teams' @ 1.1.1 rubygems as malicious. It is considered malicious because:...
MAL-2026-2259 Malicious code in monolith-twirp-loops-core (RubyGems)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 8d4a98f58930eb7f736a5c69a6cf5de5b6dd033785255d4d55ae1da5a5866629 The OpenSSF Package Analysis project identified 'monolith-twirp-loops-core' @ 1.0.2 rubygems as malicious. It is considered malicious because: -...
Malicious code in plugin-gem-example (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in testcatplzignore (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in rubylogger (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
MAL-2026-1922 Malicious code in rubylogger (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
MAL-2026-1921 Malicious code in resolvrtest (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
MAL-2026-1919 Malicious code in rafka-rb (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in rafka-rb (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
MAL-2026-1918 Malicious code in newlogger (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in doctolib (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
MAL-2026-1916 Malicious code in freshworks-ruby (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
MiracleLinux 7 : ruby-2.0.0.648-36.el7 (AXSA:2019-4276:03)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-4276:03 advisory. ruby: HTTP response splitting in WEBrick CVE-2017-17742 ruby: DoS by large request in WEBrick CVE-2018-8777 ruby: Buffer under-read in Stringunpack...
MiracleLinux 7 : ruby-2.0.0.648-35.0.1.el7.AXS7 (AXSA:2019-3890:02)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-3890:02 advisory. rubygems: Installing a malicious gem may lead to arbitrary code execution CVE-2019-8324 rubygems: Escape sequence injection vulnerability in gem own...