MiracleLinux 7 : ruby-2.0.0.648-36.el7 (AXSA:2019-4276:03)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-4276:03 advisory. ruby: HTTP response splitting in WEBrick CVE-2017-17742 ruby: DoS by large request in WEBrick CVE-2018-8777 ruby: Buffer under-read in Stringunpack...

MiracleLinux 7 : rh-ruby25-ruby-2.5.3-6.el7 (AXSA:2019-3613:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-3613:01 advisory. ruby: OpenSSL::X509::Name equality check does not work correctly CVE-2018-16395 ruby: HTTP response splitting in WEBrick CVE-2017-17742 ruby: DoS by...

Ubuntu 22.04 LTS / 25.04 : RubyGems vulnerabilities (USN-7735-1)

The remote Ubuntu 22.04 LTS / 25.04 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7735-1 advisory. It was discovered that RubyGems incorrectly handled certain regular expressions. An attacker could use this issue to cause RubyGems to crash,...

[SECURITY] [DLA 4163-1] rubygems security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4163-1 [email protected] https://www.debian.org/lts/security/ Lucas Kanashiro May 12, 2025 https://wiki.debian.org/LTS -...

[slackware-security] ruby

New ruby packages are available for Slackware 14.2 and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/ruby-2.2.10-i586-1slack14.2.txz: Upgraded. This release includes some bug fixes and some security fixes: HTTP response splitting in...