27 matches found
ruby4.0-rubygem-actioncable-8.0-8.0.3-1.3 on GA media (moderate)
ruby4.0-rubygem-actioncable-8.0-8.0.3-1.3 on GA media Announcement ID: openSUSE-SU-2026:10335-1 Rating: moderate Cross-References: CVE-2024-54133 Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can now be installed. Description: These are all security issues fixed i...
OPENSUSE-SU-2026:10335-1 ruby4.0-rubygem-actioncable-8.0-8.0.3-1.3 on GA media
These are all security issues fixed in the ruby4.0-rubygem-actioncable-8.0-8.0.3-1.3 package on the GA media of openSUSE Tumbleweed...
CVE-2025-1198
An issue discovered in GitLab CE/EE affecting all versions from 16.11 prior to 17.6.5, 17.7 prior to 17.7.4, and 17.8 prior to 17.8.2 meant that long-lived connections in ActionCable potentially allowed revoked Personal Access Tokens access to streaming results...
EUVD-2025-2071
Malicious code in bioql PyPI...
Fedora 43 : rubygem-actioncable / rubygem-actionmailbox / rubygem-actionmailer / etc (2025-203b7db566)
The remote Fedora 43 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2025-203b7db566 advisory. https://fedoraproject.org/wiki/Changes/RubyonRails8.0 Tenable has extracted the preceding description block directly from the Fedora security...
BIT-GITLAB-2025-1198 Insufficient Session Expiration in GitLab
An issue discovered in GitLab CE/EE affecting all versions from 16.11 prior to 17.6.5, 17.7 prior to 17.7.4, and 17.8 prior to 17.8.2 meant that long-lived connections in ActionCable potentially allowed revoked Personal Access Tokens access to streaming results...
CVE-2025-1198
An issue discovered in GitLab CE/EE affecting all versions from 16.11 prior to 17.6.5, 17.7 prior to 17.7.4, and 17.8 prior to 17.8.2 meant that long-lived connections in ActionCable potentially allowed revoked Personal Access Tokens access to streaming results...
UBUNTU-CVE-2025-1198
An issue discovered in GitLab CE/EE affecting all versions from 16.11 prior to 17.6.5, 17.7 prior to 17.7.4, and 17.8 prior to 17.8.2 meant that long-lived connections in ActionCable potentially allowed revoked Personal Access Tokens access to streaming results...
CVE-2025-1198 Insufficient Session Expiration in GitLab
An issue discovered in GitLab CE/EE affecting all versions from 16.11 prior to 17.6.5, 17.7 prior to 17.7.4, and 17.8 prior to 17.8.2 meant that long-lived connections in ActionCable potentially allowed revoked Personal Access Tokens access to streaming results...
CVE-2025-1198
Removed by vendor...
CVE-2025-1198 Insufficient Session Expiration in GitLab
An issue discovered in GitLab CE/EE affecting all versions from 16.11 prior to 17.6.5, 17.7 prior to 17.7.4, and 17.8 prior to 17.8.2 meant that long-lived connections in ActionCable potentially allowed revoked Personal Access Tokens access to streaming results...
CVE-2025-1198 Insufficient Session Expiration in GitLab
An issue discovered in GitLab CE/EE affecting all versions from 16.11 prior to 17.6.5, 17.7 prior to 17.7.4, and 17.8 prior to 17.8.2 meant that long-lived connections in ActionCable potentially allowed revoked Personal Access Tokens access to streaming results...
GitLab 16.11 < 17.6.5 / 17.7 < 17.7.4 / 17.8 < 17.8.2 (CVE-2025-1198)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue discovered in GitLab CE/EE affecting all versions from 16.11 prior to 17.6.5, 17.7 prior to 17.7.4, and 17.8 prior to 17.8.2 meant that long-lived connections in ActionCable potentially allow...
Gitlab -- Vulnerabilities
Gitlab reports: A CSP-bypass XSS in merge-request page Denial of Service due to Unbounded Symbol Creation Exfiltrate content from private issues using Prompt Injection A custom permission may allow overriding Repository settings Internal HTTP header leak via route confusion in workhorse SSRF via...
ruby3.4-rubygem-actioncable-8.0-8.0.1-1.1 on GA media (moderate)
ruby3.4-rubygem-actioncable-8.0-8.0.1-1.1 on GA media Announcement ID: openSUSE-SU-2025:14668-1 Rating: moderate Cross-References: CVE-2024-54133 Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can now be installed. Description: These are all security issues fixed i...
OPENSUSE-SU-2024:11818-1 ruby3.1-rubygem-actioncable-6.0-6.0.4.4-1.1 on GA media
These are all security issues fixed in the ruby3.1-rubygem-actioncable-6.0-6.0.4.4-1.1 package on the GA media of openSUSE Tumbleweed...
Fedora: Security Advisory for rubygem-actioncable (FEDORA-2023-4f0bb4ff5e)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 39 Update: rubygem-actioncable-7.0.7.2-1.fc39
Structure many real-time application concerns into channels over a single WebSocket connection...
Fedora: Security Advisory for rubygem-actioncable (FEDORA-2023-7002afbbb8)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 37 Update: rubygem-actioncable-7.0.4.3-1.fc37
Structure many real-time application concerns into channels over a single WebSocket connection...