Debian: Security Advisory (DLA-235-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Arbitrary Code Execution

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks. It was found that certain methods did not sanitize file names before passing them to lower layer routines in Ruby. If a Ruby application created files...

[SECURITY] [DLA 235-1] ruby1.9.1 security update

Package : ruby1.9.1 Version : 1.9.2.0-2+deb6u4 CVE ID : CVE-2011-0188 CVE-2011-2705 CVE-2012-4522 CVE-2013-0256 CVE-2013-2065 CVE-2015-1855 CVE-2011-0188 The VpMemAlloc function in bigdecimal.c in the BigDecimal class in Ruby 1.9.2-p136 and earlier, as used on Apple Mac OS X before 10.6.7 and oth...

openSUSE Security Update : ruby19 (openSUSE-SU-2013:0376-1)

ruby19 was updated to fix various bugs and security issues: Update to 1.9.3 p385 bnc802406 - XSS exploit of RDoc documentation generated by rdoc CVE-2013-0256 - for other changes see /usr/share/doc/packages/ruby19/Changelog Update to 1.9.3 p327 bnc789983 - CVE-2012-5371 and plenty of other fixes...

Fedora Update for ruby FEDORA-2013-8411

Check for the Version of ruby OpenVAS Vulnerability Test Fedora Update for ruby FEDORA-2013-8411 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...

Fedora Update for ruby FEDORA-2013-3038

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scripttagname:"affected", value:"rub...

CentOS Update for ruby CESA-2013:0129 centos5

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

CentOS 5 : ruby (CESA-2013:0129)

Updated ruby packages that fix two security issues and one bug are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings,...

Scientific Linux Security Update : ruby on SL5.x i386/x86_64 (20130108)

It was found that certain methods did not sanitize file names before passing them to lower layer routines in Ruby. If a Ruby application created files with names based on untrusted input, it could result in the creation of files with different names than expected. CVE-2012-4522 It was found that...

RedHat Update for ruby RHSA-2013:0129-01

Check for the Version of ruby OpenVAS Vulnerability Test RedHat Update for ruby RHSA-2013:0129-01 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...

ruby security and bug fix update

1.8.5-27 - unintentional file creation caused by inserting an illegal NUL character ruby-1.8.6-CVE-2012-4522-io.c-pipeopen-command-name-should-not-contain-null-.patch - Related: rhbz867750 1.8.5-26 - escaping vulnerability about Exceptiontos / NameErrortos ruby-1.8.7-p371-CVE-2012-4481.patch -...

RedHat Update for ruby RHSA-2013:0129-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

ruby security update

CentOS Errata and Security Advisory CESA-2013:0129 Updated ruby packages that fix two security issues and one bug are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS...

Moderate: Red Hat Security Advisory: ruby security and bug fix update

Updated ruby packages that fix two security issues and one bug are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings,...

FreeBSD Ports: ruby

The remote host is missing an update to the system as announced in the referenced advisory. VID 3decc87d-2498-11e2-b0c7-000d601460a4 OpenVAS Vulnerability Test $ Description: Auto generated from VID 3decc87d-2498-11e2-b0c7-000d601460a4 Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...

FreeBSD Ports: ruby

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2012 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

CVE-2012-4522

The rbgetpathcheck function in file.c in Ruby 1.9.3 before patchlevel 286 and Ruby 2.0.0 before r37163 allows context-dependent attackers to create files in unexpected locations or with unexpected names via a NUL byte in a file path...

CVE-2012-4522

CVE-2012-4522 affects Ruby 1.9.3 before patchlevel 286 and Ruby 2.0.0 before r37163, where a NUL byte in a file path enables context‑dependent attackers to create files in unintended locations or with unexpected names. The issue arises from rb_get_path_check in file.c and is confirmed by multiple...

Fedora Update for ruby FEDORA-2012-18017

Check for the Version of ruby OpenVAS Vulnerability Test Fedora Update for ruby FEDORA-2012-18017 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...

FreeBSD : ruby -- Unintentional file creation caused by inserting an illegal NUL character (3decc87d-2498-11e2-b0c7-000d601460a4)

The official ruby site reports : A vulnerability was found that file creation routines can create unintended files by strategically inserting NULs in file paths. This vulnerability has been reported as CVE-2012-4522. Ruby can handle arbitrary binary patterns as Strings, including NUL chars. On th...