Lucene search
K

27 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/21 12:0 a.m.7 views

RHEL 6 / 7 : ruby193-ruby (RHSA-2014:1913)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2014:1913 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system...

5CVSS7.6AI score0.056EPSS
Exploits2References9
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.22 views

Mageia: Security Advisory (MGASA-2014-0472)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS6.2AI score0.056EPSS
Exploits2References7
OpenVAS
OpenVAS
added 2017/04/29 12:0 a.m.35 views

openSUSE: Security Advisory for ruby2.1 (openSUSE-SU-2017:1128-1)

The remote host is missing an update for the Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS6.5AI score0.08934EPSS
Exploits2References1
OPENSUSE Linux
OPENSUSE Linux
added 2017/04/28 6:11 p.m.44 views

Security update for ruby2.1 (important)

This ruby2.1 update to version 2.1.9 fixes the following issues: Security issues fixed: - CVE-2016-2339: heap overflow vulnerability in the Fiddle::Function.new"initialize" bsc1018808 - CVE-2015-7551: Unsafe tainted string usage in Fiddle and DL bsc959495 - CVE-2015-3900: hostname validation does...

7.5CVSS1.4AI score0.08934EPSS
Exploits2References8
Tenable Nessus
Tenable Nessus
added 2017/04/21 12:0 a.m.66 views

SUSE SLED12 / SLES12 Security Update : ruby2.1 (SUSE-SU-2017:1067-1)

This ruby2.1 update to version 2.1.9 fixes the following issues: Security issues fixed : - CVE-2016-2339: heap overflow vulnerability in the Fiddle::Function.new'initialize' bsc1018808 - CVE-2015-7551: Unsafe tainted string usage in Fiddle and DL bsc959495 - CVE-2015-3900: hostname validation doe...

9.8CVSS7.4AI score0.08934EPSS
Exploits2References20
OpenVAS
OpenVAS
added 2016/02/05 12:0 a.m.46 views

Oracle: Security Advisory (ELSA-2014-1913)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS6.4AI score0.056EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2015/10/06 12:0 a.m.33 views

Oracle: Security Advisory (ELSA-2014-1912)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS6.4AI score0.056EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2015/04/16 12:0 a.m.33 views

Debian DLA-200-1 : ruby1.9.1 security update

CVE-2014-4975 The encodes function in pack.c had an off-by-one error that could lead to a stack-based buffer overflow. This could allow remote attackers to cause a denial of service crash or arbitrary code execution. CVE-2014-8080, CVE-2014-8090 The REXML parser could be coerced into allocating...

5CVSS7.8AI score0.056EPSS
Exploits2References5
Debian
Debian
added 2015/04/15 6:17 p.m.32 views

[SECURITY] [DLA 200-1] ruby1.9.1 security update

Package : ruby1.9.1 Version : 1.9.2.0-2+deb6u3 CVE ID : CVE-2014-4975 CVE-2014-8080 CVE-2014-8090 CVE-2014-4975 The encodes function in pack.c had an off-by-one error that could lead to a stack-based buffer overflow. This could allow remote attackers to cause a denial of service crash or arbitrar...

5CVSS6.5AI score0.056EPSS
Exploits2
OSV
OSV
added 2015/04/15 12:0 a.m.38 views

DLA-200-1 ruby1.9.1 - security update

Bulletin has no description...

5CVSS6.1AI score0.056EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2015/03/30 12:0 a.m.27 views

Mandriva Linux Security Advisory : ruby (MDVSA-2015:129)

Updated ruby packages fix security vulnerabilities : Due to unrestricted entity expansion, when reading text nodes from an XML document, the REXML parser in Ruby can be coerced into allocating extremely large string objects which can consume all of the memory on a machine, causing a denial of...

5CVSS7.3AI score0.056EPSS
Exploits2References5
Tenable Nessus
Tenable Nessus
added 2015/02/10 12:0 a.m.32 views

Debian DSA-3157-1 : ruby1.9.1 - security update

Multiple vulnerabilities were discovered in the interpreter for the Ruby language : - CVE-2014-4975 The encodes function in pack.c had an off-by-one error that could lead to a stack-based buffer overflow. This could allow remote attackers to cause a denial of service crash or arbitrary code...

5CVSS8AI score0.056EPSS
Exploits2References8
OpenVAS
OpenVAS
added 2015/02/09 12:0 a.m.40 views

Debian Security Advisory DSA 3157-1 (ruby1.9.1 - security update)

Multiple vulnerabilities were discovered in the interpreter for the Ruby language: CVE-2014-4975 The encodes function in pack.c had an off-by-one error that could lead to a stack-based buffer overflow. This could allow remote attackers to cause a denial of service crash or arbitrary code executio...

5CVSS0.3AI score0.056EPSS
Exploits2References1
OSV
OSV
added 2015/02/09 12:0 a.m.39 views

DSA-3157-1 ruby1.9.1 - security update

Bulletin has no description...

5CVSS6.1AI score0.056EPSS
Exploits2
OpenVAS
OpenVAS
added 2015/02/08 12:0 a.m.23 views

Debian: Security Advisory (DSA-3157-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS9.7AI score0.056EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2014/12/02 12:0 a.m.26 views

Scientific Linux Security Update : ruby on SL7.x x86_64 (20141126)

Multiple denial of service flaws were found in the way the Ruby REXML XML parser performed expansion of parameter entities. A specially crafted XML document could cause REXML to use an excessive amount of CPU and memory. CVE-2014-8080, CVE-2014-8090 A stack-based buffer overflow was found in the...

5CVSS7.4AI score0.056EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2014/11/27 12:0 a.m.40 views

Oracle Linux 7 : ruby (ELSA-2014-1912)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-1912 advisory. - Fix REXML billion laughs attack via parameter entity expansion CVE-2014-8080. Resolves: rhbz1163998 - REXML incomplete fix for CVE-2014-8080...

5CVSS7.7AI score0.056EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2014/11/27 12:0 a.m.54 views

RHEL 7 : ruby (RHSA-2014:1912)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2014:1912 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system...

5CVSS7.5AI score0.056EPSS
Exploits2References9
Oracle linux
Oracle linux
added 2014/11/26 12:0 a.m.61 views

ruby security update

2.0.0.353-22 - Fix REXML billion laughs attack via parameter entity expansion CVE-2014-8080. Resolves: rhbz1163998 - REXML incomplete fix for CVE-2014-8080 CVE-2014-8090. Resolves: rhbz1163998 2.0.0.353-21 - Fix off-by-one stack-based buffer overflow in the encodes function CVE-2014-4975 Resolves...

5CVSS2.5AI score0.056EPSS
Exploits2
OSV
OSV
added 2014/11/21 12:44 p.m.7 views

MGASA-2014-0472 Updated ruby packages fix security vulnerabilities

Will Wood discovered that Ruby incorrectly handled the encodes function. An attacker could possibly use this issue to cause Ruby to crash, resulting in a denial of service, or possibly execute arbitrary code. The default compiler options for affected releases should reduce the vulnerability to a...

5CVSS6.6AI score0.056EPSS
Exploits1References6
Rows per page
Query Builder