Lucene search
K

24 matches found

OpenVAS
OpenVAS
added 2023/03/08 12:0 a.m.20 views

Debian: Security Advisory (DLA-235-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS6.4AI score0.03622EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.21 views

Mageia: Security Advisory (MGASA-2015-0178)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS6.3AI score0.02815EPSS
Exploits0References6
CVE
CVE
added 2019/11/29 8:46 p.m.199 views

CVE-2015-1855

CVE-2015-1855 affects Ruby’s OpenSSL hostname matching: the OpenSSL extension fails to validate hostnames, allowing server spoofing. Affected: Ruby/OpenSSL before 2.0.0 patchlevel 645; 2.1.x before 2.1.6; 2.2.x before 2.2.2. Root cause: permissive hostname matching (wildcards, IDNA, case, non‑ASC...

5.9CVSS5.5AI score0.02815EPSS
Exploits0References6Affected Software2
OpenVAS
OpenVAS
added 2017/07/26 12:0 a.m.37 views

Ubuntu: Security Advisory (USN-3365-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.3AI score0.07766EPSS
Exploits6References2
OpenVAS
OpenVAS
added 2017/04/29 12:0 a.m.35 views

openSUSE: Security Advisory for ruby2.1 (openSUSE-SU-2017:1128-1)

The remote host is missing an update for the Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS6.5AI score0.08934EPSS
Exploits2References1
OPENSUSE Linux
OPENSUSE Linux
added 2017/04/28 6:11 p.m.44 views

Security update for ruby2.1 (important)

This ruby2.1 update to version 2.1.9 fixes the following issues: Security issues fixed: - CVE-2016-2339: heap overflow vulnerability in the Fiddle::Function.new"initialize" bsc1018808 - CVE-2015-7551: Unsafe tainted string usage in Fiddle and DL bsc959495 - CVE-2015-3900: hostname validation does...

7.5CVSS1.4AI score0.08934EPSS
Exploits2References8
Tenable Nessus
Tenable Nessus
added 2017/04/21 12:0 a.m.66 views

SUSE SLED12 / SLES12 Security Update : ruby2.1 (SUSE-SU-2017:1067-1)

This ruby2.1 update to version 2.1.9 fixes the following issues: Security issues fixed : - CVE-2016-2339: heap overflow vulnerability in the Fiddle::Function.new'initialize' bsc1018808 - CVE-2015-7551: Unsafe tainted string usage in Fiddle and DL bsc959495 - CVE-2015-3900: hostname validation doe...

9.8CVSS7.4AI score0.08934EPSS
Exploits2References20
Tenable Nessus
Tenable Nessus
added 2017/04/07 12:0 a.m.54 views

SUSE SLES11 Security Update : ruby (SUSE-SU-2017:0948-1)

This update for ruby fixes the following issues: Secuirty issues fixed : - CVE-2015-1855: Ruby OpenSSL Hostname Verification bsc926974 - CVE-2015-7551: Unsafe tainted string usage in Fiddle and DL bsc959495 Bugfixes : - fix small mistake in the backport for bsc986630 Note that Tenable Network...

8.4CVSS7AI score0.02815EPSS
Exploits0References8
OSV
OSV
added 2015/10/05 9:31 a.m.9 views

SUSE-SU-2015:1889-1 Security update for ruby19

ruby19 was updated to fix two security issues. The following vulnerabilities were fixed: CVE-2015-1855: Ruby OpenSSL hostname verification was too permissive bsc926974. CVE-2009-5147: DL::dlopen could have loaded a library with tainted library name even if $SAFE 0 bsc939860...

7.5CVSS6.2AI score0.07766EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2015/09/08 12:0 a.m.27 views

Amazon Linux: Security Advisory (ALAS-2015-533)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS6.7AI score0.02815EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2015/09/08 12:0 a.m.29 views

Amazon Linux: Security Advisory (ALAS-2015-531)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS6.7AI score0.02815EPSS
Exploits2References3
Debian
Debian
added 2015/05/30 8:45 p.m.34 views

[SECURITY] [DLA 235-1] ruby1.9.1 security update

Package : ruby1.9.1 Version : 1.9.2.0-2+deb6u4 CVE ID : CVE-2011-0188 CVE-2011-2705 CVE-2012-4522 CVE-2013-0256 CVE-2013-2065 CVE-2015-1855 CVE-2011-0188 The VpMemAlloc function in bigdecimal.c in the BigDecimal class in Ruby 1.9.2-p136 and earlier, as used on Apple Mac OS X before 10.6.7 and oth...

6.8CVSS6.8AI score0.03622EPSS
Exploits2
OSV
OSV
added 2015/05/30 12:0 a.m.36 views

DLA-235-1 ruby1.9.1 - security update

Bulletin has no description...

6.8CVSS6AI score0.03622EPSS
Exploits2
Amazon
Amazon
added 2015/05/27 12:0 a.m.44 views

Medium: ruby18

Issue Overview: As discussed in an upstream announcement https://www.ruby-lang.org/en/news/2015/04/13/ruby-openssl-hostname-matching-vulnerability/, Ruby's OpenSSL extension suffers a vulnerability through overly permissive matching of hostnames, which can lead to similar bugs such as...

5.9CVSS8.1AI score0.02815EPSS
Exploits2
Amazon
Amazon
added 2015/05/27 12:0 a.m.49 views

Medium: ruby20

Issue Overview: As discussed in an upstream announcement https://www.ruby-lang.org/en/news/2015/04/13/ruby-openssl-hostname-matching-vulnerability/, Ruby's OpenSSL extension suffers a vulnerability through overly permissive matching of hostnames, which can lead to similar bugs such as...

5.9CVSS8.1AI score0.02815EPSS
Exploits2
Debian
Debian
added 2015/05/18 9:57 p.m.22 views

[SECURITY] [DLA 224-1] ruby1.8 security update

Package : ruby1.8 Version : 1.8.7.302-2squeeze4 CVE ID : CVE-2015-1855 It was discovered that the Ruby OpenSSL extension, part of the interpreter for the Ruby language, did not properly implement hostname matching, in violation of RFC 6125. This could allow remote attackers to perform a...

5.9CVSS6.7AI score0.02815EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2015/05/05 12:0 a.m.32 views

Mandriva Linux Security Advisory : ruby (MDVSA-2015:224)

Updated ruby packages fix security vulnerability : Ruby OpenSSL hostname matching implementation violates RFC 6125 CVE-2015-1855. The ruby packages for MBS2 has been updated to version 2.0.0-p645, which fixes this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text an...

5.9CVSS6.8AI score0.02815EPSS
Exploits0References2
securityvulns
securityvulns
added 2015/05/04 12:0 a.m.71 views

[ MDVSA-2015:224 ] ruby

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2015:224 http://www.mandriva.com/en/support/security/ Package : ruby Date : May 4, 2015 Affected: Business Server 1.0, Business Server 2.0 Problem Description: Updated ruby packages fix security vulnerability: Ru...

6AI score0.02815EPSS
Exploits0
Mageia
Mageia
added 2015/05/03 12:19 a.m.30 views

Updated ruby packages fix CVE-2015-1855

Updated ruby packages fix security vulnerability: Ruby OpenSSL hostname matching implementation violates RFC 6125 CVE-2015-1855. The ruby package has been updated to version 2.0.0-p645, which fixes this issue...

5.9CVSS6.4AI score0.02815EPSS
Exploits0References4
Debian
Debian
added 2015/05/02 11:20 a.m.45 views

[SECURITY] [DSA 3247-1] ruby2.1 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3247-1 [email protected] http://www.debian.org/security/ Alessandro Ghedini May 02, 2015 http://www.debian.org/security/faq -...

5.9CVSS5.5AI score0.02815EPSS
Exploits0
Rows per page
Query Builder