Lucene search
K

14 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2015-7551

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Fiddle::Handle implementation in ext/fiddle/handle.c in Ruby before 2.0.0-p648, 2.1 before 2.1.8, and 2.2 before 2.2.4, as distributed in Apple OS X before...

8.4CVSS7.3AI score0.005EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2017/07/26 12:0 a.m.37 views

Ubuntu: Security Advisory (USN-3365-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.3AI score0.07766EPSS
Exploits6References2
OpenVAS
OpenVAS
added 2017/04/29 12:0 a.m.35 views

openSUSE: Security Advisory for ruby2.1 (openSUSE-SU-2017:1128-1)

The remote host is missing an update for the Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS6.5AI score0.08934EPSS
Exploits2References1
OPENSUSE Linux
OPENSUSE Linux
added 2017/04/28 6:11 p.m.44 views

Security update for ruby2.1 (important)

This ruby2.1 update to version 2.1.9 fixes the following issues: Security issues fixed: - CVE-2016-2339: heap overflow vulnerability in the Fiddle::Function.new"initialize" bsc1018808 - CVE-2015-7551: Unsafe tainted string usage in Fiddle and DL bsc959495 - CVE-2015-3900: hostname validation does...

7.5CVSS1.4AI score0.08934EPSS
Exploits2References8
Tenable Nessus
Tenable Nessus
added 2017/04/21 12:0 a.m.66 views

SUSE SLED12 / SLES12 Security Update : ruby2.1 (SUSE-SU-2017:1067-1)

This ruby2.1 update to version 2.1.9 fixes the following issues: Security issues fixed : - CVE-2016-2339: heap overflow vulnerability in the Fiddle::Function.new'initialize' bsc1018808 - CVE-2015-7551: Unsafe tainted string usage in Fiddle and DL bsc959495 - CVE-2015-3900: hostname validation doe...

9.8CVSS7.4AI score0.08934EPSS
Exploits2References20
Tenable Nessus
Tenable Nessus
added 2017/04/07 12:0 a.m.54 views

SUSE SLES11 Security Update : ruby (SUSE-SU-2017:0948-1)

This update for ruby fixes the following issues: Secuirty issues fixed : - CVE-2015-1855: Ruby OpenSSL Hostname Verification bsc926974 - CVE-2015-7551: Unsafe tainted string usage in Fiddle and DL bsc959495 Bugfixes : - fix small mistake in the backport for bsc986630 Note that Tenable Network...

8.4CVSS7AI score0.02815EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2017/04/06 12:0 a.m.59 views

openSUSE Security Update : ruby2.2 / ruby2.3 (openSUSE-2017-435)

This update for ruby2.2, ruby2.3 fixes the following issues : Security issues fixed : - CVE-2016-2339: heap overflow vulnerability in the Fiddle::Function.new'initialize' boo1018808 - CVE-2015-7551: Unsafe tainted string usage in Fiddle and DL boo959495 Detailed ChangeLog : -...

9.8CVSS8AI score0.05187EPSS
Exploits2References6
UbuntuCve
UbuntuCve
added 2017/03/29 12:0 a.m.39 views

CVE-2009-5147

DL::dlopen in Ruby 1.8, 1.9.0, 1.9.2, 1.9.3, 2.0.0 before patchlevel 648, and 2.1 before 2.1.8 opens libraries with tainted names...

7.5CVSS6.8AI score0.07766EPSS
Exploits0References3
CVE
CVE
added 2016/03/24 1:0 a.m.106 views

CVE-2015-7551

CVE-2015-7551 affects Ruby versions before the patch, where Fiddle::Handle in ext/fiddle/handle.c mishandles tainting, allowing context-dependent attackers to cause arbitrary code execution or a crash via a tainted string. The vulnerability stems from taint handling in the DL/libffi-related path ...

8.4CVSS6.7AI score0.005EPSS
Exploits0References11Affected Software1
Cvelist
Cvelist
added 2016/03/24 1:0 a.m.28 views

CVE-2015-7551

The Fiddle::Handle implementation in ext/fiddle/handle.c in Ruby before 2.0.0-p648, 2.1 before 2.1.8, and 2.2 before 2.2.4, as distributed in Apple OS X before 10.11.4 and other products, mishandles tainting, which allows context-dependent attackers to execute arbitrary code or cause a denial of...

6.7AI score0.005EPSS
Exploits0References11
UbuntuCve
UbuntuCve
added 2016/03/23 12:0 a.m.32 views

CVE-2015-7551

The Fiddle::Handle implementation in ext/fiddle/handle.c in Ruby before 2.0.0-p648, 2.1 before 2.1.8, and 2.2 before 2.2.4, as distributed in Apple OS X before 10.11.4 and other products, mishandles tainting, which allows context-dependent attackers to execute arbitrary code or cause a denial of...

8.4CVSS7.4AI score0.005EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2016/03/04 12:0 a.m.30 views

Fedora 23 : ruby-2.2.4-47.fc23 (2015-eef21b972e)

Update to Ruby 2.2.4 including security fix for CVE-2009-5147 and CVE-2015-7551. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without...

8.4CVSS6.9AI score0.07766EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2016/03/04 12:0 a.m.34 views

Fedora 22 : ruby-2.2.4-47.fc22 (2015-c4409eb73a)

Update to Ruby 2.2.4 including security fix for CVE-2009-5147 and CVE-2015-7551. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without...

8.4CVSS6.9AI score0.07766EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2016/01/19 12:0 a.m.29 views

Amazon Linux AMI : ruby19 / ruby20,ruby21,ruby22 (ALAS-2016-632)

DL::dlopen could open a library with tainted library name even if $SAFE 0. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Amazon Linux AMI Security Advisory ALAS-2016-632. include"compat.inc"; if description scriptid87966;...

8.4CVSS8AI score0.005EPSS
Exploits0References2
Rows per page
Query Builder