Lucene search
K

14 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2015-9096

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Net::SMTP in Ruby before 2.4.0 is vulnerable to SMTP command injection via CRLF sequences in a RCPT TO or MAIL FROM command, as demonstrated by CRLF sequences...

6.1CVSS7.1AI score0.03675EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2023/02/15 5:10 a.m.5 views

SUSE CVE-2015-9096

Net::SMTP in Ruby before 2.4.0 is vulnerable to SMTP command injection via CRLF sequences in a RCPT TO or MAIL FROM command, as demonstrated by CRLF sequences immediately before and after a DATA substring...

5.3CVSS9.1AI score0.03675EPSS
Exploits1References5
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.26 views

Mageia: Security Advisory (MGASA-2017-0290)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8AI score0.06204EPSS
Exploits5References4
OpenVAS
OpenVAS
added 2021/09/15 12:0 a.m.20 views

Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2021-2445)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.1CVSS8AI score0.03675EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2021/09/14 12:0 a.m.44 views

EulerOS 2.0 SP2 : ruby (EulerOS-SA-2021-2445)

According to the version of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Net::SMTP in Ruby before 2.4.0 is vulnerable to SMTP command injection via CRLF sequences in a RCPT TO or MAIL FROM command, as demonstrated by CRLF...

6.1CVSS7.3AI score0.03675EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2021/05/03 12:0 a.m.27 views

Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2021-1845)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.1CVSS8AI score0.03675EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.27 views

SUSE: Security Advisory (SUSE-SU-2020:1570-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.6AI score0.73829EPSS
Exploits22References43
OpenVAS
OpenVAS
added 2020/03/13 12:0 a.m.46 views

Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2020-1195)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.3AI score0.0654EPSS
Exploits6References2
Debian
Debian
added 2018/07/14 6:28 a.m.61 views

[SECURITY] [DLA 1421-1] ruby2.1 security update

Package : ruby2.1 Version : 2.1.5-2+deb8u4 CVE ID : CVE-2015-9096 CVE-2016-2339 CVE-2016-7798 CVE-2017-0898 CVE-2017-0899 CVE-2017-0900 CVE-2017-0901 CVE-2017-0902 CVE-2017-0903 CVE-2017-10784 CVE-2017-14033 CVE-2017-14064 CVE-2017-17405 CVE-2017-17742 CVE-2017-17790 CVE-2018-6914 CVE-2018-8777...

9.8CVSS7.4AI score0.73829EPSS
Exploits18
OpenVAS
OpenVAS
added 2017/09/04 12:0 a.m.65 views

Debian: Security Advisory (DSA-3966-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.5AI score0.29442EPSS
Exploits8References3
Tenable Nessus
Tenable Nessus
added 2017/08/24 12:0 a.m.30 views

Fedora 25 : ruby (2017-f318871e3b)

Update to Ruby 2.3.4. - Fix SMTP command injection via CRLF sequences in RCPT TO or MAIL FROM commands in Net::SMTP CVE-2015-9096. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to...

6.1CVSS7.2AI score0.03675EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2017/07/26 12:0 a.m.37 views

Ubuntu: Security Advisory (USN-3365-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.3AI score0.07766EPSS
Exploits6References2
Debian CVE
Debian CVE
added 2017/06/12 8:0 p.m.32 views

CVE-2015-9096

Removed by vendor...

6.1CVSS7.8AI score0.03675EPSS
Exploits1
CVE
CVE
added 2017/06/12 8:0 p.m.135 views

CVE-2015-9096

CVE-2015-9096 affects Net::SMTP in Ruby prior to 2.4.0, allowing SMTP command injection via CRLF sequences in RCPT TO or MAIL FROM commands, demonstrated around a DATA substring. The vulnerability applies to Ruby’s Net::SMTP implementation and, per the initial description, is fixed in Ruby 2.4.0 ...

6.1CVSS6.8AI score0.03675EPSS
Exploits1References6Affected Software1
Rows per page
Query Builder