Lucene search
K

20 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2017-0900

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RubyGems version 2.6.12 and earlier is vulnerable to maliciously crafted gem specifications to cause a denial of service attack against RubyGems clients who hav...

7.5CVSS6.9AI score0.08491EPSS
Exploits1References3
F5 Networks
F5 Networks
added 2023/02/21 6:46 p.m.50 views

K01730454: Ruby vulnerabilities CVE-2017-0899, CVE-2017-0900, CVE-2017-0901, and CVE-2017-0902

Security Advisory Description CVE-2017-0899 RubyGems version 2.6.12 and earlier is vulnerable to maliciously crafted gem specifications that include terminal escape characters. Printing the gem specification would execute terminal escape sequences. CVE-2017-0900 RubyGems version 2.6.12 and earlie...

9.8CVSS7.3AI score0.29442EPSS
Exploits5
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.29 views

Mageia: Security Advisory (MGASA-2017-0482)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.1AI score0.29442EPSS
Exploits6References5
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.25 views

SUSE: Security Advisory (SUSE-SU-2020:1570-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.6AI score0.73927EPSS
Exploits22References43
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.39 views

Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2018-1248)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.2AI score0.73927EPSS
Exploits14References2
Debian
Debian
added 2018/07/14 6:28 a.m.61 views

[SECURITY] [DLA 1421-1] ruby2.1 security update

Package : ruby2.1 Version : 2.1.5-2+deb8u4 CVE ID : CVE-2015-9096 CVE-2016-2339 CVE-2016-7798 CVE-2017-0898 CVE-2017-0899 CVE-2017-0900 CVE-2017-0901 CVE-2017-0902 CVE-2017-0903 CVE-2017-10784 CVE-2017-14033 CVE-2017-14064 CVE-2017-17405 CVE-2017-17742 CVE-2017-17790 CVE-2018-6914 CVE-2018-8777...

9.8CVSS7.4AI score0.73927EPSS
Exploits18
Tenable Nessus
Tenable Nessus
added 2018/03/01 12:0 a.m.38 views

Oracle Linux 7 : ruby (ELSA-2018-0378)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2018-0378 advisory. - Add Psych.safeload ruby-2.1.0-there-should-be-only-one-exception.patch ruby-2.1.0-Adding-Psych.safeload.patch Related: CVE-2017-0903 - Disable Tokyo ...

9.8CVSS7.8AI score0.73927EPSS
Exploits14References12
Tenable Nessus
Tenable Nessus
added 2018/03/01 12:0 a.m.77 views

RHEL 7 : ruby (RHSA-2018:0378)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:0378 advisory. - ruby: Buffer underrun vulnerability in Kernel.sprintf CVE-2017-0898 - rubygems: Escape sequence in the summary field of gemspec...

9.8CVSS7.7AI score0.73927EPSS
Exploits14References24
Oracle linux
Oracle linux
added 2018/02/28 12:0 a.m.59 views

ruby security update

2.0.0.648-33 - Fix always passing WEBrick test. 2.0.0.648-32 - Add Psych.safeload ruby-2.1.0-there-should-be-only-one-exception.patch ruby-2.1.0-Adding-Psych.safeload.patch Related: CVE-2017-0903 - Disable Tokyo TZ tests broken by recen tzdata update. ruby-2.5.0-Disable-Tokyo-TZ-tests.patch...

9.8CVSS9.8AI score0.73927EPSS
Exploits14
OpenVAS
OpenVAS
added 2018/02/06 12:0 a.m.35 views

Debian: Security Advisory (DLA-1112-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.9AI score0.29442EPSS
Exploits3References3
Debian
Debian
added 2017/09/27 2:19 a.m.50 views

[SECURITY] [DLA 1112-1] rubygems security update

Package : rubygems Version : 1.8.24-1+deb7u1 CVE ID : CVE-2017-0900 CVE-2017-0901 Debian Bug : 873802 Some vulnerabilities were found in the Rubygems package that affects the LTS distribution. CVE-2017-0900 DOS vulernerability in the query command CVE-2017-0901 gem installer allows a malicious ge...

7.5CVSS9.8AI score0.29442EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2017/09/27 12:0 a.m.39 views

Debian DLA-1112-1 : rubygems security update

Some vulnerabilities were found in the Rubygems package that affects the LTS distribution. CVE-2017-0900 DOS vulernerability in the query command CVE-2017-0901 gem installer allows a malicious gem to overwrite arbitrary files For Debian 7 'Wheezy', these problems have been fixed in version...

7.5CVSS7.4AI score0.29442EPSS
Exploits3References4
Debian
Debian
added 2017/09/26 9:16 p.m.52 views

[SECURITY] [DLA 1114-1] ruby1.9.1 security update

Package : ruby1.9.1 Version : 1.9.3.194-8.1+deb7u6 CVE ID : CVE-2017-0898 CVE-2017-0899 CVE-2017-0900 CVE-2017-0901 CVE-2017-10784 CVE-2017-14033 CVE-2017-14064 Debian Bug : 873802 873906 875928 875931 875936 Multiple vulnerabilities were discovered in the Ruby 1.9 interpretor. CVE-2017-0898 Buff...

9.8CVSS9.4AI score0.29442EPSS
Exploits6
Tenable Nessus
Tenable Nessus
added 2017/09/19 12:0 a.m.54 views

Slackware 14.2 / current : ruby (SSA:2017-261-03)

New ruby packages are available for Slackware 14.2 and -current to fix security issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2017-261-03. The text itself is copyright C Slackware...

9.8CVSS6.8AI score0.29442EPSS
Exploits7References9
OpenVAS
OpenVAS
added 2017/09/16 12:0 a.m.31 views

Fedora Update for ruby FEDORA-2017-e136d63c99

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9AI score0.29442EPSS
Exploits6References2
OpenVAS
OpenVAS
added 2017/09/04 12:0 a.m.65 views

Debian: Security Advisory (DSA-3966-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.5AI score0.29442EPSS
Exploits8References3
CVE
CVE
added 2017/08/31 8:0 p.m.181 views

CVE-2017-0900

CVE-2017-0900 is a DoS vulnerability in RubyGems: RubyGems versions 2.6.12 and earlier are vulnerable to maliciously crafted gem specifications that trigger a denial of service when a client runs a query. Public advisories across multiple vendors reference this CVE (Debian DLA entries, CentOS/RH ...

7.5CVSS8AI score0.08491EPSS
Exploits1References12Affected Software1
Debian CVE
Debian CVE
added 2017/08/31 8:0 p.m.30 views

CVE-2017-0900

RubyGems version 2.6.12 and earlier is vulnerable to maliciously crafted gem specifications to cause a denial of service attack against RubyGems clients who have issued a query command...

7.5CVSS8.5AI score0.08491EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2017/08/31 12:0 a.m.46 views

CVE-2017-0899

RubyGems version 2.6.12 and earlier is vulnerable to maliciously crafted gem specifications that include terminal escape characters. Printing the gem specification would execute terminal escape sequences...

9.8CVSS6.9AI score0.1081EPSS
Exploits1References5
UbuntuCve
UbuntuCve
added 2017/08/31 12:0 a.m.40 views

CVE-2017-0900

RubyGems version 2.6.12 and earlier is vulnerable to maliciously crafted gem specifications to cause a denial of service attack against RubyGems clients who have issued a query command...

7.5CVSS6.9AI score0.08491EPSS
Exploits1References5
Rows per page
Query Builder