Lucene search
K

41 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in JRuby

Versions of Ruby from 2.4.7, 2.5.x up to 2.5.6, and 2.6.x up to 2.6.4 allow HTTP Response Splitting. If a program using WEBrick inserts untrusted input into the response header, an attacker can exploit this to insert a newline character to split the header, thereby injecting malicious content to...

5.3CVSS6.5AI score0.04569EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.13 views

Linux Distros Unpatched Vulnerability : CVE-2017-17742

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1 allows an HTTP Response Splitting attack. An attacker can...

5.3CVSS6.7AI score0.0576EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/04/27 12:0 a.m.28 views

RHEL 6 / 7 : rh-ruby24-ruby (RHSA-2018:3730)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:3730 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system...

9.8CVSS7.5AI score0.10715EPSS
Exploits0References33
SUSE CVE
SUSE CVE
added 2023/02/15 4:36 a.m.3 views

SUSE CVE-2017-17742

Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1 allows an HTTP Response Splitting attack. An attacker can inject a crafted key and value into an HTTP response for the HTTP server of WEBrick...

4.7CVSS6.9AI score0.0576EPSS
Exploits0References10
RedHat Linux
RedHat Linux
added 2021/06/29 4:24 p.m.2 views

ruby: HTTP response splitting in WEBrick

Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 allows HTTP Response Splitting. If a program using WEBrick inserts untrusted input into the response header, an attacker can exploit it to insert a newline character to split a header, and inject malicious content to deceive clients...

5.3CVSS7.2AI score0.04569EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2021/06/29 4:10 p.m.2 views

ruby: HTTP response splitting in WEBrick

Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 allows HTTP Response Splitting. If a program using WEBrick inserts untrusted input into the response header, an attacker can exploit it to insert a newline character to split a header, and inject malicious content to deceive clients...

5.3CVSS7.2AI score0.04569EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.20 views

SUSE: Security Advisory (SUSE-SU-2019:1804-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.8AI score0.10715EPSS
Exploits1References4
Ubuntu
Ubuntu
added 2021/03/25 3:43 p.m.154 views

USN-3685-2: Ruby regression

USN-3685-1 fixed a vulnerability in Ruby. The fix for CVE-2017-0903 introduced a regression in Ruby. This update fixes the problem. Original advisory details: Some of these CVE were already addressed in previous USN: 3439-1, 3553-1, 3528-1. Here we address for the remain releases. It was discover...

9.8CVSS7.8AI score0.15853EPSS
Exploits1References1
Mageia
Mageia
added 2020/11/27 8:14 p.m.120 views

Updated jruby packages fix security vulnerabilities

Response Splitting attack in the HTTP server of WEBrick CVE-2017-17742. Delete directory using symlink when decompressing tar CVE-2019-8320. Escape sequence injection vulnerability in verbose CVE-2019-8321. Escape sequence injection vulnerability in gem owner CVE-2019-8322. Escape sequence...

8.8CVSS8.5AI score0.0576EPSS
Exploits2References5
Tenable Nessus
Tenable Nessus
added 2020/11/18 12:0 a.m.34 views

RHEL 7 : ruby (RHSA-2020:2288)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2288 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system...

7.5CVSS6.5AI score0.07825EPSS
Exploits0References7
OpenVAS
OpenVAS
added 2020/11/04 12:0 a.m.23 views

Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2020-2395)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.6AI score0.0576EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2020/08/18 12:0 a.m.121 views

Debian DLA-2330-1 : jruby security update

Several vulnerabilities were fixed in JRuby, a 100% pure-Java implementation of Ruby. CVE-2017-17742 CVE-2019-16254 HTTP Response Splitting attacks in the HTTP server of WEBrick. CVE-2019-16201 Regular Expression Denial of Service vulnerability of WEBrick's Digest access authentication...

8.8CVSS6.9AI score0.0576EPSS
Exploits2References13
OpenVAS
OpenVAS
added 2020/08/17 12:0 a.m.28 views

Debian: Security Advisory (DLA-2330-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.3AI score0.0576EPSS
Exploits2References4
RedHat Linux
RedHat Linux
added 2020/05/26 8:42 p.m.66 views

Moderate: Red Hat Security Advisory: ruby security update

An update for ruby is now available for Red Hat Enterprise Linux 7.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...

7.5CVSS6.6AI score0.07825EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2020/05/20 12:0 a.m.35 views

RHEL 7 : ruby (RHSA-2020:2212)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2212 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system...

7.5CVSS6.5AI score0.07825EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2020/05/19 10:29 p.m.74 views

Moderate: Red Hat Security Advisory: ruby security update

An update for ruby is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support, Red Hat Enterprise Linux 7.4 Telco Extended Update Support, and Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact ...

7.5CVSS6.6AI score0.07825EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2020/04/29 12:0 a.m.60 views

RHEL 7 : ruby (RHSA-2020:1963)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1963 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system...

7.5CVSS6.5AI score0.07825EPSS
Exploits0References7
OpenVAS
OpenVAS
added 2020/03/13 12:0 a.m.46 views

Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2020-1195)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.3AI score0.0654EPSS
Exploits6References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.58 views

Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2019-2230)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.2AI score0.0576EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.35 views

Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2019-2250)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.3AI score0.0576EPSS
Exploits0References2
Rows per page
Query Builder