Lucene search
K

26 matches found

Tenable Nessus
Tenable Nessus
added 2024/04/27 12:0 a.m.35 views

RHEL 6 / 7 : rh-ruby24-ruby (RHSA-2018:0584)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:0584 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system...

9.8CVSS7.7AI score0.73927EPSS
Exploits6References7
OpenVAS
OpenVAS
added 2023/03/08 12:0 a.m.30 views

Debian: Security Advisory (DLA-1222-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.4AI score0.73927EPSS
Exploits6References3
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.29 views

Mageia: Security Advisory (MGASA-2017-0486)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.4AI score0.73927EPSS
Exploits6References4
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.33 views

Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2018-1029)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9AI score0.05913EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.34 views

Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2018-1030)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9AI score0.05913EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.39 views

Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2018-1248)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.2AI score0.73927EPSS
Exploits14References2
RedhatCVE
RedhatCVE
added 2019/10/08 4:44 a.m.40 views

CVE-2017-17790

The "lazyinitialize" function in lib/resolv.rb did not properly process certain filenames. A remote attacker could possibly exploit this flaw to inject and execute arbitrary commands...

9.8CVSS3.8AI score0.05913EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2018/08/02 12:0 a.m.49 views

Debian DSA-4259-1 : ruby2.3 - security update

Several vulnerabilities have been discovered in the interpreter for the Ruby language, which may result in incorrect processing of HTTP/FTP, directory traversal, command injection, unintended socket creation or information disclosure. This update also fixes several issues in RubyGems which could...

9.8CVSS6.9AI score0.73927EPSS
Exploits6References18
Debian
Debian
added 2018/07/31 9:40 p.m.47 views

[SECURITY] [DSA 4259-1] ruby2.3 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4259-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff July 31, 2018 https://www.debian.org/security/faq -...

9.8CVSS9AI score0.73927EPSS
Exploits6
Tenable Nessus
Tenable Nessus
added 2018/07/24 12:0 a.m.41 views

Photon OS 2.0 : libtiff / openjdk8 / ruby (PhotonOS-PHSA-2018-2.0-0013) (deprecated)

An update of 'libtiff', 'openjdk8', 'ruby' packages of Photon OS has been released. C Tenable Network Security, Inc. @DEPRECATED@ Disabled on 2/7/2019 The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2018-2.0-0013. The text itself is copyrig...

0.3AI score0.06905EPSS
Exploits4References23
Debian
Debian
added 2018/07/14 6:28 a.m.61 views

[SECURITY] [DLA 1421-1] ruby2.1 security update

Package : ruby2.1 Version : 2.1.5-2+deb8u4 CVE ID : CVE-2015-9096 CVE-2016-2339 CVE-2016-7798 CVE-2017-0898 CVE-2017-0899 CVE-2017-0900 CVE-2017-0901 CVE-2017-0902 CVE-2017-0903 CVE-2017-10784 CVE-2017-14033 CVE-2017-14064 CVE-2017-17405 CVE-2017-17742 CVE-2017-17790 CVE-2018-6914 CVE-2018-8777...

9.8CVSS7.4AI score0.73927EPSS
Exploits18
Tenable Nessus
Tenable Nessus
added 2018/04/06 12:0 a.m.72 views

Amazon Linux AMI : ruby20 / ruby22,ruby23,ruby24 (ALAS-2018-983)

Path traversal when writing to a symlinked basedir outside of the root RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 series: 2.4.3 and earlier, Ruby 2.5 series: 2.5.0 and earlier, prior to trunk revision 62422 contains a Directory Traversal...

9.8CVSS7.6AI score0.10552EPSS
Exploits1References15
RedHat Linux
RedHat Linux
added 2018/03/26 10:1 a.m.45 views

Important: Red Hat Security Advisory: rh-ruby24-ruby security, bug fix, and enhancement update

An update for rh-ruby24-ruby is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabili...

9.8CVSS7.2AI score0.73927EPSS
Exploits6References4
Tenable Nessus
Tenable Nessus
added 2018/03/12 12:0 a.m.22 views

Fedora 26 : ruby (2018-1fffa787e7)

Fix: Multiple vulnerabilities in RubyGems https://www.ruby-lang.org/en/news/2018/02/17/multiple-vulnerabilities- in-rubygems/ Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically cle...

9.8CVSS7.2AI score0.05913EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2018/03/03 12:0 a.m.58 views

Fedora Update for ruby FEDORA-2018-40ed78700c

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.1AI score0.05913EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2018/03/01 12:0 a.m.77 views

RHEL 7 : ruby (RHSA-2018:0378)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:0378 advisory. - ruby: Buffer underrun vulnerability in Kernel.sprintf CVE-2017-0898 - rubygems: Escape sequence in the summary field of gemspec...

9.8CVSS7.7AI score0.73927EPSS
Exploits14References24
Oracle linux
Oracle linux
added 2018/02/28 12:0 a.m.59 views

ruby security update

2.0.0.648-33 - Fix always passing WEBrick test. 2.0.0.648-32 - Add Psych.safeload ruby-2.1.0-there-should-be-only-one-exception.patch ruby-2.1.0-Adding-Psych.safeload.patch Related: CVE-2017-0903 - Disable Tokyo TZ tests broken by recen tzdata update. ruby-2.5.0-Disable-Tokyo-TZ-tests.patch...

9.8CVSS9.8AI score0.73927EPSS
Exploits14
Tenable Nessus
Tenable Nessus
added 2018/01/29 12:0 a.m.31 views

EulerOS 2.0 SP1 : ruby (EulerOS-SA-2018-1029)

According to the version of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - The lazyinitialize function in lib/resolv.rb in Ruby through 2.4.3 uses Kernelopen, which might allow Command Injection attacks, as demonstrated by a...

9.8CVSS7.2AI score0.73927EPSS
Exploits6References2
Ubuntu
Ubuntu
added 2018/01/10 2:22 p.m.75 views

USN-3528-1: Ruby vulnerabilities

It was discovered that Ruby incorrectly handled certain terminal emulator escape sequences. An attacker could use this to execute arbitrary code via a crafted user name. This issue only affected Ubuntu 16.04 LTS and Ubuntu 17.10. CVE-2017-10784 It was discovered that Ruby incorrectly handled...

9.8CVSS7.8AI score0.16412EPSS
Exploits2
OSV
OSV
added 2017/12/31 3:51 p.m.11 views

MGASA-2017-0486 Updated ruby packages fix security vulnerabilities

Ruby before 2.4.3 allows Net::FTP command injection. Net::FTPget, getbinaryfile, gettextfile, put, putbinaryfile, and puttextfile use Kernelopen to open a local file. If the localfile argument starts with the "|" pipe character, the command following the pipe character is executed. The default...

9.8CVSS9.3AI score0.73927EPSS
Exploits6References3
Rows per page
Query Builder