25 matches found
RHEL 6 / 7 : rh-ruby24-ruby (RHSA-2018:3730)
The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:3730 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system...
Ubuntu 14.04 LTS / 16.04 LTS : Ruby vulnerabilities (USN-3626-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3626-1 advisory. It was discovered that Ruby incorrectly handled certain inputs. An attacker could possibly use this to execute arbitrary code. CVE-2018-6914 ...
SUSE: Security Advisory (SUSE-SU-2019:1804-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2018-8779
It was found that the UNIXSocket::open and UNIXServer::open ruby methods did not handle the NULL byte properly. An attacker, able to inject NULL bytes in the socket path, could possibly trigger an unspecified behavior of the ruby script. Mitigation It is possible to test for presence of the NULL...
Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2018-1207)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2018-1206)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2018-1275)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : ruby-bundled-gems-rpmhelper / ruby2.5 (openSUSE-2019-1771)
This update for ruby2.5 and ruby-bundled-gems-rpmhelper fixes the following issues : Changes in ruby2.5 : Update to 2.5.5 and 2.5.4 : https://www.ruby-lang.org/en/news/2019/03/15/ruby-2-5-5-released/ https://www.ruby-lang.org/en/news/2019/03/13/ruby-2-5-4-released/ Security issues fixed : -...
SUSE SLED15 / SLES15 Security Update : ruby-bundled-gems-rpmhelper, ruby2.5 (SUSE-SU-2019:1804-1)
This update for ruby2.5 and ruby-bundled-gems-rpmhelper fixes the following issues : Changes in ruby2.5 : Update to 2.5.5 and 2.5.4 : https://www.ruby-lang.org/en/news/2019/03/15/ruby-2-5-5-released/ https://www.ruby-lang.org/en/news/2019/03/13/ruby-2-5-4-released/ Security issues fixed :...
Important: Red Hat Security Advisory: rh-ruby25-ruby security, bug fix, and enhancement update
An update for rh-ruby25-ruby is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabili...
Ubuntu: Security Advisory (USN-3626-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DSA-4259-1 : ruby2.3 - security update
Several vulnerabilities have been discovered in the interpreter for the Ruby language, which may result in incorrect processing of HTTP/FTP, directory traversal, command injection, unintended socket creation or information disclosure. This update also fixes several issues in RubyGems which could...
[SECURITY] [DSA 4259-1] ruby2.3 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4259-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff July 31, 2018 https://www.debian.org/security/faq -...
macOS 10.13.x < 10.13.6 Multiple Vulnerabilities
The remote host is running a version of macOS / Mac OS X that is 10.13.x prior to 10.13.6. It is, therefore, affected by multiple vulnerabilities. Note that successful exploitation of the most serious issues can result in arbitrary code execution. C Tenable Network Security, Inc...
[SECURITY] [DLA 1421-1] ruby2.1 security update
Package : ruby2.1 Version : 2.1.5-2+deb8u4 CVE ID : CVE-2015-9096 CVE-2016-2339 CVE-2016-7798 CVE-2017-0898 CVE-2017-0899 CVE-2017-0900 CVE-2017-0901 CVE-2017-0902 CVE-2017-0903 CVE-2017-10784 CVE-2017-14033 CVE-2017-14064 CVE-2017-17405 CVE-2017-17742 CVE-2017-17790 CVE-2018-6914 CVE-2018-8777...
Fedora Update for ruby FEDORA-2018-a459acd54b
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 27 : ruby (2018-a459acd54b)
Backport rubygem.macros changes. Enables maintaners to build rubygems using same macros in all Fedoras. ---- Rebase to Ruby 2.4.4. Includes several CVE fixes. https://www.ruby-lang.org/en/news/2018/03/28/ruby-2-4-4-released/ Note that Tenable Network Security has extracted the preceding descripti...
Fedora Update for ruby FEDORA-2018-7be77249d4
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DLA-1358-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-3626-1: Ruby vulnerabilities
It was discovered that Ruby incorrectly handled certain inputs. An attacker could possibly use this to execute arbitrary code. CVE-2018-6914 It was discovered that Ruby incorrectly handled certain inputs. An attacker could possibly use this to access sensitive information. CVE-2018-8778,...