Lucene search
K

24 matches found

Tenable Nessus
Tenable Nessus
added 2024/04/22 12:0 a.m.30 views

RHEL 7 : CloudForms 4.7.5 (RHSA-2019:1429)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:1429 advisory. Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual...

8.8CVSS7.7AI score0.04212EPSS
Exploits1References41
Tenable Nessus
Tenable Nessus
added 2023/10/20 12:0 a.m.34 views

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : Ruby vulnerabilities (USN-3945-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3945-1 advisory. It was discovered that Ruby incorrectly handled certain RubyGems. An attacker could possibly use this issue to execute arbitrary...

8.8CVSS7.3AI score0.04212EPSS
Exploits1References7
SUSE CVE
SUSE CVE
added 2023/02/15 4:15 a.m.2 views

SUSE CVE-2019-8320

A Directory Traversal issue was discovered in RubyGems 2.7.6 and later through 3.0.2. Before making new directories or touching files which now include path-checking code for symlinks, it would delete the target destination. If that destination was hidden behind a symlink, a malicious gem could...

7.4CVSS7.2AI score0.04212EPSS
Exploits1References8
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.20 views

SUSE: Security Advisory (SUSE-SU-2019:1804-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.8AI score0.10715EPSS
Exploits1References4
Mageia
Mageia
added 2020/11/27 8:14 p.m.120 views

Updated jruby packages fix security vulnerabilities

Response Splitting attack in the HTTP server of WEBrick CVE-2017-17742. Delete directory using symlink when decompressing tar CVE-2019-8320. Escape sequence injection vulnerability in verbose CVE-2019-8321. Escape sequence injection vulnerability in gem owner CVE-2019-8322. Escape sequence...

8.8CVSS8.5AI score0.0576EPSS
Exploits2References5
Tenable Nessus
Tenable Nessus
added 2020/08/18 12:0 a.m.121 views

Debian DLA-2330-1 : jruby security update

Several vulnerabilities were fixed in JRuby, a 100% pure-Java implementation of Ruby. CVE-2017-17742 CVE-2019-16254 HTTP Response Splitting attacks in the HTTP server of WEBrick. CVE-2019-16201 Regular Expression Denial of Service vulnerability of WEBrick's Digest access authentication...

8.8CVSS6.9AI score0.0576EPSS
Exploits2References13
OpenVAS
OpenVAS
added 2020/08/17 12:0 a.m.28 views

Debian: Security Advisory (DLA-2330-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.3AI score0.0576EPSS
Exploits2References4
OSV
OSV
added 2020/06/10 9:39 p.m.11 views

MGASA-2020-0243 Updated ruby-RubyGems packages fix security vulnerability

Updated ruby-RubyGems package fixes security vulnerabilities The following vulnerabilities have been reported. CVE-2019-8320: Delete directory using symlink when decompressing tar CVE-2019-8321: Escape sequence injection vulnerability in verbose CVE-2019-8322: Escape sequence injection...

9.8CVSS7.8AI score0.05076EPSS
Exploits1References3
Mageia
Mageia
added 2020/06/10 9:39 p.m.58 views

Updated ruby-RubyGems packages fix security vulnerability

Updated ruby-RubyGems package fixes security vulnerabilities The following vulnerabilities have been reported. CVE-2019-8320: Delete directory using symlink when decompressing tar CVE-2019-8321: Escape sequence injection vulnerability in verbose CVE-2019-8322: Escape sequence injection...

9.8CVSS2AI score0.05076EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2020/04/04 11:14 a.m.37 views

CVE-2019-8320

A Directory Traversal issue was discovered in RubyGems 2.7.6 and later through 3.0.2. Before making new directories or touching files which now include path-checking code for symlinks, it would delete the target destination. If that destination was hidden behind a symlink, a malicious gem could...

8.8CVSS1.2AI score0.04212EPSS
Exploits1References2
Amazon
Amazon
added 2019/08/07 12:0 a.m.83 views

Important: ruby20, ruby21, ruby24

Issue Overview: An issue was discovered in RubyGems. The gem owner command outputs the contents of the API response directly to stdout. Therefore, if the response is crafted, escape sequence injection may occur.CVE-2019-8322 An issue was discovered in RubyGems. Gem::GemcutterUtilitieswithresponse...

8.8CVSS7.6AI score0.04212EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2019/07/22 12:0 a.m.36 views

openSUSE Security Update : ruby-bundled-gems-rpmhelper / ruby2.5 (openSUSE-2019-1771)

This update for ruby2.5 and ruby-bundled-gems-rpmhelper fixes the following issues : Changes in ruby2.5 : Update to 2.5.5 and 2.5.4 : https://www.ruby-lang.org/en/news/2019/03/15/ruby-2-5-5-released/ https://www.ruby-lang.org/en/news/2019/03/13/ruby-2-5-4-released/ Security issues fixed : -...

9.8CVSS7.3AI score0.10715EPSS
Exploits1References46
OpenVAS
OpenVAS
added 2019/07/22 12:0 a.m.33 views

openSUSE: Security Advisory for ruby-bundled-gems-rpmhelper, ruby2.5 (openSUSE-SU-2019:1771-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS7.8AI score0.10715EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2019/07/11 12:0 a.m.40 views

SUSE SLED15 / SLES15 Security Update : ruby-bundled-gems-rpmhelper, ruby2.5 (SUSE-SU-2019:1804-1)

This update for ruby2.5 and ruby-bundled-gems-rpmhelper fixes the following issues : Changes in ruby2.5 : Update to 2.5.5 and 2.5.4 : https://www.ruby-lang.org/en/news/2019/03/15/ruby-2-5-5-released/ https://www.ruby-lang.org/en/news/2019/03/13/ruby-2-5-4-released/ Security issues fixed :...

9.8CVSS6.9AI score0.10715EPSS
Exploits1References68
OSV
OSV
added 2019/07/10 8:40 a.m.8 views

SUSE-SU-2019:1804-1 Security update for ruby-bundled-gems-rpmhelper, ruby2.5

This update for ruby2.5 and ruby-bundled-gems-rpmhelper fixes the following issues: Changes in ruby2.5: Update to 2.5.5 and 2.5.4: https://www.ruby-lang.org/en/news/2019/03/15/ruby-2-5-5-released/ https://www.ruby-lang.org/en/news/2019/03/13/ruby-2-5-4-released/ Security issues fixed: -...

9.8CVSS8.6AI score0.10715EPSS
Exploits1References45
RedHat Linux
RedHat Linux
added 2019/06/11 5:33 a.m.90 views

Important: Red Hat Security Advisory: CloudForms 4.7.5 security, bug fix and enhancement update

An update is now available for CloudForms Management Engine 5.10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...

8.8CVSS7.2AI score0.04212EPSS
Exploits1References34
RedHat Linux
RedHat Linux
added 2019/05/13 9:20 a.m.107 views

Important: Red Hat Security Advisory: rh-ruby24-ruby security, bug fix, and enhancement update

An update for rh-ruby24-ruby is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabili...

8.8CVSS7.1AI score0.04212EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2019/05/13 9:4 a.m.110 views

Important: Red Hat Security Advisory: rh-ruby25-ruby security, bug fix, and enhancement update

An update for rh-ruby25-ruby is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabili...

8.8CVSS7.1AI score0.04212EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2019/05/03 12:0 a.m.38 views

Fedora 29 : ruby (2019-a155364f3c)

Rebase to latest minor version fixes CVE-2019-8320 CVE-2019-8321 CVE-2019-8322 CVE-2019-8323 CVE-2019-8324 CVE-2019-8325 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean an...

8.8CVSS6.6AI score0.04212EPSS
Exploits1References7
OpenVAS
OpenVAS
added 2019/04/18 12:0 a.m.166 views

Debian: Security Advisory (DSA-4433-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.5AI score0.04212EPSS
Exploits1References4
Rows per page
Query Builder