Lucene search
+L

28 matches found

susecve
susecve
added 2023/02/15 4:1 a.m.3 views

SUSE CVE-2020-8130

There is an OS command injection vulnerability in Ruby Rake 12.3.3 in Rake::FileList when supplying a filename that begins with the pipe character |...

5CVSS7.7AI score0.01359EPSS
Exploits1References7
osv
osv
added 2022/09/08 1:32 p.m.5 views

SUSE-SU-2022:3212-1 Security update for rubygem-rake

This update for rubygem-rake fixes the following issues: - CVE-2020-8130: Fixed a command injection when supplying a filename that began with the pipe character bsc1164804...

6.9CVSS7.4AI score0.01359EPSS
Exploits1References3
nessus
nessus
added 2022/01/28 12:0 a.m.19 views

EulerOS 2.0 SP9 : ruby (EulerOS-SA-2022-1016)

According to the versions of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - There is an OS command injection vulnerability in Ruby Rake 12.3.3 in Rake::FileList when supplying a filename that begins with the pipe character...

6.9CVSS6.9AI score0.01359EPSS
Exploits1References2
nessus
nessus
added 2022/01/28 12:0 a.m.22 views

EulerOS 2.0 SP9 : ruby (EulerOS-SA-2022-1036)

According to the versions of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - There is an OS command injection vulnerability in Ruby Rake 12.3.3 in Rake::FileList when supplying a filename that begins with the pipe character...

6.9CVSS6.9AI score0.01359EPSS
Exploits1References2
openvas
openvas
added 2022/01/28 12:0 a.m.18 views

Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2022-1036)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.9CVSS6.8AI score0.01359EPSS
Exploits1References2
openvas
openvas
added 2021/04/19 12:0 a.m.40 views

SUSE: Security Advisory (SUSE-SU-2020:0737-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS7AI score0.29726EPSS
Exploits8References10
nessus
nessus
added 2020/11/06 12:0 a.m.26 views

EulerOS Virtualization 3.0.6.6 : ruby (EulerOS-SA-2020-2460)

According to the version of the ruby packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - There is an OS command injection vulnerability in Ruby Rake 12.3.3 in Rake::FileList when supplying a filename that begins with the pi...

6.9CVSS6.9AI score0.01359EPSS
Exploits1References2
openvas
openvas
added 2020/09/08 12:0 a.m.24 views

Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2020-1955)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.3AI score0.06811EPSS
Exploits1References2
nessus
nessus
added 2020/09/08 12:0 a.m.51 views

EulerOS Virtualization for ARM 64 3.0.2.0 : ruby (EulerOS-SA-2020-1955)

According to the versions of the ruby packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through 2.6.5, has an...

7.5CVSS7.4AI score0.06811EPSS
Exploits1References3
nessus
nessus
added 2020/09/02 12:0 a.m.21 views

EulerOS 2.0 SP5 : ruby (EulerOS-SA-2020-1944)

According to the version of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - There is an OS command injection vulnerability in Ruby Rake 12.3.3 in Rake::FileList when supplying a filename that begins with the pipe character...

6.9CVSS6.9AI score0.01359EPSS
Exploits1References2
nessus
nessus
added 2020/07/02 12:0 a.m.27 views

Amazon Linux AMI : rubygem-rake (ALAS-2020-1384)

It is, therefore, affected by a vulnerability as referenced in the ALAS-2020-1384 advisory. There is an OS command injection vulnerability in Ruby Rake 12.3.3 in Rake::FileList when supplying a filename that begins with the pipe character |. CVE-2020-8130 Tenable has extracted the preceding...

6.9CVSS6.8AI score0.01359EPSS
Exploits1References3
nessus
nessus
added 2020/07/02 12:0 a.m.28 views

Amazon Linux AMI : rubygem24-rake (ALAS-2020-1385)

The version of rubygem24-rake installed on the remote host is prior to 12.0.0-1.49. It is, therefore, affected by a vulnerability as referenced in the ALAS-2020-1385 advisory. There is an OS command injection vulnerability in Ruby Rake 12.3.3 in Rake::FileList when supplying a filename that begin...

6.9CVSS6.9AI score0.01359EPSS
Exploits1References3
amazon
amazon
added 2020/06/26 12:0 a.m.33 views

Medium: rubygem-rake

Issue Overview: There is an OS command injection vulnerability in Ruby Rake 12.3.3 in Rake::FileList when supplying a filename that begins with the pipe character |. CVE-2020-8130 Affected Packages: rubygem-rake Issue Correction: Run yum update rubygem-rake or yum update --advisory ALAS-2020-1384...

6.9CVSS7.2AI score0.01359EPSS
Exploits1
amazon
amazon
added 2020/06/26 12:0 a.m.33 views

Medium: rubygem24-rake

Issue Overview: There is an OS command injection vulnerability in Ruby Rake 12.3.3 in Rake::FileList when supplying a filename that begins with the pipe character |. CVE-2020-8130 Affected Packages: rubygem24-rake Issue Correction: Run yum update rubygem24-rake or yum update --advisory...

6.9CVSS7.2AI score0.01359EPSS
Exploits1
openvas
openvas
added 2020/04/30 12:0 a.m.56 views

Fedora: Security Advisory for rubygem-rake (FEDORA-2020-dc1ae17bb5)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.9CVSS6.8AI score0.01359EPSS
Exploits1References2
nessus
nessus
added 2020/04/27 12:0 a.m.23 views

Fedora 31 : rubygem-rake (2020-dc1ae17bb5)

A security flaw is found on rake which may case arbitrary command execution under file existence with crafted name. This new rpm will fix the issue CVE-2020-8130 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenabl...

6.9CVSS6.9AI score0.01359EPSS
Exploits1References2
nessus
nessus
added 2020/04/27 12:0 a.m.25 views

Fedora 30 : rubygem-rake (2020-28e06b5f08)

A security flaw is found on rake which may case arbitrary command execution under file existence with crafted name. This new rpm will fix the issue CVE-2020-8130 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenabl...

6.9CVSS6.9AI score0.01359EPSS
Exploits1References2
nessus
nessus
added 2020/04/02 12:0 a.m.259 views

openSUSE Security Update : ruby2.5 (openSUSE-2020-395)

This update for ruby2.5 toversion 2.5.7 fixes the following issues: ruby 2.5 was updated to version 2.5.7 - CVE-2020-8130: Fixed a command injection in intree copy of rake bsc1164804. - CVE-2019-16255: Fixed a code injection vulnerability of Shell and Shelltest bsc1152990. - CVE-2019-16254: Fixed...

8.1CVSS6.9AI score0.29726EPSS
Exploits8References14
openvas
openvas
added 2020/03/29 12:0 a.m.53 views

openSUSE: Security Advisory for Recommended (openSUSE-SU-2020:0395-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.1CVSS7.4AI score0.29726EPSS
Exploits8References2
nessus
nessus
added 2020/03/23 12:0 a.m.68 views

SUSE SLED15 / SLES15 Security Update : Recommended update for ruby2.5 (SUSE-SU-2020:0737-1)

This update for ruby2.5 toversion 2.5.7 fixes the following issues : ruby 2.5 was updated to version 2.5.7 CVE-2020-8130: Fixed a command injection in intree copy of rake bsc1164804. CVE-2019-16255: Fixed a code injection vulnerability of Shell and Shelltest bsc1152990. CVE-2019-16254: Fixed am...

8.1CVSS7AI score0.29726EPSS
Exploits8References22
Rows per page
Query Builder