28 matches found
SUSE CVE-2020-8130
There is an OS command injection vulnerability in Ruby Rake 12.3.3 in Rake::FileList when supplying a filename that begins with the pipe character |...
SUSE-SU-2022:3212-1 Security update for rubygem-rake
This update for rubygem-rake fixes the following issues: - CVE-2020-8130: Fixed a command injection when supplying a filename that began with the pipe character bsc1164804...
EulerOS 2.0 SP9 : ruby (EulerOS-SA-2022-1016)
According to the versions of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - There is an OS command injection vulnerability in Ruby Rake 12.3.3 in Rake::FileList when supplying a filename that begins with the pipe character...
EulerOS 2.0 SP9 : ruby (EulerOS-SA-2022-1036)
According to the versions of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - There is an OS command injection vulnerability in Ruby Rake 12.3.3 in Rake::FileList when supplying a filename that begins with the pipe character...
Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2022-1036)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2020:0737-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 3.0.6.6 : ruby (EulerOS-SA-2020-2460)
According to the version of the ruby packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - There is an OS command injection vulnerability in Ruby Rake 12.3.3 in Rake::FileList when supplying a filename that begins with the pi...
Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2020-1955)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization for ARM 64 3.0.2.0 : ruby (EulerOS-SA-2020-1955)
According to the versions of the ruby packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through 2.6.5, has an...
EulerOS 2.0 SP5 : ruby (EulerOS-SA-2020-1944)
According to the version of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - There is an OS command injection vulnerability in Ruby Rake 12.3.3 in Rake::FileList when supplying a filename that begins with the pipe character...
Amazon Linux AMI : rubygem-rake (ALAS-2020-1384)
It is, therefore, affected by a vulnerability as referenced in the ALAS-2020-1384 advisory. There is an OS command injection vulnerability in Ruby Rake 12.3.3 in Rake::FileList when supplying a filename that begins with the pipe character |. CVE-2020-8130 Tenable has extracted the preceding...
Amazon Linux AMI : rubygem24-rake (ALAS-2020-1385)
The version of rubygem24-rake installed on the remote host is prior to 12.0.0-1.49. It is, therefore, affected by a vulnerability as referenced in the ALAS-2020-1385 advisory. There is an OS command injection vulnerability in Ruby Rake 12.3.3 in Rake::FileList when supplying a filename that begin...
Medium: rubygem-rake
Issue Overview: There is an OS command injection vulnerability in Ruby Rake 12.3.3 in Rake::FileList when supplying a filename that begins with the pipe character |. CVE-2020-8130 Affected Packages: rubygem-rake Issue Correction: Run yum update rubygem-rake or yum update --advisory ALAS-2020-1384...
Medium: rubygem24-rake
Issue Overview: There is an OS command injection vulnerability in Ruby Rake 12.3.3 in Rake::FileList when supplying a filename that begins with the pipe character |. CVE-2020-8130 Affected Packages: rubygem24-rake Issue Correction: Run yum update rubygem24-rake or yum update --advisory...
Fedora: Security Advisory for rubygem-rake (FEDORA-2020-dc1ae17bb5)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora 31 : rubygem-rake (2020-dc1ae17bb5)
A security flaw is found on rake which may case arbitrary command execution under file existence with crafted name. This new rpm will fix the issue CVE-2020-8130 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenabl...
Fedora 30 : rubygem-rake (2020-28e06b5f08)
A security flaw is found on rake which may case arbitrary command execution under file existence with crafted name. This new rpm will fix the issue CVE-2020-8130 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenabl...
openSUSE Security Update : ruby2.5 (openSUSE-2020-395)
This update for ruby2.5 toversion 2.5.7 fixes the following issues: ruby 2.5 was updated to version 2.5.7 - CVE-2020-8130: Fixed a command injection in intree copy of rake bsc1164804. - CVE-2019-16255: Fixed a code injection vulnerability of Shell and Shelltest bsc1152990. - CVE-2019-16254: Fixed...
openSUSE: Security Advisory for Recommended (openSUSE-SU-2020:0395-1)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
SUSE SLED15 / SLES15 Security Update : Recommended update for ruby2.5 (SUSE-SU-2020:0737-1)
This update for ruby2.5 toversion 2.5.7 fixes the following issues : ruby 2.5 was updated to version 2.5.7 CVE-2020-8130: Fixed a command injection in intree copy of rake bsc1164804. CVE-2019-16255: Fixed a code injection vulnerability of Shell and Shelltest bsc1152990. CVE-2019-16254: Fixed am...