44 matches found
Alibaba Cloud Linux 3 : 0044: ruby:2.7 (ALINUX3-SA-2021:0044)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2021:0044 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2020-25613: An issue was discovered in...
Amazon Linux 2 : ruby (ALAS-2024-2637)
The version of ruby installed on the remote host is prior to 2.0.0.648-36. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2637 advisory. A flaw was found in the way the Ruby REXML library parsed XML documents. Parsing a specially crafted XML document using...
RHEL 7 : ruby (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - ruby: Fiddle::Function.new heap buffer overflow CVE-2016-2339 - Type confusion exists in canceleval Ruby'...
Amazon Linux 2 : ruby (ALASRUBY3.0-2023-007)
The version of ruby installed on the remote host is prior to 3.0.1-148. It is, therefore, affected by a vulnerability as referenced in the ALAS2RUBY3.0-2023-007 advisory. A flaw was found in the way the Ruby REXML library parsed XML documents. Parsing a specially crafted XML document using REXML...
Amazon Linux 2 : ruby (ALASRUBY2.6-2023-006)
The version of ruby installed on the remote host is prior to 2.6.7-126. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2RUBY2.6-2023-006 advisory. An issue was discovered in Ruby through 2.5.8, 2.6.x through 2.6.6, and 2.7.x through 2.7.1. WEBrick, a simple HTTP...
RHEL 7 : rh-ruby25-ruby (RHSA-2021:2104)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:2104 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system...
CVE-2021-28965 affecting package ruby for versions less than 2.7.4-1
CVE-2021-28965 affecting package ruby for versions less than 2.7.4-1. An upgraded version of the package is available that resolves this issue...
RHEL 8 : ruby:2.6 (RHSA-2022:0582)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:0582 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system...
Rocky Linux 8 : ruby:2.5 (RLSA-2021:2587)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:2587 advisory. - Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 mishandles path checking within File.fnmatch functions. CVE-2019-15845 -...
Rocky Linux 8 : ruby:2.7 (RLSA-2021:2584)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:2584 advisory. - An issue was discovered in Ruby through 2.5.8, 2.6.x through 2.6.6, and 2.7.x through 2.7.1. WEBrick, a simple HTTP server bundled with Ruby, had not...
Debian: Security Advisory (DSA-5066-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DSA-5066-1 : ruby2.5 - security update
The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5066 advisory. Several vulnerabilities have been discovered in the interpreter for the Ruby language and the Rubygems included, which may result in XML roundtrip attacks, the...
[SECURITY] [DSA 5066-1] ruby2.5 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5066-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff February 03, 2022 https://www.debian.org/security/faq -...
Mageia: Security Advisory (MGASA-2021-0579)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2021-2866)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2021-2281)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2021-2255)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2021-2069)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2021-2012)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization for ARM 64 3.0.6.0 : ruby (EulerOS-SA-2021-2012)
According to the version of the ruby packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - The REXML gem before 3.2.5 in Ruby before 2.6.7, 2.7.x before 2.7.3, and 3.x before 3.0.1 does not properly address XML...