Lucene search
+L

15 matches found

Tenable Nessus
Tenable Nessus
added 2024/04/28 12:0 a.m.24 views

RHEL 7 / 8 : Satellite 6.11.4 Async Security Update (Important) (RHSA-2022:7242)

The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:7242 advisory. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessit...

8.1CVSS8.3AI score0.02056EPSS
Exploits1References19
OSV
OSV
added 2024/04/12 11:7 a.m.5 views

OESA-2024-1399 rubygem-tzinfo security update

TZInfo provides daylight savings aware transformations between times in different time zones. Security Fixes: TZInfo is a Ruby library that provides access to time zone data and allows times to be converted using time zone rules. Versions prior to 0.36.1, as well as those prior to 1.2.10 when use...

8.1CVSS7.2AI score0.01786EPSS
Exploits1References2
Rockylinux
Rockylinux
added 2023/05/05 3:39 p.m.111 views

Satellite 6.13 Release

An update is available for libdb. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Rocky Enterprise Software Foundation Satellite is a systems management tool for...

9.8CVSS8.2AI score0.99931EPSS
Exploits67
OpenVAS
OpenVAS
added 2022/08/19 12:0 a.m.15 views

Debian: Security Advisory (DLA-3077-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS8.1AI score0.01786EPSS
Exploits1References3
Debian
Debian
added 2022/08/18 5:46 p.m.109 views

[SECURITY] [DLA 3077-1] ruby-tzinfo security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3077-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb August 18, 2022 https://wiki.debian.org/LTS -...

8.1CVSS7.7AI score0.01786EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2022/08/18 12:0 a.m.76 views

Debian DLA-3077-1 : ruby-tzinfo - LTS security update

The remote Debian 10 host has a package installed that is affected by a vulnerability as referenced in the dla-3077 advisory. - TZInfo is a Ruby library that provides access to time zone data and allows times to be converted using time zone rules. Versions prior to 0.36.1, as well as those prior ...

8.1CVSS7AI score0.01786EPSS
Exploits1References4
OSV
OSV
added 2022/08/10 12:52 p.m.8 views

SUSE-SU-2022:2765-1 Security update for rubygem-tzinfo

This update for rubygem-tzinfo fixes the following issues: - CVE-2022-31163: Fixed relative path traversal vulnerability that allows TZInfo::Timezone.get to load arbitrary files bsc1201835...

8.1CVSS8AI score0.01786EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2022/07/30 12:0 a.m.16 views

openSUSE: Security Advisory for rubygem-tzinfo (SUSE-SU-2022:2592-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.1CVSS7.8AI score0.01786EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2022/07/30 12:0 a.m.43 views

SUSE SLES15 Security Update : rubygem-tzinfo (SUSE-SU-2022:2592-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2022:2592-1 advisory. - TZInfo is a Ruby library that provides access to time zone data and allows times to be converted using time zone rules. Versions prior to...

8.1CVSS7AI score0.01786EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2022/07/25 3:39 p.m.39 views

CVE-2022-31163

A flaw was found in rubygem-tzinfo. When using the Timezone.get function, it fails to validate time zone identifiers correctly, allowing a new line character input within the identifier. This flaw allows an attacker to use the new line character and write any code, which will be executed within t...

7.5CVSS3.5AI score0.01786EPSS
Exploits1References4
NVD
NVD
added 2022/07/22 4:15 a.m.19 views

CVE-2022-31163

TZInfo is a Ruby library that provides access to time zone data and allows times to be converted using time zone rules. Versions prior to 0.36.1, as well as those prior to 1.2.10 when used with the Ruby data source tzinfo-data, are vulnerable to relative path traversal. With the Ruby data source,...

8.1CVSS0.01786EPSS
Exploits1References7
UbuntuCve
UbuntuCve
added 2022/07/22 4:15 a.m.42 views

CVE-2022-31163

TZInfo is a Ruby library that provides access to time zone data and allows times to be converted using time zone rules. Versions prior to 0.36.1, as well as those prior to 1.2.10 when used with the Ruby data source tzinfo-data, are vulnerable to relative path traversal. With the Ruby data source,...

8.1CVSS6.8AI score0.01786EPSS
Exploits1References5
Cvelist
Cvelist
added 2022/07/21 1:30 p.m.59 views

CVE-2022-31163 TZInfo relative path traversal vulnerability allows loading of arbitrary files

TZInfo is a Ruby library that provides access to time zone data and allows times to be converted using time zone rules. Versions prior to 0.36.1, as well as those prior to 1.2.10 when used with the Ruby data source tzinfo-data, are vulnerable to relative path traversal. With the Ruby data source,...

7.5CVSS8.2AI score0.01786EPSS
Exploits1References6
Debian CVE
Debian CVE
added 2022/07/21 1:30 p.m.70 views

CVE-2022-31163

TZInfo is a Ruby library that provides access to time zone data and allows times to be converted using time zone rules. Versions prior to 0.36.1, as well as those prior to 1.2.10 when used with the Ruby data source tzinfo-data, are vulnerable to relative path traversal. With the Ruby data source,...

8.1CVSS6.7AI score0.01786EPSS
Exploits1
CVE
CVE
added 2022/07/21 1:30 p.m.265 views

CVE-2022-31163

CVE-2022-31163 affects the TZInfo Ruby library. The vulnerability arises when TZInfo::Timezone.get validates time zone identifiers, allowing a newline in the identifier to cause relative path traversal and, with Ruby 1.9.3+, loading unintended files via require. Affected versions are TZInfo prior...

8.1CVSS7.7AI score0.01786EPSS
Exploits1References7Affected Software1
Rows per page
Query Builder