Lucene search
K

61 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.7 views

MiracleLinux 9 : ruby-3.0.7-162.el9_4 (AXSA:2024-8427:02)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8427:02 advisory. ruby/cgi-gem: HTTP response splitting in CGI CVE-2021-33621 ruby: ReDoS vulnerability in URI CVE-2023-28755 ruby: ReDoS vulnerability in Time...

9.8CVSS8.3AI score0.02637EPSS
Exploits1References7
IBM Security Bulletins
IBM Security Bulletins
added 2025/06/20 6:47 a.m.8 views

Security Bulletin: IBM Cloud Pak for Data Object Injection due to YAML Parsing in RDoc gem (CVE-2024-27281)

Summary Potential vulnerabilities in rdoc module CVE-2024-27281 has been identified that may affect IBM Cloud Pak for Data. Refer to details for additional information. Vulnerability Details CVEID:CVE-2024-27281 DESCRIPTION: An issue was discovered in RDoc 6.3.3 through 6.6.2, as distributed in...

4.5CVSS8.5AI score0.01571EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/05/07 12:0 a.m.10 views

RockyLinux 8 : ruby:3.0 (RLSA-2024:3500)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3500 advisory. ruby/cgi-gem: HTTP response splitting in CGI CVE-2021-33621 ruby: ReDoS vulnerability in URI CVE-2023-28755 ruby: ReDoS vulnerability in Time...

9.8CVSS7.6AI score0.02637EPSS
Exploits1References13
OpenVAS
OpenVAS
added 2025/02/11 12:0 a.m.6 views

Ubuntu: Security Advisory (USN-6838-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.5CVSS7.4AI score0.01571EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2025/02/10 5:54 p.m.9 views

USN-6838-2: Ruby vulnerability

USN-6838-1 fixed CVE-2024-27281 in Ruby 2.7, Ruby 3.0, Ruby 3.1, and Ruby 3.2. This update provides the corresponding updates for Ruby 2.3 and Ruby 2.5. Original advisory details: It was discovered that Ruby RDoc incorrectly parsed certain YAML files. If a user or automated system were tricked in...

4.5CVSS7.5AI score0.01571EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/02/10 12:0 a.m.13 views

Azure Linux 3.0 Security Update: ruby (CVE-2024-27281)

The version of ruby installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-27281 advisory. - An issue was discovered in RDoc 6.3.3 through 6.6.2, as distributed in Ruby 3.x through 3.3.0. When parsing...

4.5CVSS7.7AI score0.01571EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/02/10 12:0 a.m.10 views

Ubuntu 16.04 LTS / 18.04 LTS : Ruby vulnerability (USN-6838-2)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6838-2 advisory. USN-6838-1 fixed CVE-2024-27281 in Ruby 2.7, Ruby 3.0, Ruby 3.1, and Ruby 3.2. This update provides the corresponding updates for Ruby 2.3 and Ruby 2....

4.5CVSS6.9AI score0.01571EPSS
Exploits0References2
Amazon
Amazon
added 2024/09/18 12:0 a.m.23 views

Medium: ruby

Issue Overview: ruby: RCE vulnerability with .rdocoptions in RDoc CVE-2024-27281 Affected Packages: ruby Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories. Issue Correction: Run yum update...

4.5CVSS7.8AI score0.01571EPSS
Exploits0
Amazon
Amazon
added 2024/09/18 12:0 a.m.7 views

Medium: ruby

Issue Overview: ruby: RCE vulnerability with .rdocoptions in RDoc CVE-2024-27281 Affected Packages: ruby Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories. Issue Correction: Run yum update...

4.5CVSS7AI score0.01571EPSS
Exploits0
OpenVAS
OpenVAS
added 2024/09/03 12:0 a.m.28 views

Debian: Security Advisory (DLA-3858-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS5.9AI score0.04127EPSS
Exploits1References2
Debian
Debian
added 2024/09/02 12:46 p.m.41 views

[SECURITY] [DLA 3858-1] ruby2.7 security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3858-1 [email protected] https://www.debian.org/lts/security/ Sylvain Beucler September 02, 2024 https://wiki.debian.org/LTS -...

9.8CVSS8.4AI score0.04127EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2024/09/02 12:0 a.m.37 views

Debian dla-3858 : libruby2.7 - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3858 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3858-1 [email protected]...

9.8CVSS8.6AI score0.04127EPSS
Exploits1References18
CBLMariner
CBLMariner
added 2024/08/25 3:13 p.m.20 views

CVE-2024-27281 affecting package ruby for versions less than 3.3.3-1

CVE-2024-27281 affecting package ruby for versions less than 3.3.3-1. An upgraded version of the package is available that resolves this issue...

4.5CVSS7.1AI score0.01571EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/08/21 12:0 a.m.27 views

EulerOS Virtualization 2.11.0 : ruby (EulerOS-SA-2024-2199)

According to the versions of the ruby packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Ruby is the interpreted scripting language for quick and easy object-oriented programming. It has many features to process text files...

9.8CVSS6.9AI score0.02364EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2024/08/21 12:0 a.m.23 views

Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2024-2226)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.8AI score0.02364EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2024/08/21 12:0 a.m.19 views

Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2024-2250)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.8AI score0.02364EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/08/21 12:0 a.m.34 views

CBL Mariner 2.0 Security Update: ruby (CVE-2024-27281)

The version of ruby installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-27281 advisory. - An issue was discovered in RDoc 6.3.3 through 6.6.2, as distributed in Ruby 3.x through 3.3.0. When parsing...

4.5CVSS7.7AI score0.01571EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/08/20 12:0 a.m.31 views

EulerOS 2.0 SP12 : ruby (EulerOS-SA-2024-2226)

According to the versions of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Ruby is the interpreted scripting language for quick and easy object-oriented programming. It has many features to process text files and to do syst...

9.8CVSS7AI score0.02364EPSS
Exploits0References4
Amazon
Amazon
added 2024/08/19 12:0 a.m.9 views

Medium: ruby3.2

Issue Overview: ruby: RCE vulnerability with .rdocoptions in RDoc CVE-2024-27281 ruby: Arbitrary memory address read vulnerability with Regex search CVE-2024-27282 Affected Packages: ruby3.2 Issue Correction: Run dnf update ruby3.2 --releasever 2023.5.20240819 or dnf update --advisory...

6.6CVSS6.8AI score0.01571EPSS
Exploits0
Cloud Foundry
Cloud Foundry
added 2024/07/25 12:0 a.m.39 views

USN-6838-1: Ruby vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 22.04 Description It was discovered that Ruby RDoc incorrectly parsed certain YAML files. If a user or automated system were tricked into parsing a specially crafted .rdocoptions file, a remote attacker could possibly use...

6.6CVSS8.2AI score0.01571EPSS
Exploits0Affected Software2
Rows per page
Query Builder