Lucene search
K

61 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.7 views

MiracleLinux 9 : ruby-3.0.7-162.el9_4 (AXSA:2024-8427:02)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8427:02 advisory. ruby/cgi-gem: HTTP response splitting in CGI CVE-2021-33621 ruby: ReDoS vulnerability in URI CVE-2023-28755 ruby: ReDoS vulnerability in Time...

9.8CVSS8.3AI score0.02637EPSS
Exploits1References7
IBM Security Bulletins
IBM Security Bulletins
added 2025/06/20 6:47 a.m.8 views

Security Bulletin: IBM Cloud Pak for Data Object Injection due to YAML Parsing in RDoc gem (CVE-2024-27281)

Summary Potential vulnerabilities in rdoc module CVE-2024-27281 has been identified that may affect IBM Cloud Pak for Data. Refer to details for additional information. Vulnerability Details CVEID:CVE-2024-27281 DESCRIPTION: An issue was discovered in RDoc 6.3.3 through 6.6.2, as distributed in...

4.5CVSS8.5AI score0.01571EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/05/07 12:0 a.m.10 views

RockyLinux 8 : ruby:3.0 (RLSA-2024:3500)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3500 advisory. ruby/cgi-gem: HTTP response splitting in CGI CVE-2021-33621 ruby: ReDoS vulnerability in URI CVE-2023-28755 ruby: ReDoS vulnerability in Time...

9.8CVSS7.6AI score0.02637EPSS
Exploits1References13
OpenVAS
OpenVAS
added 2025/02/11 12:0 a.m.6 views

Ubuntu: Security Advisory (USN-6838-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.5CVSS7.4AI score0.01571EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2025/02/10 5:54 p.m.9 views

USN-6838-2: Ruby vulnerability

USN-6838-1 fixed CVE-2024-27281 in Ruby 2.7, Ruby 3.0, Ruby 3.1, and Ruby 3.2. This update provides the corresponding updates for Ruby 2.3 and Ruby 2.5. Original advisory details: It was discovered that Ruby RDoc incorrectly parsed certain YAML files. If a user or automated system were tricked in...

4.5CVSS7.5AI score0.01571EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/02/10 12:0 a.m.10 views

Ubuntu 16.04 LTS / 18.04 LTS : Ruby vulnerability (USN-6838-2)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6838-2 advisory. USN-6838-1 fixed CVE-2024-27281 in Ruby 2.7, Ruby 3.0, Ruby 3.1, and Ruby 3.2. This update provides the corresponding updates for Ruby 2.3 and Ruby 2....

4.5CVSS6.9AI score0.01571EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/02/10 12:0 a.m.13 views

Azure Linux 3.0 Security Update: ruby (CVE-2024-27281)

The version of ruby installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-27281 advisory. - An issue was discovered in RDoc 6.3.3 through 6.6.2, as distributed in Ruby 3.x through 3.3.0. When parsing...

4.5CVSS7.7AI score0.01571EPSS
Exploits0References2
Amazon
Amazon
added 2024/09/18 12:0 a.m.23 views

Medium: ruby

Issue Overview: ruby: RCE vulnerability with .rdocoptions in RDoc CVE-2024-27281 Affected Packages: ruby Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories. Issue Correction: Run yum update...

4.5CVSS7.8AI score0.01571EPSS
Exploits0
Amazon
Amazon
added 2024/09/18 12:0 a.m.7 views

Medium: ruby

Issue Overview: ruby: RCE vulnerability with .rdocoptions in RDoc CVE-2024-27281 Affected Packages: ruby Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories. Issue Correction: Run yum update...

4.5CVSS7AI score0.01571EPSS
Exploits0
OpenVAS
OpenVAS
added 2024/09/03 12:0 a.m.28 views

Debian: Security Advisory (DLA-3858-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS5.9AI score0.04127EPSS
Exploits1References2
Debian
Debian
added 2024/09/02 12:46 p.m.41 views

[SECURITY] [DLA 3858-1] ruby2.7 security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3858-1 [email protected] https://www.debian.org/lts/security/ Sylvain Beucler September 02, 2024 https://wiki.debian.org/LTS -...

9.8CVSS8.4AI score0.04127EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2024/09/02 12:0 a.m.37 views

Debian dla-3858 : libruby2.7 - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3858 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3858-1 [email protected]...

9.8CVSS8.6AI score0.04127EPSS
Exploits1References18
CBLMariner
CBLMariner
added 2024/08/25 3:13 p.m.20 views

CVE-2024-27281 affecting package ruby for versions less than 3.3.3-1

CVE-2024-27281 affecting package ruby for versions less than 3.3.3-1. An upgraded version of the package is available that resolves this issue...

4.5CVSS7.1AI score0.01571EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/08/21 12:0 a.m.27 views

EulerOS Virtualization 2.11.0 : ruby (EulerOS-SA-2024-2199)

According to the versions of the ruby packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Ruby is the interpreted scripting language for quick and easy object-oriented programming. It has many features to process text files...

9.8CVSS6.9AI score0.02364EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2024/08/21 12:0 a.m.19 views

Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2024-2250)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.8AI score0.02364EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2024/08/21 12:0 a.m.23 views

Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2024-2226)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.8AI score0.02364EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/08/21 12:0 a.m.34 views

CBL Mariner 2.0 Security Update: ruby (CVE-2024-27281)

The version of ruby installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-27281 advisory. - An issue was discovered in RDoc 6.3.3 through 6.6.2, as distributed in Ruby 3.x through 3.3.0. When parsing...

4.5CVSS7.7AI score0.01571EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/08/20 12:0 a.m.31 views

EulerOS 2.0 SP12 : ruby (EulerOS-SA-2024-2226)

According to the versions of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Ruby is the interpreted scripting language for quick and easy object-oriented programming. It has many features to process text files and to do syst...

9.8CVSS7AI score0.02364EPSS
Exploits0References4
Amazon
Amazon
added 2024/08/19 12:0 a.m.9 views

Medium: ruby3.2

Issue Overview: ruby: RCE vulnerability with .rdocoptions in RDoc CVE-2024-27281 ruby: Arbitrary memory address read vulnerability with Regex search CVE-2024-27282 Affected Packages: ruby3.2 Issue Correction: Run dnf update ruby3.2 --releasever 2023.5.20240819 or dnf update --advisory...

6.6CVSS6.8AI score0.01571EPSS
Exploits0
Cloud Foundry
Cloud Foundry
added 2024/07/25 12:0 a.m.39 views

USN-6838-1: Ruby vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 22.04 Description It was discovered that Ruby RDoc incorrectly parsed certain YAML files. If a user or automated system were tricked into parsing a specially crafted .rdocoptions file, a remote attacker could possibly use...

6.6CVSS8.2AI score0.01571EPSS
Exploits0Affected Software2
Rows per page
Query Builder