56 matches found
MiracleLinux 9 : ruby-3.0.7-162.el9_4 (AXSA:2024-8427:02)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8427:02 advisory. ruby/cgi-gem: HTTP response splitting in CGI CVE-2021-33621 ruby: ReDoS vulnerability in URI CVE-2023-28755 ruby: ReDoS vulnerability in Time...
RockyLinux 8 : ruby:3.0 (RLSA-2024:3500)
The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3500 advisory. ruby/cgi-gem: HTTP response splitting in CGI CVE-2021-33621 ruby: ReDoS vulnerability in URI CVE-2023-28755 ruby: ReDoS vulnerability in Time...
Azure Linux 3.0 Security Update: ruby (CVE-2024-27282)
The version of ruby installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-27282 advisory. - An issue was discovered in Ruby 3.x through 3.3.0. If attacker-supplied data is provided to the Ruby regex...
EulerOS 2.0 SP11 : ruby (EulerOS-SA-2024-2568)
According to the versions of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Rubygems.org is the Ruby community's gem hosting service. A Gem publisher can cause a Remote DoS when publishing a Gem. This is due to how Ruby read...
EulerOS 2.0 SP11 : ruby (EulerOS-SA-2024-2594)
According to the versions of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Rubygems.org is the Ruby community's gem hosting service. A Gem publisher can cause a Remote DoS when publishing a Gem. This is due to how Ruby read...
Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2024-2568)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Amazon Linux 2 : ruby (ALAS-2024-2637)
The version of ruby installed on the remote host is prior to 2.0.0.648-36. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2637 advisory. A flaw was found in the way the Ruby REXML library parsed XML documents. Parsing a specially crafted XML document using...
EulerOS 2.0 SP10 : ruby (EulerOS-SA-2024-2452)
According to the versions of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An issue was discovered in Ruby 3.x through 3.3.0. If attacker-supplied data is provided to the Ruby regex compiler, it is possible to extract...
Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2024-2429)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2024-2452)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DLA-3858-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 3858-1] ruby2.7 security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3858-1 [email protected] https://www.debian.org/lts/security/ Sylvain Beucler September 02, 2024 https://wiki.debian.org/LTS -...
Debian dla-3858 : libruby2.7 - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3858 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3858-1 [email protected]...
CBL Mariner 2.0 Security Update: ruby (CVE-2024-27282)
The version of ruby installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-27282 advisory. - An issue was discovered in Ruby 3.x through 3.3.0. If attacker-supplied data is provided to the Ruby regex...
CVE-2024-27282 affecting package ruby for versions less than 3.3.3-1
CVE-2024-27282 affecting package ruby for versions less than 3.3.3-1. An upgraded version of the package is available that resolves this issue...
Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2024-2226)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2024-2250)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP12 : ruby (EulerOS-SA-2024-2226)
According to the versions of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Ruby is the interpreted scripting language for quick and easy object-oriented programming. It has many features to process text files and to do syst...
Medium: ruby3.2
Issue Overview: ruby: RCE vulnerability with .rdocoptions in RDoc CVE-2024-27281 ruby: Arbitrary memory address read vulnerability with Regex search CVE-2024-27282 Affected Packages: ruby3.2 Issue Correction: Run dnf update ruby3.2 --releasever 2023.5.20240819 or dnf update --advisory...
USN-6838-1: Ruby vulnerabilities | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 22.04 Description It was discovered that Ruby RDoc incorrectly parsed certain YAML files. If a user or automated system were tricked into parsing a specially crafted .rdocoptions file, a remote attacker could possibly use...