Lucene search
K

12 matches found

OPENSUSE Linux
OPENSUSE Linux
added 2025/05/18 12:0 a.m.5 views

ruby3.4-rubygem-actionmailer-7.0-7.0.8.6-1.3 on GA media (moderate)

ruby3.4-rubygem-actionmailer-7.0-7.0.8.6-1.3 on GA media Announcement ID: openSUSE-SU-2025:15109-1 Rating: moderate Cross-References: CVE-2024-47889 CVSS scores: CVE-2024-47889 SUSE : 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: openSUSE Tumbleweed An update that solves one...

5.9CVSS7.3AI score0.00944EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/15 3:13 a.m.28 views

Security Bulletin: A vulnerability in Ruby on Rails affects IBM License Metric Tool v9.

Summary There are vulnerabilities in the Ruby On Rails component used by IBM License Metric Tool. Vulnerability Details CVEID:CVE-2024-47887 DESCRIPTION: railsis vulnerable to a denial of service, caused by a regular expression denial of service ReDoS flaw in HTTP Token authentication in Action...

8.7CVSS6.3AI score0.01103EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2025/02/25 12:0 a.m.8 views

Ubuntu: Security Advisory (USN-7290-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.7CVSS6.7AI score0.01103EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/02/25 12:0 a.m.14 views

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS : Rails vulnerabilities (USN-7290-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7290-1 advisory. It was discovered that Rails did not correctly handle parsing block formats in email service layers. An attacker coul...

8.7CVSS6.1AI score0.01103EPSS
Exploits0References5
OPENSUSE Linux
OPENSUSE Linux
added 2024/11/08 12:0 a.m.5 views

ruby3.3-rubygem-actionmailer-7.0-7.0.8.6-1.1 on GA media (moderate)

ruby3.3-rubygem-actionmailer-7.0-7.0.8.6-1.1 on GA media Announcement ID: openSUSE-SU-2024:14471-1 Rating: moderate Cross-References: CVE-2024-47889 CVSS scores: CVE-2024-47889 SUSE : 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: openSUSE Tumbleweed An update that solves one...

5.9CVSS5.6AI score0.00944EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/11/02 12:0 a.m.13 views

SUSE SLES15 Security Update : rubygem-actionmailer-5_1 (SUSE-SU-2024:3878-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2024:3878-1 advisory. - CVE-2024-47889: Fixed Possible ReDoS vulnerability in blockformat in Action Mailer bsc1231723. Tenable has extracted the preceding description block...

8.7CVSS6.1AI score0.00944EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/10/18 12:0 a.m.23 views

actionmailer Ruby Library 3.x < 6.1.7.9 / 7.0.x < 7.0.8.5 / 7.1.x < 7.1.4.1 / 7.2.x < 7.2.1.1 DoS (CVE-2024-47889)

The version of the actionmailer Ruby library installed on the remote host is 3.x prior to 6.1.7.9, 7.0.x prior to 7.0.8.5, 7.1.x prior to 7.1.4.1 or 7.2.x prior to 7.2.1.1. It is, therefore, affected by a denial of service DoS vulnerability. The vulnerability lies in the blockformat helper of...

8.7CVSS6.4AI score0.00944EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2024/10/16 9:15 p.m.12 views

CVE-2024-47889

Action Mailer is a framework for designing email service layers. Starting in version 3.0.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1, there is a possible ReDoS vulnerability in the blockformat helper in Action Mailer. Carefully crafted text can cause the blockformat helper to...

8.7CVSS6.4AI score0.00944EPSS
Exploits0References7
OSV
OSV
added 2024/10/15 11:35 p.m.15 views

GHSA-H47H-MWP9-C6Q6 Possible ReDoS vulnerability in block_format in Action Mailer

There is a possible ReDoS vulnerability in the blockformat helper in Action Mailer. This vulnerability has been assigned the CVE identifier CVE-2024-47889. Impact ------ Carefully crafted text can cause the blockformat helper to take an unexpected amount of time, possibly resulting in a DoS...

8.7CVSS5.3AI score0.00944EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2024/10/15 11:35 p.m.22 views

Possible ReDoS vulnerability in block_format in Action Mailer

There is a possible ReDoS vulnerability in the blockformat helper in Action Mailer. This vulnerability has been assigned the CVE identifier CVE-2024-47889. Impact ------ Carefully crafted text can cause the blockformat helper to take an unexpected amount of time, possibly resulting in a DoS...

8.7CVSS9.3AI score0.00944EPSS
Exploits0References3Affected Software1
RubySec
RubySec
added 2024/10/15 12:0 a.m.16 views

Possible ReDoS vulnerability in block_format in Action Mailer

There is a possible ReDoS vulnerability in the blockformat helper in Action Mailer. This vulnerability has been assigned the CVE identifier CVE-2024-47889. Impact Carefully crafted text can cause the blockformat helper to take an unexpected amount of time, possibly resulting in a DoS vulnerabilit...

8.7CVSS6.9AI score0.00944EPSS
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2024/10/15 12:0 a.m.30 views

Possible ReDoS vulnerability in block_format in Action Mailer

There is a possible ReDoS vulnerability in the blockformat helper in Action Mailer. This vulnerability has been assigned the CVE identifier CVE-2024-47889. Impact ------ Carefully crafted text can cause the blockformat helper to take an unexpected amount of time, possibly resulting in a DoS...

8.7CVSS9.3AI score0.00944EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder