Lucene search
K

7 matches found

Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.21 views

RHEL 6 : ruby (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - ruby: Command injection vulnerability in Net::FTP CVE-2017-17405 - ruby: OpenSSL::X509::Name equality che...

9.8CVSS8.4AI score0.73927EPSS
Exploits10References18
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.43 views

RHEL 5 : ruby (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - ruby: Command injection vulnerability in Net::FTP CVE-2017-17405 - ruby: OpenSSL::X509::Name equality che...

9.8CVSS8.4AI score0.73927EPSS
Exploits12References20
Cvelist
Cvelist
added 2017/03/29 2:0 p.m.46 views

CVE-2009-5147

DL::dlopen in Ruby 1.8, 1.9.0, 1.9.2, 1.9.3, 2.0.0 before patchlevel 648, and 2.1 before 2.1.8 opens libraries with tainted names...

7.3AI score0.07766EPSS
Exploits0References6
Amazon
Amazon
added 2016/01/18 12:0 a.m.37 views

Low: ruby19, ruby20, ruby21, ruby22

Issue Overview: DL::dlopen could open a library with tainted library name even if $SAFE 0. Affected Packages: ruby19, ruby20, ruby21, ruby22 Issue Correction: Run yum update ruby19 or yum update --advisory ALAS-2016-632 to update your system. Run yum update ruby20 or yum update --advisory...

8.4CVSS8.1AI score0.005EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2015/08/27 12:0 a.m.29 views

Debian DLA-300-1 : ruby1.9.1 security update

'sheepman' fixed a vulnerability in Ruby 1.9.1: DL::dlopen could open a library with tainted name even if $SAFE 0. For Debian 6 'Squeeze', this issue has been fixed in ruby1.9.1 1.9.2.0-2+deb6u7 NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA...

7.5CVSS6.7AI score0.07766EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2015/08/27 12:0 a.m.32 views

Debian DLA-299-1 : ruby1.8 security update

'sheepman' fixed a vulnerability in Ruby 1.8: DL::dlopen could open a library with tainted name even if $SAFE 0. For Debian 6 'Squeeze', this issue has been fixed in ruby1.8 1.8.7.302-2squeeze5. NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA...

7.5CVSS6.7AI score0.07766EPSS
Exploits0References3
RubySec
RubySec
added 2009/05/12 12:0 a.m.28 views

Ruby DL::dlopen could open a library with tainted library name even if $SAFE > 0

DL::dlopen could open a library with tainted library name even if $SAFE 0...

7.5CVSS1.9AI score0.07766EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder