Lucene search
K

119 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/19 12:0 a.m.10 views

AlmaLinux 10 : ruby (ALSA-2026:18065)

The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:18065 advisory. erb: ERB: Arbitrary code execution via deserialization bypass CVE-2026-41316 Tenable has extracted the preceding description block directly from the AlmaLinux...

8.1CVSS6.2AI score0.01131EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/05/19 12:0 a.m.9 views

RockyLinux 9 : ruby (RLSA-2026:18039)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:18039 advisory. erb: ERB: Arbitrary code execution via deserialization bypass CVE-2026-41316 Tenable has extracted the preceding description block directly from the RockyLinux...

8.1CVSS6.3AI score0.01131EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/05/19 12:0 a.m.12 views

AlmaLinux 9 : ruby (ALSA-2026:18039)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:18039 advisory. erb: ERB: Arbitrary code execution via deserialization bypass CVE-2026-41316 Tenable has extracted the preceding description block directly from the AlmaLinux...

8.1CVSS6.3AI score0.01131EPSS
Exploits0References3
OSV
OSV
added 2026/05/18 6:3 p.m.10 views

RLSA-2026:18030 Important: ruby:3.3 security update

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fixes: erb: ERB: Arbitrary code execution via deserialization bypass CVE-2026-41316 For more details about the security issues, including...

8.1CVSS6.2AI score0.01131EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/05/18 1:12 p.m.14 views

Important: Red Hat Security Advisory: ruby:3.3 security update

An update for the ruby:3.3 module is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.1CVSS6.2AI score0.01131EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/05/18 12:50 p.m.14 views

Important: Red Hat Security Advisory: ruby security update

An update for ruby is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

8.1CVSS6.2AI score0.01131EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/05/18 12:50 p.m.14 views

erb: ERB: Arbitrary code execution via deserialization bypass

A flaw was found in ERB, a templating system for Ruby. An attacker who can trigger deserialization of untrusted data in a Ruby application can bypass existing protections. This vulnerability allows for arbitrary code execution by exploiting specific public methods that evaluate template source...

8.1CVSS6.3AI score0.01131EPSS
Exploits0References5
Oracle linux
Oracle linux
added 2026/05/18 12:0 a.m.14 views

ruby security update

3.3.10-12 - Fix arbitrary code execution via deserialization bypass in ERB. CVE-2026-41316 Resolves: RHEL-171244...

8.1CVSS6.3AI score0.01131EPSS
Exploits0
AlmaLinux
AlmaLinux
added 2026/05/18 12:0 a.m.12 views

Important: ruby security update

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fixes: erb: ERB: Arbitrary code execution via deserialization bypass CVE-2026-41316 For more details about the security issues, including...

8.1CVSS6.2AI score0.01131EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/18 12:0 a.m.11 views

Oracle Linux 10 : ruby (ELSA-2026-18065)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-18065 advisory. 3.3.10-12 - Fix arbitrary code execution via deserialization bypass in ERB. CVE-2026-41316 Resolves: RHEL-171244 Tenable has extracted the preceding descripti...

8.1CVSS6.4AI score0.01131EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/18 12:0 a.m.11 views

RHEL 9 : ruby (RHSA-2026:18039)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:18039 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management task...

8.1CVSS6.2AI score0.01131EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/18 12:0 a.m.8 views

RHEL 10 : ruby (RHSA-2026:18065)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:18065 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management...

8.1CVSS6.2AI score0.01131EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/18 12:0 a.m.9 views

RHEL 9 : ruby:3.3 (RHSA-2026:18030)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:18030 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management task...

8.1CVSS6.2AI score0.01131EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/18 12:0 a.m.10 views

RockyLinux 9 : ruby:3.3 (RLSA-2026:18030)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:18030 advisory. erb: ERB: Arbitrary code execution via deserialization bypass CVE-2026-41316 Tenable has extracted the preceding description block directly from the RockyLinux...

8.1CVSS6.3AI score0.01131EPSS
Exploits0References3
Amazon
Amazon
added 2026/05/15 12:0 a.m.11 views

Important: ruby3.4

Issue Overview: ERB is a templating system for Ruby. Ruby 2.7.0 before ERB 2.2.0 was published on rubygems.org introduced an @init instance variable guard in ERBresult and ERBrun to prevent code execution when an ERB object is reconstructed via Marshal.load deserialization. However, three other...

8.1CVSS6.2AI score0.01131EPSS
Exploits0
Amazon
Amazon
added 2026/05/14 12:0 a.m.17 views

Important: ruby

Issue Overview: ERB is a templating system for Ruby. Ruby 2.7.0 before ERB 2.2.0 was published on rubygems.org introduced an @init instance variable guard in ERBresult and ERBrun to prevent code execution when an ERB object is reconstructed via Marshal.load deserialization. However, three other...

8.1CVSS6.2AI score0.01131EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/05/14 12:0 a.m.10 views

Amazon Linux 2 : ruby, --advisory ALAS2-2026-3284 (ALAS-2026-3284)

The version of ruby installed on the remote host is prior to 2.0.0.648-36. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3284 advisory. ERB is a templating system for Ruby. Ruby 2.7.0 before ERB 2.2.0 was published on rubygems.org introduced an @init instance...

8.1CVSS6AI score0.01131EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/14 12:0 a.m.9 views

TencentOS Server 4: ruby (TSSA-2026:0297)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0297 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

8.1CVSS6.1AI score0.01131EPSS
Exploits0References2
OSV
OSV
added 2026/05/09 12:33 p.m.8 views

OESA-2026-2263 ruby security update

Ruby is a fast and easy interpreted scripting language for object-oriented programming. It has many functions for processing text Files and perform system management tasks such as Perl. Security Fixes: ERB is a templating system for Ruby. Ruby 2.7.0 before ERB 2.2.0 was published on rubygems.org...

8.1CVSS6.1AI score0.01131EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/09 12:0 a.m.6 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: ruby (UTSA-2026-016801)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016801 advisory. ERB is a templating system for Ruby. Ruby 2.7.0 before ERB 2.2.0 was published on rubygems.org introduced an @init instance variable guard in ERBresult and ERBrun to...

8.1CVSS6AI score0.01131EPSS
Exploits0References4
Rows per page
Query Builder