6 matches found
MiracleLinux 7 : rh-ruby27-ruby-2.7.4-130.el7 (AXSA:2021-2423:02)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2423:02 advisory. rubygem-bundler: Dependencies of gems with explicit source may be installed from a different source CVE-2020-36327 rubygem-rdoc: Command injection...
MiracleLinux 8 : ruby:2.5 (AXSA:2022-3087:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3087:01 advisory. rubygem-rdoc: Command injection vulnerability in RDoc CVE-2021-31799 ruby: FTP PASV command response can cause Net::FTP to connect to arbitrary host...
SUSE-SU-2022:1512-1 Security update for ruby2.5
This update for ruby2.5 fixes the following issues: - CVE-2022-28739: Fixed a buffer overrun in String-to-Float conversion bsc1198441. - CVE-2021-41817: Fixed a regular expression denial of service in Date Parsing Methods bsc1193035. - CVE-2021-32066: Fixed a StartTLS stripping vulnerability in...
RHEL 8 : ruby:2.6 (RHSA-2022:0581)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:0581 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system...
ruby:2.7 security update
ruby 2.7.4-137 - Upgrade to Ruby 2.7.4. - Fix command injection vulnerability in RDoc. Resolves: rhbz1986768 - Fix FTP PASV command response can cause Net::FTP to connect to arbitrary host. Resolves: rhbz1986812 - Fix StartTLS stripping vulnerability in Net::IMAP. Resolves: rhbz1986813 - Upgrade ...
OpenJDK: FTP PASV command response can cause FtpClient to connect to arbitrary host (Networking, 8258432)
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Networking. Supported versions that are affected are Java SE: 7u301, 8u291, 11.0.11, 16.0.1; Oracle GraalVM Enterprise Edition: 20.3.2 and 21.1.0. Difficult to exploit vulnerability allows...