Lucene search
+L

8 matches found

Tenable Nessus
Tenable Nessus
added 2024/10/09 12:0 a.m.22 views

EulerOS 2.0 SP12 : ruby (EulerOS-SA-2024-2517)

According to the versions of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Rubygems.org is the Ruby community's gem hosting service. A Gem publisher can cause a Remote DoS when publishing a Gem. This is due to how Ruby read...

4.3CVSS6.5AI score0.00494EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/10/09 12:0 a.m.19 views

EulerOS 2.0 SP12 : ruby (EulerOS-SA-2024-2542)

According to the versions of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Rubygems.org is the Ruby community's gem hosting service. A Gem publisher can cause a Remote DoS when publishing a Gem. This is due to how Ruby read...

4.3CVSS6.5AI score0.00494EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2024/10/09 12:0 a.m.18 views

Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2024-2568)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.6CVSS5.1AI score0.02064EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2024/09/12 12:0 a.m.24 views

EulerOS 2.0 SP10 : ruby (EulerOS-SA-2024-2452)

According to the versions of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An issue was discovered in Ruby 3.x through 3.3.0. If attacker-supplied data is provided to the Ruby regex compiler, it is possible to extract...

6.6CVSS7.6AI score0.00629EPSS
Exploits0References3
NVD
NVD
added 2024/05/29 9:15 p.m.24 views

CVE-2024-35221

Rubygems.org is the Ruby community's gem hosting service. A Gem publisher can cause a Remote DoS when publishing a Gem. This is due to how Ruby reads the Manifest of Gem files when using Gem::Specification.fromyaml. fromyaml makes use of SafeYAML.load which allows YAML aliases inside the YAML-bas...

4.3CVSS4.6AI score0.00494EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/05/29 8:18 p.m.25 views

CVE-2024-35221 Denial of service when publishing a package on rubygems.org

Rubygems.org is the Ruby community's gem hosting service. A Gem publisher can cause a Remote DoS when publishing a Gem. This is due to how Ruby reads the Manifest of Gem files when using Gem::Specification.fromyaml. fromyaml makes use of SafeYAML.load which allows YAML aliases inside the YAML-bas...

4.3CVSS7AI score0.00494EPSS
Exploits0References3
CVE
CVE
added 2024/05/29 8:18 p.m.86 views

CVE-2024-35221

CVE-2024-35221 targets Rubygems.org’s gem publishing workflow. A Gem publisher could trigger a Remote DoS by publishing a Gem whose metadata is parsed with Gem::Specification.from_yaml, which uses SafeYAML.load and permits YAML aliases, enabling YAML-bomb style DoS. The issue is documented as pat...

4.3CVSS4.5AI score0.00494EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/05/29 8:18 p.m.63 views

CVE-2024-35221 Denial of service when publishing a package on rubygems.org

Rubygems.org is the Ruby community's gem hosting service. A Gem publisher can cause a Remote DoS when publishing a Gem. This is due to how Ruby reads the Manifest of Gem files when using Gem::Specification.fromyaml. fromyaml makes use of SafeYAML.load which allows YAML aliases inside the YAML-bas...

4.3CVSS4.6AI score0.00494EPSS
Exploits0References3
Rows per page
Query Builder