81 matches found
Important: Red Hat Security Advisory: Satellite 6.16.8 Async Update
An update is now available for Red Hat Satellite 6.16 for RHEL 8 and RHEL 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
There is an OS command injection vulnerability in Ruby Rake < 12.3.3 in Rake::FileList when supplying a filename that begins with the pipe character `|`.
...
EUVD-2020-0305
Malware in sbrugna...
EUVD-2023-50476
Malicious code in bioql PyPI...
MAL-2024-6894 Malicious code in fig-rake (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in fig-rake (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in dot-rake_tasks_in_rails (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in cucumber-rake_runner (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in cordova_rake (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in capistrano_runit-rake (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-6815 Malicious code in capistrano_runit-rake (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
CVE-2023-46241
discourse-microsoft-auth is a plugin that enables authentication via Microsoft. On sites with the discourse-microsoft-auth plugin enabled, an attack can potentially take control of a victim's Discourse account. Sites that have configured their application's account type to any options other than...
Design/Logic Flaw
discourse-microsoft-auth is a plugin that enables authentication via Microsoft. On sites with the discourse-microsoft-auth plugin enabled, an attack can potentially take control of a victim's Discourse account. Sites that have configured their application's account type to any options other than...
CVE-2023-46241 Potential account take over due to unverified emails from Microsoft Identity Platform
discourse-microsoft-auth is a plugin that enables authentication via Microsoft. On sites with the discourse-microsoft-auth plugin enabled, an attack can potentially take control of a victim's Discourse account. Sites that have configured their application's account type to any options other than...
CVE-2023-46241 Potential account take over due to unverified emails from Microsoft Identity Platform
discourse-microsoft-auth is a plugin that enables authentication via Microsoft. On sites with the discourse-microsoft-auth plugin enabled, an attack can potentially take control of a victim's Discourse account. Sites that have configured their application's account type to any options other than...
OESA-2023-1627 rubygem-railties security update
Rails internals: application bootup, plugins, generators, and rake tasks. Railties is responsible to glue all frameworks together. Overall, it: handles all the bootstrapping process for a Rails application; manages rails command line interface; provides Rails generators core; Security Fixes:...
[SECURITY] Fedora 37 Update: rubygem-railties-7.0.4.3-1.fc37
Rails internals: application bootup, plugins, generators, and rake tasks. Railties is responsible to glue all frameworks together. Overall, it: handles all the bootstrapping process for a Rails application; manages rails command line interface; provides Rails generators core;...
[SECURITY] Fedora 38 Update: rubygem-railties-7.0.4.3-1.fc38
Rails internals: application bootup, plugins, generators, and rake tasks. Railties is responsible to glue all frameworks together. Overall, it: handles all the bootstrapping process for a Rails application; manages rails command line interface; provides Rails generators core;...
SUSE CVE-2020-8130
There is an OS command injection vulnerability in Ruby Rake 12.3.3 in Rake::FileList when supplying a filename that begins with the pipe character |...
SUSE: Security Advisory (SUSE-SU-2022:3212-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...