82 matches found
SUSE: Security Advisory (SUSE-SU-2022:3212-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2022:3212-1 Security update for rubygem-rake
This update for rubygem-rake fixes the following issues: - CVE-2020-8130: Fixed a command injection when supplying a filename that began with the pipe character bsc1164804...
Fedora: Security Advisory for golang-github-magefile-mage (FEDORA-2022-ea8f4e232d)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 35 Update: golang-github-magefile-mage-1.11.0-5.fc35
A Make/rake-like dev tool using Go...
Fedora: Security Advisory for golang-github-magefile-mage (FEDORA-2022-fae3ecee19)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
EulerOS 2.0 SP9 : ruby (EulerOS-SA-2022-1016)
According to the versions of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - There is an OS command injection vulnerability in Ruby Rake 12.3.3 in Rake::FileList when supplying a filename that begins with the pipe character...
EulerOS 2.0 SP9 : ruby (EulerOS-SA-2022-1036)
According to the versions of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - There is an OS command injection vulnerability in Ruby Rake 12.3.3 in Rake::FileList when supplying a filename that begins with the pipe character...
Mageia: Security Advisory (MGASA-2020-0121)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
rake: OS Command Injection via egrep in Rake::FileList
There is an OS command injection vulnerability in Ruby Rake 12.3.3 in Rake::FileList when supplying a filename that begins with the pipe character |...
[SECURITY] Fedora 34 Update: rubygem-railties-6.1.2.1-2.fc34
Rails internals: application bootup, plugins, generators, and rake tasks. Railties is responsible to glue all frameworks together. Overall, it: handles all the bootstrapping process for a Rails application; manages rails command line interface; provides Rails generators core;...
The vulnerability of the Rake::FileList class implementation in the Rake tool for automating the compilation of software code allows a attacker to execute arbitrary commands.
The vulnerability of the Rake::FileList class implementation in the Rake tool for automating the compilation of software code is related to the lack of measures taken to eliminate special elements used in operating system commands. Exploiting this vulnerability allows an attacker to execute...
EulerOS Virtualization 3.0.6.6 : ruby (EulerOS-SA-2020-2460)
According to the version of the ruby packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - There is an OS command injection vulnerability in Ruby Rake 12.3.3 in Rake::FileList when supplying a filename that begins with the pi...
[SECURITY] Fedora 33 Update: rubygem-railties-6.0.3.3-1.fc33
Rails internals: application bootup, plugins, generators, and rake tasks. Railties is responsible to glue all frameworks together. Overall, it: handles all the bootstrapping process for a Rails application; manages rails command line interface; provides Rails generators core;...
EulerOS Virtualization for ARM 64 3.0.2.0 : ruby (EulerOS-SA-2020-1955)
According to the versions of the ruby packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through 2.6.5, has an...
EulerOS 2.0 SP5 : ruby (EulerOS-SA-2020-1944)
According to the version of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - There is an OS command injection vulnerability in Ruby Rake 12.3.3 in Rake::FileList when supplying a filename that begins with the pipe character...
Amazon Linux AMI : rubygem24-rake (ALAS-2020-1385)
The version of rubygem24-rake installed on the remote host is prior to 12.0.0-1.49. It is, therefore, affected by a vulnerability as referenced in the ALAS-2020-1385 advisory. There is an OS command injection vulnerability in Ruby Rake 12.3.3 in Rake::FileList when supplying a filename that begin...
Amazon Linux AMI : rubygem-rake (ALAS-2020-1384)
It is, therefore, affected by a vulnerability as referenced in the ALAS-2020-1384 advisory. There is an OS command injection vulnerability in Ruby Rake 12.3.3 in Rake::FileList when supplying a filename that begins with the pipe character |. CVE-2020-8130 Tenable has extracted the preceding...
Medium: rubygem-rake
Issue Overview: There is an OS command injection vulnerability in Ruby Rake 12.3.3 in Rake::FileList when supplying a filename that begins with the pipe character |. CVE-2020-8130 Affected Packages: rubygem-rake Issue Correction: Run yum update rubygem-rake or yum update --advisory ALAS-2020-1384...
Medium: rubygem24-rake
Issue Overview: There is an OS command injection vulnerability in Ruby Rake 12.3.3 in Rake::FileList when supplying a filename that begins with the pipe character |. CVE-2020-8130 Affected Packages: rubygem24-rake Issue Correction: Run yum update rubygem24-rake or yum update --advisory...
Fedora: Security Advisory for rubygem-rake (FEDORA-2020-dc1ae17bb5)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...