EUVD-2021-1374

Malware in sbrugna...

EUVD-2021-0941

Malware in sbrugna...

EUVD-2023-1827

Malicious code in bioql PyPI...

EUVD-2023-1038

Malicious code in bioql PyPI...

RockyLinux 9 : ruby (RLSA-2025:4487)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:4487 advisory. CGI: ReDoS in CGI::UtilescapeElement CVE-2025-27220 CGI: Denial of Service in CGI::Cookie.parse CVE-2025-27219 Tenable has extracted the preceding...

NewStart CGSL MAIN 7.02 : ruby Multiple Vulnerabilities (NS-SA-2025-0116)

The remote NewStart CGSL host, running version MAIN 7.02, has ruby packages installed that are affected by multiple vulnerabilities: - A ReDoS issue was discovered in the URI component before 0.12.2 for Ruby. The URI parser mishandles invalid URLs that have specific characters. There is an increa...

TencentOS Server 4: python-pygments (TSSA-2025:0126)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0126 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

TencentOS Server 3: ruby:3.0 (TSSA-2024:0234)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0234 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

Azure Linux 3.0 Security Update: nodejs / python-jinja2 (CVE-2020-28493)

The version of nodejs / python-jinja2 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2020-28493 advisory. - This affects the package jinja2 from 0.0.0 and before 2.11.3. The ReDoS vulnerability is...

Linux Distros Unpatched Vulnerability : CVE-2022-40896

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A ReDoS issue was discovered in pygments/lexers/smithy.py in pygments through 2.15.0 via SmithyLexer. CVE-2022-40896 Note that Nessus relies on the presence of...

RHEL 7 : python3 (RHSA-2025:1750)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:1750 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic dat...

Medium: ruby3.2

Issue Overview: A ReDoS issue was discovered in the URI component before 0.12.2 for Ruby. The URI parser mishandles invalid URLs that have specific characters. There is an increase in execution time for parsing strings to URI objects with rfc2396parser.rb and rfc3986parser.rb. NOTE: this issue...

BIT-RUBY-MIN-2023-28756

A ReDoS issue was discovered in the Time component through 0.2.1 in Ruby through 3.2.1. The Time parser mishandles invalid URLs that have specific characters. It causes an increase in execution time for parsing strings to Time objects. The fixed versions are 0.1.1 and 0.2.2...

RLSA-2024:10850 Important: ruby:2.5 security update

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fixes: rexml: REXML ReDoS vulnerability CVE-2024-49761 For more details about the security issues, including the impact, a CVSS score,...

RHEL 8 : python39:3.9 (RHSA-2024:8504)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:8504 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic dat...

AlmaLinux 8 : ruby:3.1 (ALSA-2024:1431)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:1431 advisory. ruby/cgi-gem: HTTP response splitting in CGI CVE-2021-33621 ruby: ReDoS vulnerability in URI CVE-2023-28755 ruby: ReDoS vulnerability - upstream's...

BIT-RUBY-2023-28756

A ReDoS issue was discovered in the Time component through 0.2.1 in Ruby through 3.2.1. The Time parser mishandles invalid URLs that have specific characters. It causes an increase in execution time for parsing strings to Time objects. The fixed versions are 0.1.1 and 0.2.2...

Fedora 38 : mingw-python-pygments (2024-db87ce2a47)

The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-db87ce2a47 advisory. Update to 2.15.1. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for this...

PT-2024-40224 · Unknown · Nodemailer

Name of the Vulnerable Software and Affected Versions: nodemailer affected versions not specified Description: A ReDoS vulnerability occurs when nodemailer tries to parse img files with the parameter attachDataUrls set, causing the event loop to become stuck. Another flaw was found when nodemaile...

Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2023-2851)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...