451 matches found
OPENSUSE-SU-2024:11348-1 ruby2.7-rubygem-rails-6.0-6.0.4-1.2 on GA media
These are all security issues fixed in the ruby2.7-rubygem-rails-6.0-6.0.4-1.2 package on the GA media of openSUSE Tumbleweed...
ruby: RCE vulnerability with .rdoc_options in RDoc
A flaw was found in Rubygem RDoc. When parsing .rdocoptions used for configuration in RDoc as a YAML file there are no restrictions on the classes that can be restored. This issue may lead to object injection, resulting in remote code execution...
CVE-2024-36078
In Zammad before 6.3.1, a Ruby gem bundled by Zammad is installed with world-writable file permissions. This allowed a local attacker on the server to modify the gem's files, injecting arbitrary code into Zammad processes which run with the environment and permissions of the Zammad user...
CVE-2024-36078
The CVE-2024-36078 issue affects Zammad prior to 6.3.1, where a bundled Ruby gem is installed with world-writable permissions. This enables a local attacker on the server to modify the gem’s files and inject arbitrary code into Zammad processes running under the Zammad user’s environment, potenti...
PT-2024-26886 · Zammad · Zammad
Name of the Vulnerable Software and Affected Versions: Zammad versions prior to 6.3.1 Description: A Ruby gem bundled by Zammad is installed with world-writable file permissions, allowing a local attacker on the server to modify the gem's files and inject arbitrary code into Zammad processes. The...
DEBIAN-CVE-2024-35176
REXML is an XML toolkit for Ruby. The REXML gem before 3.2.6 has a denial of service vulnerability when it parses an XML that has many s in an attribute value. Those who need to parse untrusted XMLs may be impacted to this vulnerability. The REXML gem 3.2.7 or later include the patch to fix this...
rubygem-rack: Denial of Service Vulnerability in Rack Content-Type Parsing
A denial of service DoS vulnerability was found in rubygem-rack in how it parses Content-Type. Carefully crafted content type headers can cause Rack’s media type parser to take much longer than expected, leading to a possible denial of service vulnerability...
TurboBoost Commands vulnerable to arbitrary method invocation
Impact TurboBoost Commands has existing protections in place to guarantee that only public methods on Command classes can be invoked; however, the existing checks aren't as robust as they should be. It's possible for a sophisticated attacker to invoke more methods than should be permitted dependi...
json-jwt gem for Ruby Security Vulnerability
The json-jwt gem for Ruby is a Ruby-based JSON Web token. A security vulnerability exists in version 1.16.3 of the json-jwt gem for Ruby, which stems from a vulnerability that allows identity checks to be bypassed via a signature/cryptographic obfuscation attack...
CVE-2024-27456
An insecure file permission flaw was found in rack-cors. The permissions for .rb files distributed with rack-cors ruby gem are set to 0666 by default, which may allow users with low privileges to edit files. This issue impacts integrity, confidentiality, and availability...
rubygem-activerecord: SQL Injection
A flaw was found in RubyGem's activerecord gem, which is vulnerable to SQL injection. This flaw allows a remote attacker to send specially-crafted SQL statements to the comments, allowing the attacker to view, add, modify, or delete information in the back-end database...
rubygem-rack: Denial of service in Multipart MIME parsing
A flaw was found in rubygem-rack. This issue occurs in the Multipart MIME parsing code in Rack, which limits the number of file parts but does not limit the total number of parts that can be uploaded. Carefully crafted requests can abuse this and cause multipart parsing to take longer than...
AZL-27830 CVE-2023-38697 affecting package rubygem-protocol-http1 for versions less than 0.15.1-1
protocol-http1 provides a low-level implementation of the HTTP/1 protocol. RFC 9112 Section 7.1 defined the format of chunk size, chunk data and chunk extension. The value of Content-Length header should be a string of 0-9 digits, the chunk size should be a string of hex digits and should split...
Malicious code in systemd-daemon (RubyGems)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 41aacbd733d26afad7933e31f87d51fa0d748969082bd229cc90b3bdbf2d7b9b The OpenSSF Package Analysis project identified 'systemd-daemon' @ 0.0.1 rubygems as malicious. It is considered malicious because: - The packag...
CentOS 8 : ruby:2.7 (CESA-2023:3821)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2023:3821 advisory. - The cgi gem before 0.1.0.2, 0.2.x before 0.2.2, and 0.3.x before 0.3.5 for Ruby allows HTTP response splitting. This is relevant to applications that...
DEBIAN-CVE-2015-20108
xmlsecurity.rb in the ruby-saml gem before 1.0.0 for Ruby allows XPath injection and code execution because prepared statements are not used...
rubygem-rack: Denial of service in Multipart MIME parsing
A flaw was found in rubygem-rack. This issue occurs in the Multipart MIME parsing code in Rack, which limits the number of file parts but does not limit the total number of parts that can be uploaded. Carefully crafted requests can abuse this and cause multipart parsing to take longer than...
SUSE CVE-2013-2119
Phusion Passenger gem before 3.0.21 and 4.0.x before 4.0.5 for Ruby allows local users to cause a denial of service prevent application start or gain privileges by pre-creating a temporary "config" file in a directory with a predictable name in /tmp/ before it is used by the gem...
SUSE CVE-2013-4136
ext/common/ServerInstanceDir.h in Phusion Passenger gem before 4.0.6 for Ruby allows local users to gain privileges or possibly change the ownership of arbitrary directories via a symlink attack on a directory with a predictable name in /tmp/...
SUSE CVE-2013-4562
The omniauth-facebook gem 1.4.1 before 1.5.0 does not properly store the session parameter, which allows remote attackers to conduct cross-site request forgery CSRF attacks via the state parameter...