684 matches found
Malicious code in activerecord-msgpack-serializer (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in activerecord-pluck-in_batches (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in activerecord-json_validator (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in activerecord-forbid-implicit_connection_checkout (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in activemodel-ipaddr-validator (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in active_model-email-validator (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in active-model_serializers_matchers (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in active-model_serializers_cancancan (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in active-model_serializers-hash_wrapper (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in active-admin_filters_visibility (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in actionmailer-inline_css (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in abbyy_ruby (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in a1510jy-bmi (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
OPENSUSE-SU-2024:11324-1 ruby2.7-rubygem-activemodel-5.2-5.2.6-1.2 on GA media
These are all security issues fixed in the ruby2.7-rubygem-activemodel-5.2-5.2.6-1.2 package on the GA media of openSUSE Tumbleweed...
OPENSUSE-SU-2024:11348-1 ruby2.7-rubygem-rails-6.0-6.0.4-1.2 on GA media
These are all security issues fixed in the ruby2.7-rubygem-rails-6.0-6.0.4-1.2 package on the GA media of openSUSE Tumbleweed...
OPENSUSE-SU-2024:11320-1 ruby2.7-rubygem-actionview-5.2-5.2.6-1.2 on GA media
These are all security issues fixed in the ruby2.7-rubygem-actionview-5.2-5.2.6-1.2 package on the GA media of openSUSE Tumbleweed...
OPENSUSE-SU-2024:11314-1 ruby2.7-rubygem-actionmailbox-6.0-6.0.4-1.2 on GA media
These are all security issues fixed in the ruby2.7-rubygem-actionmailbox-6.0-6.0.4-1.2 package on the GA media of openSUSE Tumbleweed...
ruby: RCE vulnerability with .rdoc_options in RDoc
A flaw was found in Rubygem RDoc. When parsing .rdocoptions used for configuration in RDoc as a YAML file there are no restrictions on the classes that can be restored. This issue may lead to object injection, resulting in remote code execution...
CVE-2024-35221 Denial of service when publishing a package on rubygems.org
Rubygems.org is the Ruby community's gem hosting service. A Gem publisher can cause a Remote DoS when publishing a Gem. This is due to how Ruby reads the Manifest of Gem files when using Gem::Specification.fromyaml. fromyaml makes use of SafeYAML.load which allows YAML aliases inside the YAML-bas...
rubygem-rack: Possible DoS Vulnerability with Range Header in Rack
A denial of service DoS vulnerability was found in rubygem-rack in how it parses Range Header. Carefully crafted range headers can cause a server to respond with an unexpectedly large response. Responding with large responses could lead to a denial of service issue...