ruby4.0-rubygem-actionmailer-8.0-8.0.3-1.3 on GA media (moderate)

ruby4.0-rubygem-actionmailer-8.0-8.0.3-1.3 on GA media Announcement ID: openSUSE-SU-2026:10337-1 Rating: moderate Cross-References: CVE-2024-54133 Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can now be installed. Description: These are all security issues fixed ...

OPENSUSE-SU-2026:10362-1 ruby4.0-rubygem-railties-8.0-8.0.3-1.3 on GA media

These are all security issues fixed in the ruby4.0-rubygem-railties-8.0-8.0.3-1.3 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2026:10350-1 ruby4.0-rubygem-jquery-rails-4.6.0-1.9 on GA media

These are all security issues fixed in the ruby4.0-rubygem-jquery-rails-4.6.0-1.9 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2026:10354-1 ruby4.0-rubygem-minitar-0.9-1.21 on GA media

These are all security issues fixed in the ruby4.0-rubygem-minitar-0.9-1.21 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2026:10339-1 ruby4.0-rubygem-actiontext-8.0-8.0.3-1.3 on GA media

These are all security issues fixed in the ruby4.0-rubygem-actiontext-8.0-8.0.3-1.3 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2026:10367-1 ruby4.0-rubygem-web-console-4.2.1-1.9 on GA media

These are all security issues fixed in the ruby4.0-rubygem-web-console-4.2.1-1.9 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2026:10365-1 ruby4.0-rubygem-sprockets-3.7-3.7.5-1.5 on GA media

These are all security issues fixed in the ruby4.0-rubygem-sprockets-3.7-3.7.5-1.5 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2026:10347-1 ruby4.0-rubygem-globalid-1.2.1-1.9 on GA media

These are all security issues fixed in the ruby4.0-rubygem-globalid-1.2.1-1.9 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2026:10341-1 ruby4.0-rubygem-activejob-8.0-8.0.3-1.3 on GA media

These are all security issues fixed in the ruby4.0-rubygem-activejob-8.0-8.0.3-1.3 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2026:10348-1 ruby4.0-rubygem-grpc-1.70.1-1.7 on GA media

These are all security issues fixed in the ruby4.0-rubygem-grpc-1.70.1-1.7 package on the GA media of openSUSE Tumbleweed...

Critical Photon OS Security Update - PHSA-2026-5.0-0777

Updates of 'rubygem-nokogiri' packages of Photon OS have been released...

ROS-20260216-73-0002

Vulnerability in rubygem-activesupport related to incorrect assignment of permissions for a critical resource. Exploitation of the vulnerability could allow an attacker to escalate privileges...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: rubygem-rack (UTSA-2026-005348)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005348 advisory. Rack provides an interface for developing web applications in Ruby. Prior to versions 2.2.13, 3.0.14, and 3.1.12, Rack::Static can serve files under the specified...

AZL-77631 CVE-2026-25765 affecting package rubygem-faraday 2.7.10-1

Faraday is an HTTP client library abstraction layer that provides a common interface over many adapters. Prior to 2.14.1, Faraday's buildexclusiveurl method in lib/faraday/connection.rb uses Ruby's URImerge to combine the connection's base URL with a user-supplied path. Per RFC 3986,...

EulerOS Virtualization 2.10.0 : yajl (EulerOS-SA-2026-1204)

According to the versions of the yajl package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : In the yajl-ruby gem 1.3.0 for Ruby, when a crafted JSON file is supplied to Yajl::Parser.new.parse, the whole ruby process crashes wi...

CVE-2021-33473

An argument injection vulnerability in Dragonfly Ruby Gem v1.3.0 allows attackers to read and write arbitrary files when the verifyurl option is disabled. This vulnerability is exploited via a crafted URL...

CVE-2019-18409

The rubyparser-legacy aka legacy gem 1.0.0 for Ruby allows local privilege escalation because of world-writable files. For example, if the brakeman gem which has a legacy dependency 4.5.0 through 4.7.0 is used, a local user can insert malicious code into the...

Moderate Photon OS Security Update - PHSA-2026-4.0-0942

Updates of 'aws-sdk-cpp', 'rubygem-aws-sdk-s3' packages of Photon OS have been released...

Malicious code in html_scrubber (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

rexml: REXML denial of service

A denial of service flaw has been discovered in the rubygem REXML. Certain input can cause excess cpu usage and given sufficiently large input this can affect program performance...