ALSA-2024:10860 Important: ruby:3.1 security update

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fixes: rexml: REXML ReDoS vulnerability CVE-2024-49761 For more details about the security issues, including the impact, a CVSS score,...

Malicious code in ruby-lsp (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 23d59cae1de4c2853d318ad10197c82dc6f10fe194854b704b477cc20b271184 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Rails 安全漏洞

Rails is a set of open source web application frameworks based on the Ruby language by the American Rails team. A security vulnerability exists in Rails. An attacker exploited the vulnerability to cause a denial of service on the system...

OESA-2024-2247 ruby security update

Ruby is a fast and easy interpreted scripting language for object-oriented programming. It has many functions for processing text Files and perform system management tasks such as Perl. Security Fixes: An issue was discovered in the WEBrick toolkit through 1.8.1 for Ruby. It allows HTTP request...

The vulnerability of the XML tools for Ruby REXML, related to uncontrolled resource consumption, allows a attacker to cause a service failure.

The vulnerability of the XML tools for Ruby REXML is related to uncontrolled resource consumption. Exploiting this vulnerability can allow a malicious actor to cause service failures...

[SECURITY] [DLA 3858-1] ruby2.7 security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3858-1 [email protected] https://www.debian.org/lts/security/ Sylvain Beucler September 02, 2024 https://wiki.debian.org/LTS -...

OESA-2024-1824 ruby security update

Ruby is a fast and easy interpreted scripting language for object-oriented programming. It has many functions for processing text Files and perform system management tasks such as Perl. Security Fixes: REXML is an XML toolkit for Ruby. The REXML gem before 3.2.6 has a denial of service...

Ruby Programming Language Installed (Linux)

Binary data rubynixinstalled.nbin...

RLSA-2024:3671 Moderate: ruby:3.3 security, bug fix, and enhancement update

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: ruby 3.3. Rocky Linux-37697 Security Fixes: ruby: Buffer overread...

ruby: ReDoS vulnerability in URI

A flaw was found in the rubygem URI. The URI parser mishandles invalid URLs that have specific characters, which causes an increase in execution time parsing strings to URI objects. This may result in a regular expression denial of service ReDoS...

RHEL 8 : ruby:3.1 (RHSA-2024:3546)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3546 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system...

ruby: ReDoS vulnerability in URI

A flaw was found in the rubygem URI. The URI parser mishandles invalid URLs that have specific characters, which causes an increase in execution time parsing strings to URI objects. This may result in a regular expression denial of service ReDoS...

Moderate: ruby:3.0 security update

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fixes: ruby/cgi-gem: HTTP response splitting in CGI CVE-2021-33621 ruby: ReDoS vulnerability in URI CVE-2023-28755 ruby: ReDoS...

OESA-2024-1607 ruby security update

Ruby is a fast and easy interpreted scripting language for object-oriented programming. It has many functions for processing text Files and perform system management tasks such as Perl. Security Fixes: An issue was discovered in Ruby 3.x through 3.3.0. If attacker-supplied data is provided to the...

OESA-2024-1608 ruby security update

Ruby is a fast and easy interpreted scripting language for object-oriented programming. It has many functions for processing text Files and perform system management tasks such as Perl. Security Fixes: An issue was discovered in Ruby 3.x through 3.3.0. If attacker-supplied data is provided to the...

[SECURITY] [DSA 5677-1] ruby3.1 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5677-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 03, 2024 https://www.debian.org/security/faq -...

phlex 安全漏洞

phlex is a framework for building object-oriented views in Ruby. A security vulnerability exists in phlex that stems from a potential cross-site scripting XSS vulnerability...

The vulnerability of the Sanitize::Config::RELAXED component in the Sanitize library for the Ruby programming language allows a hacker to perform cross-site scripting attacks.

The vulnerability of the Sanitize::Config::RELAXED component in the Sanitize library for the Ruby programming language is related to the lack of measures taken to protect the structure of web pages when processing style elements. Exploiting this vulnerability allows a remote attacker to perform...

Moderate: ruby:3.1 security, bug fix, and enhancement update

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: ruby 3.1. AlmaLinux-28565 Security Fixes: ruby/cgi-gem: HTTP response...

The vulnerability of the Rack module in the Ruby programming language involves the use of a regular expression c, which has an inefficient computational cost. This allows attackers to trigger a service failure.

The vulnerability of the Ruby interpreter’s Rack module is related to the incorrect handling of invalid URL addresses. Exploiting this vulnerability can allow a malicious actor to cause service failures...