Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2025-1941)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2025-1967)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Medium: ruby

Issue Overview: Ruby WEBrick readheader HTTP Request Smuggling Vulnerability. This vulnerability allows remote attackers to smuggle arbitrary HTTP requests on affected installations of Ruby WEBrick. This issue is exploitable when the product is deployed behind an HTTP proxy that fulfills specific...

OPENSUSE-SU-2025:15382-1 ruby3.4-rubygem-thor-1.4.0-1.1 on GA media

These are all security issues fixed in the ruby3.4-rubygem-thor-1.4.0-1.1 package on the GA media of openSUSE Tumbleweed...

GHSA-XH69-987W-HRP8 vulnerabilities

Vulnerabilities for packages: jruby, ruby...

Directory Traversal

Overview measured is a package containing wrapper objects which encapsulate measurements and their associated units in Ruby. Affected versions of this package are vulnerable to Directory Traversal when initializing the Measured::Cache::Json class. An attacker can access arbitrary files by supplyi...

CVE-2025-6442 affecting package ruby for versions less than 3.3.5-4

CVE-2025-6442 affecting package ruby for versions less than 3.3.5-4. A patched version of the package is available...

CVE-2024-39908 affecting package ruby for versions less than 3.1.7-1

CVE-2024-39908 affecting package ruby for versions less than 3.1.7-1. An upgraded version of the package is available that resolves this issue...

Security Bulletin: IBM Cloud Pak for Data is vulnerable to multiple Vulnerabilities due to Ruby package

Summary Potential vulnerabilities in Ruby package has been identified that may affect IBM Cloud Pak for Data. Refer to details for additional information. Vulnerability Details CVEID:CVE-2020-10663 DESCRIPTION: The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through...

Photon OS 4.0: Ruby PHSA-2025-4.0-0813

An update of the ruby package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-4.0-0813. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2025-1642)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Important Photon OS Security Update - PHSA-2025-4.0-0813

Updates of 'ruby', 'systemd' packages of Photon OS have been released...

Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2025-1625)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2024-cfcd6258fa)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2024-8a931e76d2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2022-45301

Insecure permissions in Chocolatey Ruby package v3.1.2.1 and below grants all users in the Authenticated Users group write privileges for the path C:\tools\ruby31 and all files located in that folder...

ruby3.4-rubygem-websocket-extensions-0.1.5-1.22 on GA media (moderate)

ruby3.4-rubygem-websocket-extensions-0.1.5-1.22 on GA media Announcement ID: openSUSE-SU-2025:15130-1 Rating: moderate Cross-References: CVE-2020-7663 CVSS scores: CVE-2020-7663 SUSE : 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L Affected Products: openSUSE Tumbleweed An update that solves on...

OPENSUSE-SU-2025:15120-1 ruby3.4-rubygem-loofah-2.23.1-1.3 on GA media

These are all security issues fixed in the ruby3.4-rubygem-loofah-2.23.1-1.3 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2025:15125-1 ruby3.4-rubygem-rails-html-sanitizer-1.6.0-1.7 on GA media

These are all security issues fixed in the ruby3.4-rubygem-rails-html-sanitizer-1.6.0-1.7 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2025:15126-1 ruby3.4-rubygem-rubyzip-2.3.2-1.17 on GA media

These are all security issues fixed in the ruby3.4-rubygem-rubyzip-2.3.2-1.17 package on the GA media of openSUSE Tumbleweed...