ruby:3.3 security update

ruby 3.3.10-5 - Upgrade to Ruby 3.3.10. Resolves: RHEL-127912 - Fix possible denial of service in resolv gem CVE-2025-24294 - Fix URI Credential Leakage Bypass previous fixes. CVE-2025-61594 - Fix REXML denial of service. CVE-2025-58767 Resolves: RHEL-122015 rubygem-mysql2 rubygem-pg...

Fedora: Security Advisory (FEDORA-2025-5805ed7a8f)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 43 : ruby (2025-28a9cec027)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-28a9cec027 advisory. - Upgrade to Ruby 3.4.7. - Fix URI Credential Leakage Bypass previous fixes. Resolves: CVE-2025-61594 - Fix REXML denial of service. Resolves:...

Fedora: Security Advisory (FEDORA-2025-b10099f608)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 41 : ruby (2025-b10099f608)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-b10099f608 advisory. Upgrade to Ruby 3.3.10. CVE-2025-58767 ruby: REXML denial of service rhbz2396203 Tenable has extracted the preceding description block directly from...

EUVD-2018-0191

Malware in sbrugna...

ruby:3.3 security update

ruby 3.3.8-4 - Upgrade to Ruby 3.3.8. Resolves: RHEL-68632 - Fix Net::IMAP vulnerable to possible DoS by memory exhaustion. CVE-2025-25186 - Fix Denial of Service in CGI::Cookie.parse. CVE-2025-27219 - Fix userinfo leakage in URIjoin, URImerge and URI+. CVE-2025-27221 rubygem-abrt 0.4.0-1 - Updat...

Regular Expression Denial of Service (ReDoS)

Overview Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS through the blockformat helper. An attacker can craft specific input that triggers inefficient regular expression evaluation, causing the application to consume excessive resources and...

Regular Expression Denial of Service (ReDoS)

Overview actiontext is a package to edit and display rich text in Rails applications. Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS through the plaintextforblockquotenode helper function due to the usage of an insecure regular expression. By...

SUSE-SU-2024:0076-1 Security update for hawk2

This update for hawk2 fixes the following issues: - Fixed HttpOnly secure flag by default bsc1216508. - Fixed CSRF in errorscontroller.rb protection bsc1216571. Update to version 2.6.4+git.1702030539.5fb7d91b: - Fix mime type issue in MS windows bsc1215438 - Parametrize CORS...