CVE-2025-27219 vulnerabilities

Vulnerabilities for packages: ruby, jruby, logstash, elasticsearch...

CVE-2025-27220 vulnerabilities

Vulnerabilities for packages: ruby, logstash, jruby...

GHSA-MHWM-JH88-3GJF vulnerabilities

Vulnerabilities for packages: ruby, logstash, jruby...

GHSA-GH9Q-2XRM-X6QV vulnerabilities

Vulnerabilities for packages: ruby, jruby, logstash, elasticsearch...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : ruby2.5 (SUSE-SU-2025:0736-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:0736-1 advisory. - CVE-2024-47220: Fixed a HTTP request smuggling attack in WEBrick bsc1230930 - CVE-2024-49761:...

GHSA-VVFQ-8HWR-QM4M vulnerabilities

Vulnerabilities for packages: ruby3.2-rails, logstash, ruby3.4-rails, ruby3.3-rails...

EulerOS 2.0 SP11 : ruby (EulerOS-SA-2025-1147)

According to the versions of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : REXML is an XML toolkit for Ruby. The REXML gem before 3.3.9 has a ReDoS vulnerability when it parses an XML that has many digits between and x...; ...

Photon OS 5.0: Ruby PHSA-2025-5.0-0468

An update of the ruby package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0468. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Ubuntu 20.04 LTS : Ruby vulnerabilities (USN-7256-1)

The remote Ubuntu 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7256-1 advisory. It was discovered that Ruby incorrectly handled parsing of an XML document that has specific XML characters in an attribute value using REXML gem. An...

EulerOS 2.0 SP10 : ruby (EulerOS-SA-2025-1014)

According to the versions of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An issue was discovered in the WEBrick toolkit through 1.8.1 for Ruby. It allows HTTP request smuggling by providing both a Content-Length header an...

RHSA-2024:10961 Red Hat Security Advisory: ruby security update

Bulletin has no description...

EulerOS 2.0 SP11 : ruby (EulerOS-SA-2024-2972)

According to the versions of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : REXML is an XML toolkit for Ruby. The REXML gem 3.3.2 has a DoS vulnerability when it parses an XML that has many entity expansions with SAX2 or pul...

USN-7091-2: Ruby vulnerabilities

USN-7091-1 fixed several vulnerabilities in Ruby. This update provides the corresponding update for CVE-2024-35176, CVE-2024-41123, CVE-2024-41946 and CVE-2024-49761 for ruby2.7 in Ubuntu 20.04 LTS. Original advisory details: It was discovered that Ruby incorrectly handled parsing of an XML...

Ubuntu 20.04 LTS : Ruby vulnerabilities (USN-7091-2)

The remote Ubuntu 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7091-2 advisory. USN-7091-1 fixed several vulnerabilities in Ruby. This update provides the corresponding update for ruby2.7 in Ubuntu 20.04 LTS. Tenable has extracted th...

Fedora 41 : ruby (2024-cfcd6258fa)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-cfcd6258fa advisory. Upgrade to Ruby 3.3.5. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

Fedora 37 : ruby (2022-f0f6c6bec2)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-f0f6c6bec2 advisory. Upgrade to Ruby 3.1.3. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

EulerOS 2.0 SP9 : ruby (EulerOS-SA-2024-2838)

According to the versions of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : REXML is an XML toolkit for Ruby. The REXML gem before 3.2.6 has a denial of service vulnerability when it parses an XML that has many s in an...

USN-7091-1: Ruby vulnerabilities

It was discovered that Ruby incorrectly handled parsing of an XML document that has specific XML characters in an attribute value using REXML gem. An attacker could use this issue to cause Ruby to crash, resulting in a denial of service. This issue only affected in Ubuntu 22.04 LTS and Ubuntu 24....

Ubuntu 22.04 LTS / 24.04 LTS / 24.10 : Ruby vulnerabilities (USN-7091-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 24.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7091-1 advisory. It was discovered that Ruby incorrectly handled parsing of an XML document that has specific XML characters in an attribute value usi...

CVE-2024-39908 vulnerabilities

Vulnerabilities for packages: ruby3.3-fluentd-kubernetes-daemonset, jruby, ruby, ruby3.2-rexml, kube-fluentd-operator, ruby3.4-fluentd-kubernetes-daemonset, ruby3.2-fluentd-kubernetes-daemonset, ruby3.1-fluentd-kubernetes-daemonset...