GHSA-6XW4-3V39-52MM vulnerabilities

Vulnerabilities for packages: ruby3.2-rails, ruby3.3-rails, ruby3.2-rack, ruby3.4-rack, ruby4.0-rack, ruby3.4-rails, kube-fluentd-operator, logstash, ruby3.3-rack...

CVE-2025-61780 vulnerabilities

Vulnerabilities for packages: ruby3.2-rails, ruby3.3-rails, ruby3.2-rack, ruby3.4-rack, ruby4.0-rack, ruby3.4-rails, kube-fluentd-operator, logstash, ruby3.3-rack...

GHSA-R657-RXJC-J557 vulnerabilities

Vulnerabilities for packages: kube-fluentd-operator, ruby3.3-rails, logstash, ruby3.4-rails, ruby4.0-rack, ruby3.4-rack, ruby3.2-rails, ruby3.2-rack, ruby3.3-rack...

CVE-2025-61919 vulnerabilities

Vulnerabilities for packages: kube-fluentd-operator, ruby3.3-rails, logstash, ruby3.4-rails, ruby4.0-rack, ruby3.4-rack, ruby3.2-rails, ruby3.2-rack, ruby3.3-rack...

GHSA-P543-XPFM-54CP vulnerabilities

Vulnerabilities for packages: ruby3.2-rails, ruby3.3-rails, ruby3.2-rack, ruby3.4-rack, ruby4.0-rack, ruby3.4-rails, gitlab-cng, logstash, ruby3.3-rack...

CVE-2025-61771 vulnerabilities

Vulnerabilities for packages: ruby3.2-rails, ruby3.3-rails, ruby3.2-rack, ruby3.4-rack, ruby4.0-rack, ruby3.4-rails, gitlab-cng, logstash, ruby3.3-rack...

CVE-2025-61770 vulnerabilities

Vulnerabilities for packages: ruby3.2-rails, ruby3.3-rails, ruby3.2-rack, ruby3.4-rack, ruby4.0-rack, ruby3.4-rails, gitlab-cng, logstash, ruby3.3-rack...

GHSA-47M2-26RW-J2JW vulnerabilities

Vulnerabilities for packages: ruby3.4-rails, ruby3.3-rails, ruby3.2-rails, logstash...

CVE-2025-46727 vulnerabilities

Vulnerabilities for packages: ruby3.3-rails, logstash, ruby3.4-rails, ruby4.0-rack, ruby3.4-rack, ruby3.2-rails, ruby3.2-rack, ruby3.3-rack...

Debian dla-3902 : ruby-rails-html-sanitizer - security update

The remote Debian 11 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-3902 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3902-1 [email protected]...

Debian: Security Advisory (DLA-3566-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian dla-3566 : ruby-rails-html-sanitizer - security update

The remote Debian 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-3566 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3566-1 [email protected]...

Debian: Security Advisory (DLA-3227-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 3227-1] ruby-rails-html-sanitizer security update

----------------------------------------------------------------------- Debian LTS Advisory DLA-3227-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta December 07, 2022 https://wiki.debian.org/LTS -...

Joruri Mail Authorization Issues Vulnerability

Joruri Mail is a set of IMAP e-mail client software written using Ruby/Rails . A security vulnerability exists in Joruri Mail 2.1.4 and earlier versions. An attacker can exploit this vulnerability to spoof arbitrary users and modify or disclose information...

Vulnerability Spotlight: Ruby Rails Gem XSS Vulnerabilities

Vulnerabilities discovered by Zachary Sanchez of Cisco ASIG Overview Talos has discovered two XSS vulnerabilities in Ruby Rails Gems. Rails is a Ruby framework designed to create web services or web pages. Ruby Gems is a package manager for distributing software packages as 'gems'. The two XSS...

Updated ruby-rails and associated packages fix multiple vulnerabilities

Updated ruby-activerecord and ruby-actionpack packages fix security vulnerabilities: There is a data injection vulnerability in Active Record. Specially crafted strings can be used to save data in PostgreSQL array columns that may not be intended CVE-2014-0080. There is an XSS vulnerability in th...