14168 matches found
EulerOS 2.0 SP10 : ruby (EulerOS-SA-2025-1014)
According to the versions of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An issue was discovered in the WEBrick toolkit through 1.8.1 for Ruby. It allows HTTP request smuggling by providing both a Content-Length header an...
CVE-2023-22795 affecting package ruby 2.6.10-1
CVE-2023-22795 affecting package ruby 2.6.10-1. This CVE either no longer is or was never applicable...
SUSE CVE-2025-0306
A vulnerability was found in Ruby. The Ruby interpreter is vulnerable to the Marvin Attack. This attack allows the attacker to decrypt previously encrypted messages or forge signatures by exchanging a large number of messages with the vulnerable service...
ROS-20250110-11
A vulnerability in the Action Pack framework of the Ruby on Rails software platform is related to incorrect validation of the of input data. Exploitation of the vulnerability could allow a remote attacker to bypass certain security restrictions. certain security restrictions...
CVE-2025-0306
A vulnerability was found in Ruby. The Ruby interpreter is vulnerable to the Marvin Attack. This attack allows the attacker to decrypt previously encrypted messages or forge signatures by exchanging a large number of messages with the vulnerable service...
CVE-2025-0306
A vulnerability was found in Ruby. The Ruby interpreter is vulnerable to the Marvin Attack. This attack allows the attacker to decrypt previously encrypted messages or forge signatures by exchanging a large number of messages with the vulnerable service...
DEBIAN-CVE-2025-0306
A vulnerability was found in Ruby. The Ruby interpreter is vulnerable to the Marvin Attack. This attack allows the attacker to decrypt previously encrypted messages or forge signatures by exchanging a large number of messages with the vulnerable service...
CVE-2025-0306
A vulnerability was found in Ruby. The Ruby interpreter is vulnerable to the Marvin Attack. This attack allows the attacker to decrypt previously encrypted messages or forge signatures by exchanging a large number of messages with the vulnerable service...
UBUNTU-CVE-2025-0306
A vulnerability was found in Ruby. The Ruby interpreter is vulnerable to the Marvin Attack. This attack allows the attacker to decrypt previously encrypted messages or forge signatures by exchanging a large number of messages with the vulnerable service...
CVE-2025-0306 Ruby: openssl: ruby marvin attack
A vulnerability was found in Ruby. The Ruby interpreter is vulnerable to the Marvin Attack. This attack allows the attacker to decrypt previously encrypted messages or forge signatures by exchanging a large number of messages with the vulnerable service...
CVE-2025-0306
CVE-2025-0306 concerns the Ruby interpreter and a Marvin Attack that can decrypt previously encrypted messages or forge signatures by exchanging a large number of messages with the vulnerable service. The connected docs corroborate Ruby advisories for EulerOS (ruby package security advisories Eul...
CVE-2025-0306 Ruby: openssl: ruby marvin attack
A vulnerability was found in Ruby. The Ruby interpreter is vulnerable to the Marvin Attack. This attack allows the attacker to decrypt previously encrypted messages or forge signatures by exchanging a large number of messages with the vulnerable service...
CVE-2025-0306
A vulnerability was found in Ruby. The Ruby interpreter is vulnerable to the Marvin Attack. This attack allows the attacker to decrypt previously encrypted messages or forge signatures by exchanging a large number of messages with the vulnerable service...
Ruby 安全漏洞
Ruby is a cross-platform, object-oriented, dynamically typed programming language from the personal developer Yukihiro Matsumoto. A security vulnerability exists in Ruby that stems from vulnerability to the Marvin attack, which allows an attacker to decrypt previously encrypted messages or forge...
ROS-20250109-08
The ungetbyte and ungetc methods of StringIO string handler for Ruby programming language are vulnerable to with an operation exceeding buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker, acting remotely, to affect the confidentiality of protected information...
Kredis 安全漏洞
Kredis is a Ruby on Rails open source higher level data structure built on Redis. A security vulnerability exists in Kredis versions prior to 1.3.0.1, which stems from the presence of an untrusted data deserialization vulnerability...
ROS-20250109-06
The ungetbyte and ungetc methods of StringIO string handler for Ruby programming language are vulnerable to with an operation exceeding buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker, acting remotely, to affect the confidentiality of protected information...
CVE-2025-0306
A vulnerability was found in Ruby. The Ruby interpreter is vulnerable to the Marvin Attack. This attack allows the attacker to decrypt previously encrypted messages or forge signatures by exchanging a large number of messages with the vulnerable service. Mitigation See the following possible...
Malicious Package
Overview holaaaaaafasdf is a malicious package. This package contains malicious code that exfiltrates sensitive data. Remediation Avoid using all malicious instances of the holaaaaaafasdf package. References - Security Advisory...
Malicious Package
Overview nosvemosssadfsd is a malicious package. This package contains malicious code that exfiltrates sensitive data. Remediation Avoid using all malicious instances of the nosvemosssadfsd package. References - Security Advisory...