Debian: Security Advisory (DLA-3989-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

DLA-3989-1 ruby-doorkeeper - security update

Bulletin has no description...

AlmaLinux 9 : ruby:3.1 (ALSA-2024:10860)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:10860 advisory. rexml: REXML ReDoS vulnerability CVE-2024-49761 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory. Note that...

RHSA-2024:10860 Red Hat Security Advisory: ruby:3.1 security update

Bulletin has no description...

RHSA-2024:10858 Red Hat Security Advisory: ruby security update

Bulletin has no description...

RHSA-2024:10850 Red Hat Security Advisory: ruby:2.5 security update

Bulletin has no description...

RHSA-2024:10834 Red Hat Security Advisory: ruby:3.1 security update

Bulletin has no description...

ruby:3.1 security update

ruby 3.1.5-145 - Fix REXML ReDoS vulnerability. CVE-2024-49761 Resolves: RHEL-68530 3.1.5-144 - Upgrade to Ruby 3.1.5. Resolves: RHEL-33978 - Fix buffer overread vulnerability in StringIO. Resolves: RHEL-34129 - Fix RCE vulnerability with .rdocoptions in RDoc. Resolves: RHEL-34121 - Fix arbitrary...

Oracle Linux 8 : ruby:3.1 (ELSA-2024-10834)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-10834 advisory. ruby 3.1.5-144 - Fix REXML ReDoS vulnerability. CVE-2024-49761 Resolves: RHEL-68520 rubygem-abrt rubygem-mysql2 rubygem-pg Tenable has extracted the preceding...

RHEL 9 : ruby (RHSA-2024:10858)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:10858 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management task...

RHEL 8 : ruby:2.5 (RHSA-2024:10850)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:10850 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management task...

ruby:3.1 security update

ruby 3.1.5-144 - Fix REXML ReDoS vulnerability. CVE-2024-49761 Resolves: RHEL-68520 rubygem-abrt rubygem-mysql2 rubygem-pg...

The vulnerability of the Ruby Syntax Detector component of the JetBrains YouTrack project management and task management software allows a hacker to trigger a service failure.

The vulnerability of the Ruby Syntax Detector component of the JetBrains YouTrack project management and task management software is related to the use of a regular expression with high computational complexity. Exploiting this vulnerability could allow an attacker to cause service interruptions...

Oracle Linux 9 : ruby:3.1 (ELSA-2024-10860)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-10860 advisory. - Fix REXML ReDoS vulnerability. CVE-2024-49761 Resolves: RHEL-68530 Tenable has extracted the preceding description block directly from the Oracle Linux...

RHEL 9 : ruby:3.1 (RHSA-2024:10860)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:10860 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management task...

CLSA-2024-1733429722 Fix CVE(s): CVE-2024-48992

SECURITY UPDATE: Arbitrary code execution via manipulated RUBYLIB environment variable - debian/patches/CVE-2024-48992.patch: Prevent script from setting RUBYLIB environment variable to avoid LPE - CVE-2024-48992...

USN-7117-3 needrestart regression

USN-7117-1 fixed vulnerabilities in needrestart. The update introduced a regression in needrestart. This update fixes the problem for LXC containers. We apologize for the inconvenience. Original advisory details: Qualys discovered that needrestart passed unsanitized data to a library...

Important: Red Hat Security Advisory: ruby:3.1 security update

An update for the ruby:3.1 module is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

rexml: REXML ReDoS vulnerability

A flaw was found in the ReXML XML toolkit for Ruby. Parsing XML data containing a large number of digits between & and x...; in a hex numeric character reference &x...; can trigger a regular expression denial of service ReDoS condition, leading to a denial of service...

rexml: REXML ReDoS vulnerability

A flaw was found in the ReXML XML toolkit for Ruby. Parsing XML data containing a large number of digits between & and x...; in a hex numeric character reference &x...; can trigger a regular expression denial of service ReDoS condition, leading to a denial of service...