ruby3.3-rubygem-puma-6.4.3-1.1 on GA media (moderate)

ruby3.3-rubygem-puma-6.4.3-1.1 on GA media Announcement ID: openSUSE-SU-2024:14474-1 Rating: moderate Cross-References: CVE-2024-45614 CVSS scores: CVE-2024-45614 SUSE : 5.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N CVE-2024-45614 SUSE : 6.3...

RHEL 9 : ruby:3.3 (RHSA-2024:6785)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:6785 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system...

Security update for ruby2.1

This update for ruby2.1 fixes the following issues: CVE-2024-47220: Fixed HTTP request smuggling in WEBrick bsc1230930 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command list...

RHEL 8 : CloudForms 5.0.1 (RHSA-2019:4201)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:4201 advisory. Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments...

RHEL 8 : ruby:3.3 (RHSA-2024:6784)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:6784 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system...

RHEL 7 : CloudForms 4.7.7 (RHSA-2019:1833)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:1833 advisory. Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments...

OPENSUSE-SU-2024:14473-1 ruby3.3-rubygem-actiontext-7.0-7.0.8.6-1.1 on GA media

These are all security issues fixed in the ruby3.3-rubygem-actiontext-7.0-7.0.8.6-1.1 package on the GA media of openSUSE Tumbleweed...

USN-7091-1: Ruby vulnerabilities

It was discovered that Ruby incorrectly handled parsing of an XML document that has specific XML characters in an attribute value using REXML gem. An attacker could use this issue to cause Ruby to crash, resulting in a denial of service. This issue only affected in Ubuntu 22.04 LTS and Ubuntu 24....

USN-7091-1 ruby3.0, ruby3.2, ruby3.3 vulnerabilities

It was discovered that Ruby incorrectly handled parsing of an XML document that has specific XML characters in an attribute value using REXML gem. An attacker could use this issue to cause Ruby to crash, resulting in a denial of service. This issue only affected in Ubuntu 22.04 LTS and Ubuntu 24....

Ubuntu: Security Advisory (USN-7091-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 22.04 LTS / 24.04 LTS / 24.10 : Ruby vulnerabilities (USN-7091-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 24.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7091-1 advisory. It was discovered that Ruby incorrectly handled parsing of an XML document that has specific XML characters in an attribute value usi...

RHEL 7 : CloudForms 4.7 (RHSA-2019:0212)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:0212 advisory. Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual...

RHEL 6 / 7 : ruby193-rubygem-activerecord (RHSA-2014:0876)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2014:0876 advisory. Ruby on Rails is a model-view-controller MVC framework for web application development. Active Record implements object-relational mapping for...

RHEL 6 / 7 : rh-ror41 (RHSA-2016:0456)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2016:0456 advisory. The rh-ror41 collection provides Ruby on Rails version 4.1. Ruby on Rails is a model-view-controller MVC framework for web application...

RHEL 6 / 7 : ruby193-rubygem-actionpack (RHSA-2016:1858)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2016:1858 advisory. Ruby on Rails is a model-view-controller MVC framework for web application development. Action Pack implements the controller and the view...

RHEL 6 / 7 : ror40-rubygem-actionpack (RHSA-2016:1857)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2016:1857 advisory. Ruby on Rails is a model-view-controller MVC framework for web application development. Action Pack implements the controller and the view...

Security update for ruby2.5

This update for ruby2.5 fixes the following issues: CVE-2024-43398: Fixed DoS when parsing a XML that has many deep elements with the same local name attributes bsc1229673 CVE-2024-41123: Fixed DoS when parsing an XML that contains many specific characters such as whitespaces, and bsc1228794...

GHSA-HXX2-7VCW-MQR3 vulnerabilities

Vulnerabilities for packages: ruby3.2-sinatra, logstash, ruby3.3-sinatra...

CVE-2024-21510 vulnerabilities

Vulnerabilities for packages: ruby3.3-sinatra, gitlab-cng, ruby3.2-sinatra, logstash...

CVE-2024-21510 vulnerabilities

Vulnerabilities for packages: ruby3.2-sinatra, logstash, ruby3.3-sinatra...