RHCOS 6 : ruby193-ruby, rubygem-json and rubygem-rdoc (RHSA-2013:0701)

The remote Red Hat Enterprise Linux CoreOS 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2013:0701 advisory. - rubygem-rdoc: Cross-site scripting in the documentation created by Darkfish Rdoc HTML generator / template CVE-2013-0256 -...

RHCOS 1 : ruby193-ruby (RHSA-2013:1137)

The remote Red Hat Enterprise Linux CoreOS 1 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2013:1137 advisory. - ruby: hostname check bypassing vulnerability in SSL client CVE-2013-4073 Note that Nessus has not tested for this issue but has instead...

RHCOS 6 : ruby193-rubygem-activerecord (RHSA-2013:0699)

The remote Red Hat Enterprise Linux CoreOS 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2013:0699 advisory. - rubygem-activerecord: attributedos Symbol DoS vulnerability CVE-2013-1854 Note that Nessus has not tested for this issue but has instead...

RHCOS 6 : rubygem-actionpack and ruby193-rubygem-actionpack (RHSA-2013:0698)

The remote Red Hat Enterprise Linux CoreOS 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2013:0698 advisory. - rubygem-actionpack: csssanitization: XSS vulnerability in sanitizecss CVE-2013-1855 - rubygem-actionpack: sanitizeprotocol: XSS...

EUVD-2013-1937

Malware in sbrugna...

RHEL 6 / 7 : ruby193-ruby (RHSA-2014:1913)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2014:1913 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system...

RHSA-2013:1284 Red Hat Security Advisory: ruby193-puppet security update

Bulletin has no description...

RHSA-2013:1201 Red Hat Security Advisory: ruby193-v8 security update

Bulletin has no description...

RHSA-2013:0699 Red Hat Security Advisory: ruby193-rubygem-activerecord security update

Bulletin has no description...

RHSA-2013:0701 Red Hat Security Advisory: ruby193-ruby, rubygem-json and rubygem-rdoc security update

Bulletin has no description...

RHSA-2014:0364 Red Hat Security Advisory: ruby193-libyaml security update

Bulletin has no description...

RHSA-2014:0355 Red Hat Security Advisory: ruby193-libyaml security update

Bulletin has no description...

RHSA-2013:1427 Red Hat Security Advisory: ruby193-ruby security update

Bulletin has no description...

RHSA-2013:1103 Red Hat Security Advisory: ruby193-ruby security update

Bulletin has no description...

RHEL 6 : ruby193-puppet (RHSA-2013:1284)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2013:1284 advisory. Puppet allows provisioning, patching, and configuration of clients to be managed and automated. A flaw was found in the way Puppet handled...

Oracle Linux 6 : ruby193-ruby (ELSA-2014-1913)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-1913 advisory. - Fix off-by-one stack-based buffer overflow in the encodes function CVE-2014-4975. Related: rhbz1164004 - Fix REXML billion laughs attack via paramete...

CVE-2013-1945

ruby193 uses an insecure LDLIBRARYPATH setting...

CVE-2013-1945

ruby193 uses an insecure LDLIBRARYPATH setting...

CVE-2013-1945

Technical details for CVE-2013-1945 (ruby193 with insecure LD_LIBRARY_PATH) are not publicly available in the provided documents. Monitor for updates.

Cross-Site Request Forgery (CSRF)

OpenShift Enterprise is a cloud computing Platform-as-a-Service PaaS solution from Red Hat, and is designed for on-premise or private cloud deployments. A flaw was found in the handling of paths provided to ruby193-rubygem-rack. A remote attacker could use this flaw to conduct a directory travers...