Lucene search
K

34 matches found

Tenable Nessus
Tenable Nessus
added 2024/11/08 12:0 a.m.14 views

SUSE SLES12 Security Update : ruby2.1 (SUSE-SU-2024:3939-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2024:3939-1 advisory. - CVE-2024-47220: Fixed HTTP request smuggling in WEBrick bsc1230930 Tenable has extracted the preceding description block directly from the SUSE...

6.9AI score0.00393EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2024/11/08 12:0 a.m.18 views

SUSE: Security Advisory (SUSE-SU-2024:3939-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.2AI score0.00393EPSS
Exploits0References4
OSV
OSV
added 2024/11/07 10:8 a.m.13 views

SUSE-SU-2024:3939-1 Security update for ruby2.1

This update for ruby2.1 fixes the following issues: - CVE-2024-47220: Fixed HTTP request smuggling in WEBrick bsc1230930...

7.5AI score0.00393EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2021/12/02 12:0 a.m.10 views

SUSE: Security Advisory (SUSE-SU-2021:3837-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.1AI score0.03772EPSS
Exploits2References7
OSV
OSV
added 2021/12/01 3:7 p.m.7 views

SUSE-SU-2021:3837-1 Security update for ruby2.1

This update for ruby2.1 fixes the following issues: - CVE-2020-25613: Fixed potential HTTP request smuggling in WEBrick bsc1177125. - CVE-2021-31799: Fixed Command injection vulnerability in RDoc bsc1190375. - CVE-2021-31810: Fixed trusting FTP PASV responses vulnerability in Net:FTP bsc1188161. ...

7.5CVSS6.9AI score0.03772EPSS
Exploits2References9
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.22 views

SUSE: Security Advisory (SUSE-SU-2015:0093-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS9.5AI score0.05555EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.21 views

SUSE: Security Advisory (SUSE-SU-2017:1067-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.1AI score0.08934EPSS
Exploits2References12
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.21 views

SUSE: Security Advisory (SUSE-SU-2020:1570-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.6AI score0.73927EPSS
Exploits22References43
Tenable Nessus
Tenable Nessus
added 2020/06/18 12:0 a.m.43 views

SUSE SLES12 Security Update : ruby2.1 (SUSE-SU-2020:1570-1)

This update for ruby2.1 fixes the following issues : Security issues fixed : CVE-2015-9096: Fixed an SMTP command injection via CRLFsequences in a RCPT TO or MAIL FROM command bsc1043983. CVE-2016-7798: Fixed an IV Reuse in GCM Mode bsc1055265. CVE-2017-0898: Fixed a buffer underrun vulnerability...

9.8CVSS7.9AI score0.73927EPSS
Exploits22References125
OSV
OSV
added 2020/06/09 9:16 a.m.29 views

SUSE-SU-2020:1570-1 Security update for ruby2.1

This update for ruby2.1 fixes the following issues: Security issues fixed: - CVE-2015-9096: Fixed an SMTP command injection via CRLFsequences in a RCPT TO or MAIL FROM command bsc1043983. - CVE-2016-7798: Fixed an IV Reuse in GCM Mode bsc1055265. - CVE-2017-0898: Fixed a buffer underrun...

9.8CVSS9.1AI score0.73927EPSS
Exploits22References83
Tenable Nessus
Tenable Nessus
added 2020/05/01 12:0 a.m.66 views

Debian DLA-2192-1 : ruby2.1 security update

The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.1 has an unsafe object creation vulnerability. This is quite similar to CVE-2013-0269, but does not rely on poor garbage-collection behavior within Ruby. Specifically, use of JSON parsing methods can lead to creation of a malicious object...

7.5CVSS7AI score0.06811EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2020/05/01 12:0 a.m.45 views

Debian: Security Advisory (DLA-2192-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.1AI score0.13911EPSS
Exploits0References3
Debian
Debian
added 2020/04/30 10:1 p.m.97 views

[SECURITY] [DLA 2192-1] ruby2.1 security update

Package : ruby2.1 Version : 2.1.5-2+deb8u10 CVE ID : CVE-2020-10663 The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.1 has an unsafe object creation vulnerability. This is quite similar to CVE-2013-0269, but does not rely on poor garbage-collection behavior within Ruby. Specifically, use of...

7.5CVSS7.1AI score0.13911EPSS
Exploits0
OSV
OSV
added 2020/04/29 12:0 a.m.30 views

DLA-2192-1 ruby2.1 - security update

Bulletin has no description...

7.5CVSS7.8AI score0.06811EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2020/03/26 12:0 a.m.28 views

Debian DLA-2158-1 : ruby2.1 security update

An exploitable heap overflow vulnerability exists in the Psych::Emitter startdocument function of Ruby. In Psych::Emitter startdocument function heap buffer 'head' allocation is made based on tags array length. Specially constructed object passed as element of tags array can increase this array...

9.8CVSS8.3AI score0.04644EPSS
Exploits3References3
OpenVAS
OpenVAS
added 2020/03/26 12:0 a.m.52 views

Debian: Security Advisory (DLA-2158-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.6AI score0.04644EPSS
Exploits3References3
Debian
Debian
added 2020/03/25 1:22 p.m.47 views

[SECURITY] [DLA 2158-1] ruby2.1 security update

Package : ruby2.1 Version : 2.1.5-2+deb8u9 CVE ID : CVE-2016-2338 An exploitable heap overflow vulnerability exists in the Psych::Emitter startdocument function of Ruby. In Psych::Emitter startdocument function heap buffer "head" allocation is made based on tags array length. Specially constructe...

9.8CVSS9.7AI score0.04644EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2019/11/26 12:0 a.m.45 views

Debian DLA-2007-1 : ruby2.1 security update

Several flaws have been found in ruby2.1, an interpreter of an object-oriented scripting language. CVE-2019-15845 Path matching might pass in File.fnmatch and File.fnmatch? due to a NUL character injection. CVE-2019-16201 A loop caused by a wrong regular expression could lead to a denial of servi...

8.1CVSS7AI score0.05086EPSS
Exploits1References6
OpenVAS
OpenVAS
added 2019/11/26 12:0 a.m.62 views

Debian: Security Advisory (DLA-2007-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS7.3AI score0.0576EPSS
Exploits1References3
Debian
Debian
added 2019/11/25 9:24 p.m.70 views

[SECURITY] [DLA 2007-1] ruby2.1 security update

Package : ruby2.1 Version : 2.1.5-2+deb8u8 CVE ID : CVE-2019-15845 CVE-2019-16201 CVE-2019-16254 CVE-2019-16255 Several flaws have been found in ruby2.1, an interpreter of an object-oriented scripting language. CVE-2019-15845 Path matching might pass in File.fnmatch and File.fnmatch? due to a NUL...

8.1CVSS8AI score0.0576EPSS
Exploits1
Rows per page
Query Builder