34 matches found
SUSE SLES12 Security Update : ruby2.1 (SUSE-SU-2024:3939-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2024:3939-1 advisory. - CVE-2024-47220: Fixed HTTP request smuggling in WEBrick bsc1230930 Tenable has extracted the preceding description block directly from the SUSE...
SUSE: Security Advisory (SUSE-SU-2024:3939-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2024:3939-1 Security update for ruby2.1
This update for ruby2.1 fixes the following issues: - CVE-2024-47220: Fixed HTTP request smuggling in WEBrick bsc1230930...
SUSE: Security Advisory (SUSE-SU-2021:3837-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2021:3837-1 Security update for ruby2.1
This update for ruby2.1 fixes the following issues: - CVE-2020-25613: Fixed potential HTTP request smuggling in WEBrick bsc1177125. - CVE-2021-31799: Fixed Command injection vulnerability in RDoc bsc1190375. - CVE-2021-31810: Fixed trusting FTP PASV responses vulnerability in Net:FTP bsc1188161. ...
SUSE: Security Advisory (SUSE-SU-2015:0093-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2017:1067-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2020:1570-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES12 Security Update : ruby2.1 (SUSE-SU-2020:1570-1)
This update for ruby2.1 fixes the following issues : Security issues fixed : CVE-2015-9096: Fixed an SMTP command injection via CRLFsequences in a RCPT TO or MAIL FROM command bsc1043983. CVE-2016-7798: Fixed an IV Reuse in GCM Mode bsc1055265. CVE-2017-0898: Fixed a buffer underrun vulnerability...
SUSE-SU-2020:1570-1 Security update for ruby2.1
This update for ruby2.1 fixes the following issues: Security issues fixed: - CVE-2015-9096: Fixed an SMTP command injection via CRLFsequences in a RCPT TO or MAIL FROM command bsc1043983. - CVE-2016-7798: Fixed an IV Reuse in GCM Mode bsc1055265. - CVE-2017-0898: Fixed a buffer underrun...
Debian DLA-2192-1 : ruby2.1 security update
The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.1 has an unsafe object creation vulnerability. This is quite similar to CVE-2013-0269, but does not rely on poor garbage-collection behavior within Ruby. Specifically, use of JSON parsing methods can lead to creation of a malicious object...
Debian: Security Advisory (DLA-2192-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 2192-1] ruby2.1 security update
Package : ruby2.1 Version : 2.1.5-2+deb8u10 CVE ID : CVE-2020-10663 The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.1 has an unsafe object creation vulnerability. This is quite similar to CVE-2013-0269, but does not rely on poor garbage-collection behavior within Ruby. Specifically, use of...
DLA-2192-1 ruby2.1 - security update
Bulletin has no description...
Debian DLA-2158-1 : ruby2.1 security update
An exploitable heap overflow vulnerability exists in the Psych::Emitter startdocument function of Ruby. In Psych::Emitter startdocument function heap buffer 'head' allocation is made based on tags array length. Specially constructed object passed as element of tags array can increase this array...
Debian: Security Advisory (DLA-2158-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 2158-1] ruby2.1 security update
Package : ruby2.1 Version : 2.1.5-2+deb8u9 CVE ID : CVE-2016-2338 An exploitable heap overflow vulnerability exists in the Psych::Emitter startdocument function of Ruby. In Psych::Emitter startdocument function heap buffer "head" allocation is made based on tags array length. Specially constructe...
Debian DLA-2007-1 : ruby2.1 security update
Several flaws have been found in ruby2.1, an interpreter of an object-oriented scripting language. CVE-2019-15845 Path matching might pass in File.fnmatch and File.fnmatch? due to a NUL character injection. CVE-2019-16201 A loop caused by a wrong regular expression could lead to a denial of servi...
Debian: Security Advisory (DLA-2007-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 2007-1] ruby2.1 security update
Package : ruby2.1 Version : 2.1.5-2+deb8u8 CVE ID : CVE-2019-15845 CVE-2019-16201 CVE-2019-16254 CVE-2019-16255 Several flaws have been found in ruby2.1, an interpreter of an object-oriented scripting language. CVE-2019-15845 Path matching might pass in File.fnmatch and File.fnmatch? due to a NUL...