Lucene search
K

34 matches found

OpenVAS
OpenVAS
added 2019/04/02 12:0 a.m.80 views

Debian: Security Advisory (DLA-1735-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.4AI score0.04212EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2019/04/01 12:0 a.m.35 views

Debian DLA-1735-1 : ruby2.1 security update

Several vulnerabilities have been discovered in rubygems embedded in ruby2.1, the interpreted scripting language. CVE-2019-8320 A Directory Traversal issue was discovered in RubyGems. Before making new directories or touching files which now include path-checking code for symlinks, it would delet...

8.8CVSS7AI score0.04212EPSS
Exploits1References7
Debian
Debian
added 2019/03/29 8:53 a.m.104 views

[SECURITY] [DLA 1735-1] ruby2.1 security update

Package : ruby2.1 Version : 2.1.5-2+deb8u7 CVE ID : CVE-2019-8320 CVE-2019-8322 CVE-2019-8323 CVE-2019-8324 CVE-2019-8325 Several vulnerabilities have been discovered in rubygems embedded in ruby2.1, the interpreted scripting language. CVE-2019-8320 A Directory Traversal issue was discovered in...

8.8CVSS9.3AI score0.04212EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2018/10/29 12:0 a.m.31 views

Debian DLA-1558-1 : ruby2.1 security update

CVE-2018-16395 Fix for OpenSSL::X509::Name equality check. CVE-2018-16396 Tainted flags are not propagated in Arraypack and Stringunpack with some directives. For Debian 8 'Jessie', these problems have been fixed in version 2.1.5-2+deb8u6. We recommend that you upgrade your ruby2.1 packages. NOTE...

9.8CVSS7AI score0.10715EPSS
Exploits0References4
Debian
Debian
added 2018/10/28 9:37 p.m.451 views

[SECURITY] [DLA 1558-1] ruby2.1 security update

Package : ruby2.1 Version : 2.1.5-2+deb8u6 CVE ID : CVE-2018-16395 CVE-2018-16396 CVE-2018-16395 Fix for OpenSSL::X509::Name equality check. CVE-2018-16396 Tainted flags are not propagated in Arraypack and Stringunpack with some directives. For Debian 8 "Jessie", these problems have been fixed in...

9.8CVSS8.6AI score0.10715EPSS
Exploits0
OpenVAS
OpenVAS
added 2018/10/28 12:0 a.m.37 views

Debian: Security Advisory (DLA-1558-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.2AI score0.10715EPSS
Exploits0References3
Debian
Debian
added 2018/07/14 6:28 a.m.60 views

[SECURITY] [DLA 1421-1] ruby2.1 security update

Package : ruby2.1 Version : 2.1.5-2+deb8u4 CVE ID : CVE-2015-9096 CVE-2016-2339 CVE-2016-7798 CVE-2017-0898 CVE-2017-0899 CVE-2017-0900 CVE-2017-0901 CVE-2017-0902 CVE-2017-0903 CVE-2017-10784 CVE-2017-14033 CVE-2017-14064 CVE-2017-17405 CVE-2017-17742 CVE-2017-17790 CVE-2018-6914 CVE-2018-8777...

9.8CVSS7.4AI score0.73927EPSS
Exploits18
Tenable Nessus
Tenable Nessus
added 2017/05/01 12:0 a.m.54 views

openSUSE Security Update : ruby2.1 (openSUSE-2017-527)

This ruby2.1 update to version 2.1.9 fixes the following issues : Security issues fixed : - CVE-2016-2339: heap overflow vulnerability in the Fiddle::Function.new'initialize' bsc1018808 - CVE-2015-7551: Unsafe tainted string usage in Fiddle and DL bsc959495 - CVE-2015-3900: hostname validation do...

9.8CVSS7.4AI score0.08934EPSS
Exploits2References14
OpenVAS
OpenVAS
added 2017/04/29 12:0 a.m.35 views

openSUSE: Security Advisory for ruby2.1 (openSUSE-SU-2017:1128-1)

The remote host is missing an update for the Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS6.5AI score0.08934EPSS
Exploits2References1
Tenable Nessus
Tenable Nessus
added 2017/04/21 12:0 a.m.66 views

SUSE SLED12 / SLES12 Security Update : ruby2.1 (SUSE-SU-2017:1067-1)

This ruby2.1 update to version 2.1.9 fixes the following issues: Security issues fixed : - CVE-2016-2339: heap overflow vulnerability in the Fiddle::Function.new'initialize' bsc1018808 - CVE-2015-7551: Unsafe tainted string usage in Fiddle and DL bsc959495 - CVE-2015-3900: hostname validation doe...

9.8CVSS7.4AI score0.08934EPSS
Exploits2References20
Tenable Nessus
Tenable Nessus
added 2015/05/05 12:0 a.m.30 views

Debian DSA-3247-1 : ruby2.1 - security update

It was discovered that the Ruby OpenSSL extension, part of the interpreter for the Ruby language, did not properly implement hostname matching, in violation of RFC 6125. This could allow remote attackers to perform a man-in-the-middle attack via crafted SSL certificates. %NASLMINLEVEL 70300 C...

5.9CVSS7AI score0.02815EPSS
Exploits0References3
Debian
Debian
added 2015/05/02 11:20 a.m.43 views

[SECURITY] [DSA 3247-1] ruby2.1 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3247-1 [email protected] http://www.debian.org/security/ Alessandro Ghedini May 02, 2015 http://www.debian.org/security/faq -...

5.9CVSS5.5AI score0.02815EPSS
Exploits0
OpenVAS
OpenVAS
added 2015/05/02 12:0 a.m.31 views

Debian Security Advisory DSA 3247-1 (ruby2.1 - security update)

It was discovered that the Ruby OpenSSL extension, part of the interpreter for the Ruby language, did not properly implement hostname matching, in violation of RFC 6125. This could allow remote attackers to perform a man-in-the-middle attack via crafted SSL certificates. OpenVAS Vulnerability Tes...

4.7CVSS0.2AI score0.02815EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2015/01/05 12:0 a.m.26 views

openSUSE Security Update : ruby2.1 (openSUSE-SU-2015:0007-1)

The following issues were fixed in this update : - CVE-2014-8090: Denial Of Service XML Expansion bnc905326 - CVE-2014-8080: Denial Of Service XML Expansion bnc902851 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...

5CVSS7AI score0.05555EPSS
Exploits2References5
Rows per page
Query Builder