Ubuntu: Security Advisory (USN-4922-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-4922-1: Ruby vulnerability

Juho Nurminen discovered that the REXML gem bundled with Ruby incorrectly parsed and serialized XML documents. A remote attacker could possibly use this issue to perform an XML round-trip attack...

SUSE: Security Advisory (SUSE-SU-2020:0737-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Update : ruby2.5 (openSUSE-2021-471)

This update for ruby2.5 fixes the following issues : - CVE-2020-25613: Fixed a potential HTTP Request Smuggling in WEBrick bsc1177125. - Enable optimizations also on ARM64 bsc1177222 This update was imported from the SUSE:SLE-15:Update update project. C Tenable Network Security, Inc. The...

SUSE SLED15 / SLES15 Security Update : ruby2.5 (SUSE-SU-2021:0933-1)

This update for ruby2.5 fixes the following issues : CVE-2020-25613: Fixed a potential HTTP Request Smuggling in WEBrick bsc1177125. Enable optimizations also on ARM64 bsc1177222 Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security...

OPENSUSE-SU-2021:0471-1 Security update for ruby2.5

This update for ruby2.5 fixes the following issues: - CVE-2020-25613: Fixed a potential HTTP Request Smuggling in WEBrick bsc1177125. - Enable optimizations also on ARM64 bsc1177222 This update was imported from the SUSE:SLE-15:Update update project...

Security update for ruby2.5 (important)

openSUSE Security Update: Security update for ruby2.5 Announcement ID: openSUSE-SU-2021:0471-1 Rating: important References: 1177125 1177222 Cross-References: CVE-2020-25613 CVSS scores: CVE-2020-25613 NVD : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N CVE-2020-25613 SUSE: 6.3...

Debian DSA-4721-1 : ruby2.5 - security update

Several vulnerabilities have been discovered in the interpreter for the Ruby language. - CVE-2020-10663 Jeremy Evans reported an unsafe object creation vulnerability in the json gem bundled with Ruby. When parsing certain JSON documents, the json gem can be coerced into creating arbitrary objects...

Debian: Security Advisory (DSA-4721-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

DSA-4721-1 ruby2.5 - security update

Bulletin has no description...

openSUSE Security Update : ruby2.5 (openSUSE-2020-586)

This update for ruby2.5 to version 2.5.8 fixes the following issues : - CVE-2020-10663: Unsafe Object Creation Vulnerability in JSON bsc1167244. - CVE-2020-10933: Heap exposure vulnerability in the socket library bsc1168938. This update was imported from the SUSE:SLE-15:Update update project. C...

openSUSE: Security Advisory for ruby2.5 (openSUSE-SU-2020:0586-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Security update for ruby2.5 (moderate)

openSUSE Security Update: Security update for ruby2.5 Announcement ID: openSUSE-SU-2020:0586-1 Rating: moderate References: 1167244 1168938 Cross-References: CVE-2020-10663 CVE-2020-10933 Affected Products: openSUSE Leap 15.1 An update that fixes two vulnerabilities is now available. Description:...

SUSE SLED15 / SLES15 Security Update : ruby2.5 (SUSE-SU-2020:0995-1)

This update for ruby2.5 to version 2.5.8 fixes the following issues : CVE-2020-10663: Unsafe Object Creation Vulnerability in JSON bsc1167244. CVE-2020-10933: Heap exposure vulnerability in the socket library bsc1168938. Note that Tenable Network Security has extracted the preceding description...

SUSE-SU-2020:0995-1 Security update for ruby2.5

This update for ruby2.5 to version 2.5.8 fixes the following issues: - CVE-2020-10663: Unsafe Object Creation Vulnerability in JSON bsc1167244. - CVE-2020-10933: Heap exposure vulnerability in the socket library bsc1168938...

openSUSE Security Update : ruby2.5 (openSUSE-2020-395)

This update for ruby2.5 toversion 2.5.7 fixes the following issues: ruby 2.5 was updated to version 2.5.7 - CVE-2020-8130: Fixed a command injection in intree copy of rake bsc1164804. - CVE-2019-16255: Fixed a code injection vulnerability of Shell and Shelltest bsc1152990. - CVE-2019-16254: Fixed...

openSUSE: Security Advisory for Recommended (openSUSE-SU-2020:0395-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Recommended update for ruby2.5 (important)

openSUSE Security Update: Recommended update for ruby2.5 Announcement ID: openSUSE-SU-2020:0395-1 Rating: important References: 1140844 1152990 1152992 1152994 1152995 1162396 1164804 Cross-References: CVE-2012-6708 CVE-2015-9251 CVE-2019-15845 CVE-2019-16201 CVE-2019-16254 CVE-2019-16255...

SUSE SLED15 / SLES15 Security Update : Recommended update for ruby2.5 (SUSE-SU-2020:0737-1)

This update for ruby2.5 toversion 2.5.7 fixes the following issues : ruby 2.5 was updated to version 2.5.7 CVE-2020-8130: Fixed a command injection in intree copy of rake bsc1164804. CVE-2019-16255: Fixed a code injection vulnerability of Shell and Shelltest bsc1152990. CVE-2019-16254: Fixed am...

Debian: Security Advisory (DSA-4586-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...