RHSA-2019:1151 Red Hat Security Advisory: rh-ruby23-ruby security update

Bulletin has no description...

RHSA-2018:3729 Red Hat Security Advisory: rh-ruby23-ruby security, bug fix, and enhancement update

Bulletin has no description...

RHEL 6 / 7 : rh-ruby23-ruby (RHSA-2019:1151)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:1151 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management...

Amazon Linux AMI : ruby24 / ruby22,ruby23 (ALAS-2018-978)

Unsafe object deserialization through YAML formatted gem specifications : A vulnerability was found where the rubygems module was vulnerable to an unsafe YAML deserialization when inspecting a gem. Applications inspecting gem files without installing them can be tricked to execute arbitrary code ...

Medium: ruby22, ruby23

Issue Overview: SMTP command injection via CRLF sequences in RCPT TO or MAIL FROM commands in Net::SMTP A SMTP command injection flaw was found in the way Ruby's Net::SMTP module handled CRLF sequences in certain SMTP commands. An attacker could potentially use this flaw to inject SMTP commands i...

Amazon Linux AMI : ruby23 (ALAS-2017-880)

IV Reuse in GCM Mode : The openssl gem for Ruby uses the same initialization vector IV in GCM Mode aes--gcm when the IV is set before the key, which makes it easier for context-dependent attackers to bypass the encryption protection mechanism. CVE-2016-7798 C Tenable Network Security, Inc. The...

Medium: ruby23

Issue Overview: IV Reuse in GCM Mode: The openssl gem for Ruby uses the same initialization vector IV in GCM Mode aes--gcm when the IV is set before the key, which makes it easier for context-dependent attackers to bypass the encryption protection mechanism. CVE-2016-7798 Affected Packages: ruby2...