EulerOS 2.0 SP3 : ruby (EulerOS-SA-2021-1117)

According to the versions of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Onigmo through 6.2.0 has a NULL pointer dereference in onigerrorcodetostr because of fetchtoken in regparse.c.CVE-2019-16161 - Onigmo through 6.2....

Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2021-1117)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Medium: ruby20

Issue Overview: An issue was discovered in Ruby through 2.5.8, 2.6.x through 2.6.6, and 2.7.x through 2.7.1. WEBrick, a simple HTTP server bundled with Ruby, had not checked the transfer-encoding header value rigorously. An attacker may potentially exploit this issue to bypass a reverse proxy whi...

Medium: vim

Issue Overview: A flaw was found in vim in the restricted mode, where all commands that make use of external shells are disabled. However, it was found that users could still execute some arbitrary OS commands in the restricted mode. This flaw was fixed by filtering the functions that can call OS...

Pineapple-MK7-REST-Client - WiFi Hacking Workflow With Pineapple Mark 7 API

PINEAPPLE MK7 REST CLIENT The leading rogue access point and WiFi pentest toolkit for close access operations. Passive and active attacks analyze vulnerable and misconfigured devices. @HAK5 Author :: TW-D Version :: 1.0.2 Copyright :: Copyright c 2021 TW-D License :: Distributes under the same...

CVE-2020-26298

Redcarpet is a Ruby library for Markdown processing. In Redcarpet before version 3.5.1, there is an injection vulnerability which can enable a cross-site scripting attack. In affected versions no HTML escaping was being performed when processing quotes. This applies even when the :escapehtml opti...

CVE-2020-35458

CVE-2020-35458 affects ClusterLabs Hawk 2.x up to 2.3.0-x. The flaw is a Ruby shell code injection via the hawk_remember_me_id parameter in the login_from_cookie cookie. This allows unauthenticated remote attackers to execute code as user hauser, leveraging the user logout routine. Red Hat and SU...

CVE-2020-26298

Redcarpet is a Ruby library for Markdown processing. In Redcarpet before version 3.5.1, there is an injection vulnerability which can enable a cross-site scripting attack. In affected versions no HTML escaping was being performed when processing quotes. This applies even when the :escapehtml opti...

Injection/XSS in Redcarpet

Redcarpet is a Ruby library for Markdown processing. In Redcarpet before version 3.5.1, there is an injection vulnerability which can enable a cross-site scripting attack. In affected versions no HTML escaping was being performed when processing quotes. This applies even when the :escapehtml opti...

Injection/XSS in Redcarpet

Redcarpet is a Ruby library for Markdown processing. In Redcarpet before version 3.5.1, there is an injection vulnerability which can enable a cross-site scripting attack. In affected versions no HTML escaping was being performed when processing quotes. This applies even when the :escapehtml opti...

U.S. Dept Of Defense: [CVE-2018-7600] Remote Code Execution due to outdated Drupal server on www.█████████

Summary Due to an outdated Drupal version, remote code execution is possible on www.█████ via CVE-2018-7600. Description Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute arbitrary code because of an issue affecting multiple...

Amazon Linux AMI : ruby20 (ALAS-2020-1467) (deprecated)

The version of tested product installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the ALAS-2020-1467 advisory. - An issue was discovered in Ruby through 2.5.8, 2.6.x through 2.6.6, and 2.7.x through 2.7.1. WEBrick, a simple HTTP...

Medium: ruby20

Issue Overview: An issue was discovered in Ruby through 2.5.8, 2.6.x through 2.6.6, and 2.7.x through 2.7.1. WEBrick, a simple HTTP server bundled with Ruby, had not checked the transfer-encoding header value rigorously. An attacker may potentially exploit this issue to bypass a reverse proxy whi...

EulerOS 2.0 SP5 : ruby (EulerOS-SA-2020-2564)

According to the versions of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Onigmo through 6.2.0 has a NULL pointer dereference in onigerrorcodetostr because of fetchtoken in regparse.c.CVE-2019-16161 - Onigmo through 6.2....

Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2020-2532)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP8 : ruby (EulerOS-SA-2020-2532)

According to the versions of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Onigmo through 6.2.0 has a NULL pointer dereference in onigerrorcodetostr because of fetchtoken in regparse.c.CVE-2019-16161 - Onigmo through 6.2....

CVE-2020-25613 affecting package ruby 2.6.6-4

CVE-2020-25613 affecting package ruby 2.6.6-4. A patched version of the package is available...

Important Photon OS Security Update - PHSA-2020-0163

Updates of 'consul', 'ruby', 'linux-rt', 'linux-esx', 'linux', 'linux-secure', 'linux-aws' packages of Photon OS have been released...

Photon OS 1.0: Ruby PHSA-2020-1.0-0338

An update of the ruby package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2020-1.0-0338. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid143066;...

Important Photon OS Security Update - PHSA-2020-3.0-0163

Updates of 'linux-esx', 'linux', 'consul', 'linux-rt', 'linux-aws', 'ruby', 'linux-secure' packages of Photon OS have been released...