OPENSUSE-SU-2025:15112-1 ruby3.4-rubygem-activerecord-7.0-7.0.8.6-1.3 on GA media

These are all security issues fixed in the ruby3.4-rubygem-activerecord-7.0-7.0.8.6-1.3 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2025:15109-1 ruby3.4-rubygem-actionmailer-7.0-7.0.8.6-1.3 on GA media

These are all security issues fixed in the ruby3.4-rubygem-actionmailer-7.0-7.0.8.6-1.3 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2025:15118-1 ruby3.4-rubygem-json_pure-2.7.6-1.3 on GA media

These are all security issues fixed in the ruby3.4-rubygem-jsonpure-2.7.6-1.3 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2025:15111-1 ruby3.4-rubygem-actiontext-7.0-7.0.8.6-1.3 on GA media

These are all security issues fixed in the ruby3.4-rubygem-actiontext-7.0-7.0.8.6-1.3 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2025:15121-1 ruby3.4-rubygem-minitar-0.9-1.19 on GA media

These are all security issues fixed in the ruby3.4-rubygem-minitar-0.9-1.19 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2025:15126-1 ruby3.4-rubygem-rubyzip-2.3.2-1.17 on GA media

These are all security issues fixed in the ruby3.4-rubygem-rubyzip-2.3.2-1.17 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2025:15113-1 ruby3.4-rubygem-activestorage-7.0-7.0.8.6-1.3 on GA media

These are all security issues fixed in the ruby3.4-rubygem-activestorage-7.0-7.0.8.6-1.3 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2025:15125-1 ruby3.4-rubygem-rails-html-sanitizer-1.6.0-1.7 on GA media

These are all security issues fixed in the ruby3.4-rubygem-rails-html-sanitizer-1.6.0-1.7 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2025:15123-1 ruby3.4-rubygem-puma-6.4.3-1.3 on GA media

These are all security issues fixed in the ruby3.4-rubygem-puma-6.4.3-1.3 package on the GA media of openSUSE Tumbleweed...

Malicious code in xero_ruby_oauth2_app (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware df775937f934e6eee2161d71e8e61cc59dab858b11abd32721c7bb957ab91ee1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-3928 Malicious code in xero_ruby_oauth2_app (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware df775937f934e6eee2161d71e8e61cc59dab858b11abd32721c7bb957ab91ee1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

ruby:2.5 security update

ruby 2.5.9-114 - Fix integer overflow in searchinrange function in regexec.c CVE-2019-19012. Resolves: RHEL-87505 rubygem-abrt rubygem-bson rubygem-bundler 1.16.1-5 - Fix unexpected code execution in Gemfiles CVE-2021-43809 Resolves: RHEL-87017 rubygem-mongo rubygem-mysql2 rubygem-pg...

Ruby RACK < 2.2.14 / 3.0.16 / 3.1.14 DoS vulnerability

The version of the RACK Ruby library installed on the remote host is prior to 2.2.14 / 3.0.16 / 3.1.14 . It is, therefore, affected by a DoS vulnerability where an attacker can trigger denial of service by sending specifically crafted HTTP requests, which can cause memory exhaustion or pin CPU...

rubygem-rack: Unbounded-Parameter DoS in Rack::QueryParser

A flaw was found in Rack::QueryParser. This vulnerability allows denial of service via oversized HTTP requests containing many parameters, resulting in memory exhaustion that consumes all available memory or CPU resource pinning, which keeps the CPU constantly busy...

RHSA-2025:7539 Red Hat Security Advisory: ruby:2.5 security update

Bulletin has no description...

Moderate: Red Hat Security Advisory: ruby:2.5 security update

An update for the ruby:2.5 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

RHEL 8 : ruby:2.5 (RHSA-2025:7539)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:7539 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system...

Alibaba Cloud Linux 3 : 0044: ruby:2.7 (ALINUX3-SA-2021:0044)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2021:0044 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2020-25613: An issue was discovered in...

Alibaba Cloud Linux 3 : 0054: ruby:2.7 (ALINUX3-SA-2021:0054)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2021:0054 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2020-36327: Bundler 1.16.0 through 2.2...

ALSA-2025:7539 Moderate: ruby:2.5 security update

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fixes: oniguruma: integer overflow in searchinrange function in regexec.c leads to out-of-bounds read CVE-2019-19012 rubygem-bundler:...