Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2024-2821)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2024-2838)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2024-2895)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

DLA-3949-1 ruby-saml - security update

Bulletin has no description...

Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2024-2914)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2024-0348)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

ruby3.3-rubygem-rails-7.0-7.0.8.6-1.1 on GA media (moderate)

ruby3.3-rubygem-rails-7.0-7.0.8.6-1.1 on GA media Announcement ID: openSUSE-SU-2024:14479-1 Rating: moderate Cross-References: CVE-2024-41128 CVE-2024-47887 CVE-2024-47888 CVE-2024-47889 CVSS scores: CVE-2024-41128 SUSE : 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2024-47887 SUSE : 5.9...

MGASA-2024-0348 Updated ruby-webrick packages fix security vulnerability

An issue was discovered in the WEBrick toolkit through 1.8.1 for Ruby. It allows HTTP request smuggling by providing both a Content-Length header and a Transfer-Encoding header, e.g., "GET /admin HTTP/1.1\r\n" inside of a "POST /user HTTP/1.1\r\n" request. CVE-2024-47220...

OESA-2024-2341 ruby security update

Ruby is a fast and easy interpreted scripting language for object-oriented programming. It has many functions for processing text Files and perform system management tasks such as Perl. Security Fixes: CVE-2024-49761...

ruby3.3-rubygem-actionmailer-7.0-7.0.8.6-1.1 on GA media (moderate)

ruby3.3-rubygem-actionmailer-7.0-7.0.8.6-1.1 on GA media Announcement ID: openSUSE-SU-2024:14471-1 Rating: moderate Cross-References: CVE-2024-47889 CVSS scores: CVE-2024-47889 SUSE : 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: openSUSE Tumbleweed An update that solves one...

ruby3.3-rubygem-puma-6.4.3-1.1 on GA media (moderate)

ruby3.3-rubygem-puma-6.4.3-1.1 on GA media Announcement ID: openSUSE-SU-2024:14474-1 Rating: moderate Cross-References: CVE-2024-45614 CVSS scores: CVE-2024-45614 SUSE : 5.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N CVE-2024-45614 SUSE : 6.3...

RHEL 9 : ruby:3.3 (RHSA-2024:6785)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:6785 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system...

EulerOS 2.0 SP9 : ruby (EulerOS-SA-2024-2838)

According to the versions of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : REXML is an XML toolkit for Ruby. The REXML gem before 3.2.6 has a denial of service vulnerability when it parses an XML that has many s in an...

EulerOS 2.0 SP10 : ruby (EulerOS-SA-2024-2895)

According to the versions of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : REXML is an XML toolkit for Ruby.The REXML gem 3.3.2 has a DoS vulnerability when it parses an XML that has many entity expansions with SAX2 or pull...

Security update for ruby2.1

This update for ruby2.1 fixes the following issues: CVE-2024-47220: Fixed HTTP request smuggling in WEBrick bsc1230930 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command list...

OPENSUSE-SU-2024:14473-1 ruby3.3-rubygem-actiontext-7.0-7.0.8.6-1.1 on GA media

These are all security issues fixed in the ruby3.3-rubygem-actiontext-7.0-7.0.8.6-1.1 package on the GA media of openSUSE Tumbleweed...

RHEL 8 : CloudForms 5.0.1 (RHSA-2019:4201)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:4201 advisory. Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments...

RHEL 8 : ruby:3.3 (RHSA-2024:6784)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:6784 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system...

RHEL 7 : CloudForms 4.7.7 (RHSA-2019:1833)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:1833 advisory. Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments...

USN-7091-1: Ruby vulnerabilities

It was discovered that Ruby incorrectly handled parsing of an XML document that has specific XML characters in an attribute value using REXML gem. An attacker could use this issue to cause Ruby to crash, resulting in a denial of service. This issue only affected in Ubuntu 22.04 LTS and Ubuntu 24....