4940 matches found
CVE-2024-41123 vulnerabilities
Vulnerabilities for packages: ruby, jruby, kube-fluentd-operator...
CVE-2024-41946
REXML is an XML toolkit for Ruby. The REXML gem 3.3.2 has a DoS vulnerability when it parses an XML that has many entity expansions with SAX2 or pull parser API. The REXML gem 3.3.3 or later include the patch to fix the vulnerability...
CVE-2024-41946 REXML DoS vulnerability
REXML is an XML toolkit for Ruby. The REXML gem 3.3.2 has a DoS vulnerability when it parses an XML that has many entity expansions with SAX2 or pull parser API. The REXML gem 3.3.3 or later include the patch to fix the vulnerability...
CVE-2024-41123 REXML DoS vulnerability
REXML is an XML toolkit for Ruby. The REXML gem before 3.3.2 has some DoS vulnerabilities when it parses an XML that has many specific characters such as whitespace character, and . The REXML gem 3.3.3 or later include the patches to fix these vulnerabilities...
CVE-2024-41123
REXML (Ruby) DoS vulnerability CVE-2024-41123 affects the REXML gem in versions prior to 3.3.2, triggered when parsing XML containing specific characters (whitespace, >], ]>). The advisory notes that REXML 3.3.3 and later include patches to fix this issue. Several connected sources corrobor...
CVE-2024-41123 REXML DoS vulnerability
REXML is an XML toolkit for Ruby. The REXML gem before 3.3.2 has some DoS vulnerabilities when it parses an XML that has many specific characters such as whitespace character, and . The REXML gem 3.3.3 or later include the patches to fix these vulnerabilities...
Security Bulletin: A vulnerability in XML toolkit for Ruby affects IBM License Metric Tool (CVE-2024-35176).
Summary There is a vulnerability in the XML toolkit for Ruby component used by IBM License Metric Tool. Vulnerability Details CVEID:CVE-2024-35176 DESCRIPTION: Ruby REXML is vulnerable to a denial of service, caused by improper input validation. By parsing a specially crafted XML content contains...
USN-6853-1: Ruby vulnerability | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 22.04 Description It was discovered that Ruby incorrectly handled the ungetbyte and ungetc methods. A remote attacker could use this issue to cause Ruby to crash, resulting in a denial of service, or possibly obtain...
USN-6838-1: Ruby vulnerabilities | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 22.04 Description It was discovered that Ruby RDoc incorrectly parsed certain YAML files. If a user or automated system were tricked into parsing a specially crafted .rdocoptions file, a remote attacker could possibly use...
Fedora 40 : ruby (2024-93575091aa)
The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-93575091aa advisory. Upgrade to Ruby 3.3.4. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...
Photon OS 3.0: Ruby PHSA-2024-3.0-0732
An update of the ruby package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-3.0-0732. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
Photon OS 5.0: Ruby PHSA-2024-5.0-0236
An update of the ruby package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-5.0-0236. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
Photon OS 5.0: Ruby PHSA-2024-5.0-0221
An update of the ruby package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-5.0-0221. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
Photon OS 5.0: Ruby PHSA-2024-5.0-0259
An update of the ruby package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-5.0-0259. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
Photon OS 4.0: Ruby PHSA-2024-4.0-0562
An update of the ruby package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-4.0-0562. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
Photon OS 4.0: Ruby PHSA-2021-4.0-0008
An update of the ruby package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2021-4.0-0008. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
Photon OS 5.0: Ruby PHSA-2024-5.0-0247
An update of the ruby package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-5.0-0247. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
Photon OS 3.0: Ruby PHSA-2022-3.0-0447
An update of the ruby package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2022-3.0-0447. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
Photon OS 4.0: Ruby PHSA-2024-4.0-0600
An update of the ruby package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-4.0-0600. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
Photon OS 4.0: Ruby PHSA-2022-4.0-0199
An update of the ruby package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2022-4.0-0199. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...