Medium: ruby

Issue Overview: An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. A malicious FTP server can use the PASV response to trick Net::FTP into connecting back to a given IP address and port. This potentially makes curl extract information about services that ar...

Debian: Security Advisory (DLA-3800-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Moderate Photon OS Security Update - PHSA-2024-3.0-0754

Updates of 'python3-pycryptodomex', 'ruby' packages of Photon OS have been released...

phlex 安全漏洞

phlex is a framework for building object-oriented views in Ruby. A security vulnerability exists in Phlex versions prior to 1.10.2, which stems from maliciously generated HTML attribute names and values in Phlex that could lead to cross-site scripting...

Medium: ruby

Issue Overview: An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. A malicious FTP server can use the PASV response to trick Net::FTP into connecting back to a given IP address and port. This potentially makes curl extract information about services that ar...

Amazon Linux 2 : ruby (ALAS-2024-2534)

The version of ruby installed on the remote host is prior to 2.0.0.648-36. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2534 advisory. An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. A malicious FTP server can use the PAS...

[SECURITY] [DLA 3800-1] ruby-rack security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3800-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk April 29, 2024 https://wiki.debian.org/LTS -...

Fedora 40 : rubygem-rails-html-sanitizer (2023-91e69ea326)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-91e69ea326 advisory. Automatic update for rubygem-rails-html-sanitizer-1.6.0-1.fc40. Changelog Thu Nov 23 2023 Vt Ondruch - 1.6.0-1 - Update to rails-html-sanitizer 1.6....

Fedora 40 : rubygem-actioncable / rubygem-actionmailbox / rubygem-actionmailer / etc (2023-28962dd58a)

The remote Fedora 40 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2023-28962dd58a advisory. Ruby on Rails security upgrade: https://rubyonrails.org/2023/8/22/Rails-Versions-7-0-7-2-6-1-7-6-have- been-released - incorrect file permissions on encrypte...

Moderate Photon OS Security Update - PHSA-2024-5.0-0259

Updates of 'ruby' packages of Photon OS have been released...

Moderate Photon OS Security Update - PHSA-2024-4.0-0600

Updates of 'ruby' packages of Photon OS have been released...

DLA-3800-1 ruby-rack - security update

Bulletin has no description...

Debian dla-3800 : ruby-rack - security update

The remote Debian 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-3800 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3800-1 [email protected]...

RHEL 6 / 7 : rh-ruby24-ruby (RHSA-2019:1150)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:1150 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system...

RHEL 6 / 7 : rh-ruby23-ruby (RHSA-2019:1151)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:1151 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management...

RHEL 8 : Satellite 6.13.5 Async Security Update (Important) (RHSA-2023:5931)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:5931 advisory. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to...

RHEL 8 : Satellite 6.12.5.2 Async Security Update (Important) (RHSA-2023:5979)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:5979 advisory. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to...

RHEL 7 / 8 : Satellite 6.11.5.6 async (RHSA-2023:5980)

The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:5980 advisory. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessit...

RHEL 6 / 7 : rh-ruby22-ruby (RHSA-2018:0583)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:0583 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system...

RHEL 7 : rh-ruby25-ruby (RHSA-2019:1148)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:1148 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system...