CVE-2015-8314

CVE-2015-8314 affects the Devise gem for Ruby prior to 3.5.4, where the Remember Me cookie handling is flawed. This flaw may allow an attacker to obtain unauthorized persistent access to an application by leveraging the compromised cookie. The issue is reported across multiple sources (Red Hat, D...

Metasploit Wrap-Up 12/8/2023

Are You Looking for ACTION? Our very own adfoster-r7 has added a new feature that adds module actions, targets, and aliases to the search feature in Metasploit Framework. As we continue to add modules with diverse goals or targets, we’ve found ourselves leaning on these flags more and more...

Ruby: DoS in bigdecimal's sqrt function due to miscalculation of loop iterations

Vulnerability description not provided...

GHSA-GXHX-G4FQ-49HJ CarrierWave Content-Type allowlist bypass vulnerability, possibly leading to XSS

Impact CarrierWave::Uploader::ContentTypeAllowlist has a Content-Type allowlist bypass vulnerability, possibly leading to XSS. The validation in allowlistedcontenttype? determines Content-Type permissions by performing a partial match. If the contenttype argument of allowlistedcontenttype? is...

CVE-2023-49090

CarrierWave is a solution for file uploads for Rails, Sinatra and other Ruby web frameworks. CarrierWave has a Content-Type allowlist bypass vulnerability, possibly leading to XSS. The validation in allowlistedcontenttype? determines Content-Type permissions by performing a partial match. If the...

CVE-2023-49090

CarrierWave is a solution for file uploads for Rails, Sinatra and other Ruby web frameworks. CarrierWave has a Content-Type allowlist bypass vulnerability, possibly leading to XSS. The validation in allowlistedcontenttype? determines Content-Type permissions by performing a partial match. If the...

CVE-2023-49090 CarrierWave has a content-type allowlist bypass vulnerability, possibly leading to XSS

CarrierWave is a solution for file uploads for Rails, Sinatra and other Ruby web frameworks. CarrierWave has a Content-Type allowlist bypass vulnerability, possibly leading to XSS. The validation in allowlistedcontenttype? determines Content-Type permissions by performing a partial match. If the...

CVE-2023-49090

CarrierWave is a solution for file uploads for Rails, Sinatra and other Ruby web frameworks. CarrierWave has a Content-Type allowlist bypass vulnerability, possibly leading to XSS. The validation in allowlistedcontenttype? determines Content-Type permissions by performing a partial match. If the...

CVE-2023-49090

CarrierWave (Ruby/Rails file-upload library) contains a Content-Type allowlist bypass vulnerability (CVE-2023-49090). The issue arises because allowlisted_content_type? validates Content-Type via partial matching, enabling an attacker to craft content_type values that bypasses the allowlist, pote...

CVE-2023-49090 CarrierWave has a content-type allowlist bypass vulnerability, possibly leading to XSS

CarrierWave is a solution for file uploads for Rails, Sinatra and other Ruby web frameworks. CarrierWave has a Content-Type allowlist bypass vulnerability, possibly leading to XSS. The validation in allowlistedcontenttype? determines Content-Type permissions by performing a partial match. If the...

CVE-2023-49090 CarrierWave has a content-type allowlist bypass vulnerability, possibly leading to XSS

CarrierWave is a solution for file uploads for Rails, Sinatra and other Ruby web frameworks. CarrierWave has a Content-Type allowlist bypass vulnerability, possibly leading to XSS. The validation in allowlistedcontenttype? determines Content-Type permissions by performing a partial match. If the...

VulnCheck KEV: CVE-2021-33564

An argument injection vulnerability in the Dragonfly gem before 1.4.0 for Ruby allows remote attackers to read and write to arbitrary files via a crafted URL when the verifyurl option is disabled. This may lead to code execution. The problem occurs because the generate and process features...

Oracle Linux 8 : ruby:2.5 (ELSA-2023-7025)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-7025 advisory. - Fix HTTP response splitting in CGI. Resolves: CVE-2021-33621 - Fix Buffer overrun in String-to-Float conversion. Resolves: CVE-2022-28739 - Fix ReDoS...

ruby:2.5 security update

rubygem-abrt 0.3.0-4 - Execute test suite unconditionally. - Upload correct sources. 0.3.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora28MassRebuild 0.3.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora27MassRebuild 0.3.0-1 - Update to abrt 0.3.0. 0.2.0-2 - Rebuilt for...

Medium: ruby

Issue Overview: A flaw was found in ruby, where the date object was found to be vulnerable to a regular expression denial of service ReDoS during the parsing of dates. This flaw allows an attacker to hang a ruby application by providing a specially crafted date string. The highest threat to this...

Debian: Security Advisory (DLA-3652-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux 2 : ruby (ALAS-2023-2345)

The version of ruby installed on the remote host is prior to 2.0.0.648-36. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2345 advisory. A flaw was found in ruby, where the date object was found to be vulnerable to a regular expression denial of service ReDoS during...

ruby: ReDoS vulnerability in URI

A flaw was found in the rubygem URI. The URI parser mishandles invalid URLs that have specific characters, which causes an increase in execution time parsing strings to URI objects. This may result in a regular expression denial of service ReDoS...

ruby: Buffer overrun in String-to-Float conversion

A buffer overrun vulnerability was found in Ruby. The issue occurs in a conversion algorithm from a String to a Float that causes process termination due to a segmentation fault, but under limited circumstances. This flaw may cause an illegal memory read...

Moderate: Red Hat Security Advisory: ruby:2.5 security update

An update for the ruby:2.5 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...