MiracleLinux 4 : ruby-1.8.7.352-4.AXS4 (AXSA:2012-139:02)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2012-139:02 advisory. Ruby is the interpreted scripting language for quick and easy object-oriented programming. It has many features to process text files and to do system...

MiracleLinux 3 : ruby-1.8.5-5.7.1AXS3 (AXSA:2009-78:01)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2009-78:01 advisory. Ruby is the interpreted scripting language for quick and easy object-oriented programming. It has many features to process text files and to do system...

MiracleLinux 4 : ruby-1.8.7.299-7.1.0.1.AXS4 (AXSA:2011-614:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2011-614:01 advisory. Ruby is the interpreted scripting language for quick and easy object-oriented programming. It has many features to process text files and to do syste...

MiracleLinux 3 : ruby-1.8.5-19.1.0.1.AXS3 (AXSA:2011-226:01)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2011-226:01 advisory. Ruby is the interpreted scripting language for quick and easy object-oriented programming. It has many features to process text files and to do syste...

MiracleLinux 3 : ruby-1.8.5-5.6 (AXSA:2008-536:04)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2008-536:04 advisory. Ruby is the interpreted scripting language for quick and easy object-oriented programming. It has many features to process text files and to do system...

MiracleLinux 3 : ruby-1.8.5-5.1.1AXS3 (AXSA:2008-86:01)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2008-86:01 advisory. Ruby is an interpreted scripting language for quick and easy object-oriented programming. CVE 2008-2662: Multiple integer overflows in the...

CVE-2025-68271 Unauthenticated Remote Code Execution in openc3-api

OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. From 5.0.0 to 6.10.1, OpenC3 COSMOS contains a critical remote code execution vulnerability reachable through the JSON-RPC API. When a JSON-RPC request uses the string form of...

CLSA-2026-1768314331 ruby: Fix of CVE-2025-27221

CVE-2025-27221: fix credential leak by correctly truncating userinfo...

Astra Linux – Vulnerability in Ruby 3.1

A ReDoS issue was discovered in the Time component through 0.2.1 in Ruby, up to 3.2.1. The Time parser improperly handles invalid URLs that contain specific characters. This causes an increase in execution time when parsing strings into Time objects. The fixed versions are 0.1.1 and 0.2.2...

Astra Linux - уязвимость в ruby-webrick

Ruby WEBrick readheader HTTP Request Smuggling Vulnerability. This vulnerability allows remote attackers to smuggle arbitrary HTTP requests on affected installations of Ruby WEBrick. This issue is exploitable when the product is deployed behind an HTTP proxy that fulfills specific conditions. The...

Astra Linux - уязвимость в ruby-rack

Rack provides an interface for developing web applications in Ruby. Prior to versions 2.2.11, 3.0.12, and 3.1.10, Rack::CommonLogger can be exploited by crafting input that includes newline characters to manipulate log entries. The supplied proof-of-concept demonstrates injecting malicious conten...

Astra Linux – Vulnerability in Ruby 3.1

In the CGI gem before version 0.4.2 for Ruby, the CGI::Cookie.parse method in the CGI library contains a potential Denial of Service DoS vulnerability. This method does not impose any limit on the length of the raw cookie value it processes. This oversight can lead to excessive resource consumpti...

Astra Linux – Vulnerability in Rubygems

A ReDoS issue was discovered in the URI component through 0.12.0 in Ruby, up to 3.2.1. The URI parser improperly handles invalid URLs that contain specific characters. This leads to an increase in the execution time required to parse strings into URI objects. The fixed versions are 0.12.1, 0.11.1...

MiracleLinux 9 : ruby:3.3 (AXSA:2025-11557:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-11557:01 advisory. resolv: Denial of Service in resolv gem CVE-2025-24294 rexml: REXML denial of service CVE-2025-58767 When using the + operator to combine URIs,...

MiracleLinux 8 : ruby:2.5 (AXSA:2025-9949:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-9949:01 advisory. oniguruma: integer overflow in searchinrange function in regexec.c leads to out-of-bounds read CVE-2019-19012 rubygem-bundler: unexpected code...

MiracleLinux 8 : ruby:3.3 (AXSA:2025-11546:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-11546:01 advisory. resolv: Denial of Service in resolv gem CVE-2025-24294 rexml: REXML denial of service CVE-2025-58767 When using the + operator to combine URIs,...

MiracleLinux 8 : ruby:3.1 (AXSA:2025-9940:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-9940:01 advisory. rexml: DoS vulnerability in REXML CVE-2024-39908 rexml: rubygem-rexml: DoS when parsing an XML having many specific characters such as whitespace...

MiracleLinux 9 : ruby:3.1 (AXSA:2025-9941:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-9941:01 advisory. rexml: DoS vulnerability in REXML CVE-2024-39908 rexml: rubygem-rexml: DoS when parsing an XML having many specific characters such as whitespace...

MiracleLinux 7 : ruby-2.0.0.648-39.0.2.el7.AXS7 (AXSA:2025-9910:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-9910:01 advisory. CVE-2025-27219: fix a potential Denial of Service DoS vulnerability in cookie parsing CVE-2025-27220: fix ReDoS vulnerability exists in the...

MiracleLinux 7 : ruby-2.0.0.648-39.0.3.el7.AXS7 (AXSA:2025-10921:03)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10921:03 advisory. CVE-2017-9226: fix a heap out-of-bounds write or read occurs in nextstateval during regular expression compilation. CVE-2016-2338: fix heap overflo...