4 matches found
ruby security update
ruby 2.5.9-112 - Fix ReDoS vulnerability - upstream's incomplete fix for CVE-2023-28755. CVE-2023-36617 Resolves: RHEL-5614 - Fix Buffer overread vulnerability in StringIO. CVE-2024-27280 Resolves: RHEL-34125 - Fix RCE vulnerability with .rdocoptions in RDoc. CVE-2024-27281 Resolves: RHEL-34117 -...
2.5 bug fix update
An update is available for rubygem-bson, rubygem-mysql2, rubygem-bundler, ruby, rubygem-mongo, rubygem-pg, rubygem-abrt. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...
FreeBSD : rubygem-bson -- DoS and possible injection (f5225b23-192d-11e5-a1cf-002590263bf5)
Phill MV reports : By submitting a specially crafted string to a service relying on the bson rubygem, an attacker may trigger denials of service or even inject data into victim's MongoDB instances. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in thi...
rubygem-bson -- DoS and possible injection
Phill MV reports: By submitting a specially crafted string to a service relying on the bson rubygem, an attacker may trigger denials of service or even inject data into victim's MongoDB instances...