OPENSUSE-SU-2024:14178-1 ruby3.3-rubygem-tzinfo-1.2-1.2.11-1.5 on GA media

These are all security issues fixed in the ruby3.3-rubygem-tzinfo-1.2-1.2.11-1.5 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:13171-1 ruby3.2-rubygem-tzinfo-1.2-1.2.10-1.4 on GA media

These are all security issues fixed in the ruby3.2-rubygem-tzinfo-1.2-1.2.10-1.4 package on the GA media of openSUSE Tumbleweed...

RHEL 7 : Red Hat Gluster Storage web-admin-build (RHSA-2023:1486)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:1486 advisory. Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Django is a high-level Python...

rubygem-tzinfo: arbitrary code execution

A flaw was found in rubygem-tzinfo. When using the Timezone.get function, it fails to validate time zone identifiers correctly, allowing a new line character input within the identifier. This flaw allows an attacker to use the new line character and write any code, which will be executed within t...

SUSE-SU-2022:2765-1 Security update for rubygem-tzinfo

This update for rubygem-tzinfo fixes the following issues: - CVE-2022-31163: Fixed relative path traversal vulnerability that allows TZInfo::Timezone.get to load arbitrary files bsc1201835...

openSUSE: Security Advisory for rubygem-tzinfo (SUSE-SU-2022:2592-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

SUSE SLES15 Security Update : rubygem-tzinfo (SUSE-SU-2022:2592-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2022:2592-1 advisory. - TZInfo is a Ruby library that provides access to time zone data and allows times to be converted using time zone rules. Versions prior to...

SUSE-SU-2022:2592-1 Security update for rubygem-tzinfo

This update for rubygem-tzinfo fixes the following issues: - CVE-2022-31163: Fixed relative path traversal vulnerability that allows TZInfo::Timezone.get to load arbitrary files bsc1201835...

CVE-2022-31163

A flaw was found in rubygem-tzinfo. When using the Timezone.get function, it fails to validate time zone identifiers correctly, allowing a new line character input within the identifier. This flaw allows an attacker to use the new line character and write any code, which will be executed within t...