Unity Linux 20.1070e Security Update: rubygem-webrick (UTSA-2025-673493)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-673493 advisory. An issue was discovered in the WEBrick toolkit through 1.8.1 for Ruby. It allows HTTP request smuggling by providing both a Content-Length header and a...

pcs security update

An update is available for pcs. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The pcs packages provide a command-line configuration system for the Pacemaker an...

RockyLinux 9 : pcs (RLSA-2025:8256)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:8256 advisory. rubygem-rack: Unbounded-Parameter DoS in Rack::QueryParser CVE-2025-46727 Tenable has extracted the preceding description block directly from the RockyLinux...

EUVD-2022-3027

Malicious code in bioql PyPI...

EUVD-2022-2947

Malicious code in bioql PyPI...

EUVD-2022-2099

Malicious code in bioql PyPI...

CVE-2025-54314 affecting package rubygem-thor for versions less than 1.2.1-3

CVE-2025-54314 affecting package rubygem-thor for versions less than 1.2.1-3. A patched version of the package is available...

Photon OS 4.0: Rubygem PHSA-2025-4.0-0867

An update of the rubygem package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-4.0-0867. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Important Photon OS Security Update - PHSA-2025-5.0-0615

Updates of 'rubygem-webrick' packages of Photon OS have been released...

Moderate Photon OS Security Update - PHSA-2025-4.0-0867

Updates of 'rubygem-webrick' packages of Photon OS have been released...

Linux Distros Unpatched Vulnerability : CVE-2020-5216

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Secure Headers RubyGem secureheaders, a directive injection vulnerability is present in versions before 3.9.0, 5.2.0, and 6.3.0. If user-supplied input was...

Linux Distros Unpatched Vulnerability : CVE-2021-21305

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - CarrierWave is an open-source RubyGem which provides a simple and flexible way to upload files from Ruby applications. In CarrierWave before versions 1.3.2 and...

RockyLinux 8 : pcs (RLSA-2025:8254)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:8254 advisory. rubygem-rack: Unbounded-Parameter DoS in Rack::QueryParser CVE-2025-46727 tornado: Tornado Multipart Form-Data Denial of Service CVE-2025-47287 Tenable h...

RLSA-2025:8254 Important: pcs security update

The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fixes: rubygem-rack: Unbounded-Parameter DoS in Rack::QueryParser CVE-2025-46727 tornado: Tornado Multipart Form-Data Denial of Service CVE-2025-47287 For more details about the securit...

pcs security update

An update is available for pcs. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The pcs packages provide a command-line configuration system for the Pacemaker an...

AZL-65631 CVE-2025-54314 affecting package rubygem-thor for versions less than 1.2.1-3

Thor before 1.4.0 can construct an unsafe shell command from library input. NOTE: this is disputed by the Supplier because "the method that was fixed can only be used with arguments that are controlled by Thor, and there is no way an attacker can take control of those arguments."...

AZL-65613 CVE-2025-54314 affecting package rubygem-thor 1.2.1-1

Thor before 1.4.0 can construct an unsafe shell command from library input. NOTE: this is disputed by the Supplier because "the method that was fixed can only be used with arguments that are controlled by Thor, and there is no way an attacker can take control of those arguments."...

Fedora 43 : rubygem-actioncable / rubygem-actionmailbox / rubygem-actionmailer / etc (2025-203b7db566)

The remote Fedora 43 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2025-203b7db566 advisory. https://fedoraproject.org/wiki/Changes/RubyonRails8.0 Tenable has extracted the preceding description block directly from the Fedora security...

pcs security update

0.10.18-2.0.1.6 - Replace HAM-logo.png with a generic one 0.10.18-2.el810.6 - Fixed CVE-2024-49761 by updating rubygem rexml Resolves: RHEL-98708...

CBL Mariner 2.0 Security Update: ruby / rubygem-rexml (CVE-2024-43398)

The version of ruby / rubygem-rexml installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-43398 advisory. - REXML is an XML toolkit for Ruby. The REXML gem before 3.3.6 has a DoS vulnerability when it...