ROS-20260508-73-0003

Vulnerability in rubygem-activestorage related to insufficient neutralization of special elements in a request. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary code...

ROS-20260508-73-0005

Vulnerability in rubygem-activestorage related to incorrect path name restriction to a restricted directory. Exploitation of the vulnerability may allow a remote attacker to gain unauthorized access to protected information...

ROS-20260508-73-0004

Vulnerability in rubygem-activesupport related to failure to take measures to protect web page structure. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

ROS-20260508-73-0006

Vulnerability in rubygem-activestorage related to uncontrolled memory allocation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

Important: Red Hat Security Advisory: Satellite 6.16.8 Async Update

An update is now available for Red Hat Satellite 6.16 for RHEL 8 and RHEL 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

RHEL 9 : Satellite 6.17.8 Async Update (Important) (RHSA-2026:14873)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:14873 advisory. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity t...

Photon OS 4.0: Rubygem PHSA-2026-4.0-1005

An update of the rubygem package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-4.0-1005. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

ROS-20260506-73-0040

Vulnerability in rubygem-actionview due to failure to take measures to protect web page structure. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

Photon OS 5.0: Rubygem PHSA-2026-5.0-0835

An update of the rubygem package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0835. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

ROS-20260506-73-0041

Vulnerability in rubygem-activesupport related to uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

RHCOS 6 : rubygem (RHSA-2013:0728)

The remote Red Hat Enterprise Linux CoreOS 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2013:0728 advisory. - rubygem-rdoc: Cross-site scripting in the documentation created by Darkfish Rdoc HTML generator / template CVE-2013-0256 Note that Nessus h...

RHCOS 6 : ruby193-ruby, rubygem-json and rubygem-rdoc (RHSA-2013:0701)

The remote Red Hat Enterprise Linux CoreOS 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2013:0701 advisory. - rubygem-rdoc: Cross-site scripting in the documentation created by Darkfish Rdoc HTML generator / template CVE-2013-0256 -...

RHCOS 2 : rubygem-openshift-origin-console (RHSA-2015:1808)

The remote Red Hat Enterprise Linux CoreOS 2 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2015:1808 advisory. - 2.2: API command injection vulnerability CVE-2015-5274 Note that Nessus has not tested for this issue but has instead relied only on the...

RHCOS 2 : rubygem-openshift-origin-node (RHSA-2014:0530)

The remote Red Hat Enterprise Linux CoreOS 2 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2014:0530 advisory. - OpenShift: downloadable cartridge source url file command execution as root CVE-2014-0233 Note that Nessus has not tested for this issue bu...

RHCOS 6 : ruby193-rubygem-activerecord (RHSA-2013:0699)

The remote Red Hat Enterprise Linux CoreOS 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2013:0699 advisory. - rubygem-activerecord: attributedos Symbol DoS vulnerability CVE-2013-1854 Note that Nessus has not tested for this issue but has instead...

RHCOS 1 : rubygem-passenger (RHSA-2013:1136)

The remote Red Hat Enterprise Linux CoreOS 1 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2013:1136 advisory. - rubygem-passenger: incorrect temporary file usage CVE-2013-2119 - rubygem-passenger: insecure temporary directory usage due to reu...

RHCOS 2 : rubygem-openshift-origin-node (RHSA-2014:0763)

The remote Red Hat Enterprise Linux CoreOS 2 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2014:0763 advisory. - Origin: Command execution as root via downloadable cartridge source-url CVE-2014-3496 Note that Nessus has not tested for this issue but ha...

RHCOS 2 : rubygem-openshift-origin-node (RHSA-2014:0529)

The remote Red Hat Enterprise Linux CoreOS 2 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2014:0529 advisory. - OpenShift: downloadable cartridge source url file command execution as root CVE-2014-0233 Note that Nessus has not tested for this issue bu...

RHCOS 6 : rubygem-activesupport (RHSA-2013:0202)

The remote Red Hat Enterprise Linux CoreOS 6 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2013:0202 advisory. - rubygem-activesupport: json to yaml parsing CVE-2013-0333 Note that Nessus has not tested for this issue but has instead relied only on the...

RHCOS 6 : rubygem-actionpack and ruby193-rubygem-actionpack (RHSA-2013:0698)

The remote Red Hat Enterprise Linux CoreOS 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2013:0698 advisory. - rubygem-actionpack: csssanitization: XSS vulnerability in sanitizecss CVE-2013-1855 - rubygem-actionpack: sanitizeprotocol: XSS...