openSUSE: Security Advisory for rubygem (SUSE-SU-2023:0127-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE: Security Advisory for rubygem (SUSE-SU-2023:0275-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE: Security Advisory for rubygem (openSUSE-SU-2023:0350)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE: Security Advisory for rubygem (SUSE-SU-2023:3714-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE: Security Advisory for rubygem (SUSE-SU-2023:0276-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE: Security Advisory for rubygem (SUSE-SU-2023:3229-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-26142

A flaw was found in actionpack rubygem during the parsing of the Accept header. This issue ma allow a malicious actor to craft a header which will lead the action dispatch component to take an unexpected amount of time, leading to a Denial of Service, impacting the application's availability...

CVE-2024-26146

A denial of service DoS vulnerability was found in rubygem-rack in how it parses Rack Header. Carefully crafted headers can cause header parsing in Rack to take longer than expected, resulting in a possible denial of service issue. Accept and Forwarded headers are impacted. Mitigation No mitigati...

CVE-2024-25126

A denial of service DoS vulnerability was found in rubygem-rack in how it parses Content-Type. Carefully crafted content type headers can cause Rack’s media type parser to take much longer than expected, leading to a possible denial of service vulnerability. Mitigation No mitigation is currently...

Important: Red Hat Security Advisory: Satellite 6.14.2 Async Security Update

Updated Satellite 6.14 packages that fixes Important security bugs and several regular bugs are now available for Red Hat Satellite. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to provide public Internet...

Fedora: Security Advisory (FEDORA-2024-2648dd2e0e)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for rubygem-httparty (FEDORA-2024-a5aad4eede)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2024:0103-1 Security update for rubygem-actionpack-5_1

This update for rubygem-actionpack-51 fixes the following issues: - CVE-2020-8166: Fixed ability to forge per-form CSRF tokens given a global CSRF bsc1172182...

SUSE SLES15 / openSUSE 15 Security Update : rubygem-actionpack-5_1 (SUSE-SU-2024:0103-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:0103-1 advisory. - A CSRF forgery vulnerability exists in rails 5.2.5, rails 6.0.4 that makes it possible for an attacker to, given a global CSRF token suc...

[SECURITY] Fedora 39 Update: rubygem-httparty-0.18.1-9.fc39

Makes http fun! Also, makes consuming restful web services dead easy...

[SECURITY] Fedora 38 Update: rubygem-httparty-0.18.1-9.fc38

Makes http fun! Also, makes consuming restful web services dead easy...

Fedora 39 : rubygem-httparty (2024-2648dd2e0e)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-2648dd2e0e advisory. Fix CVE-2024-22049 httparty: multipart/form-data request vulnerable to tampering Tenable has extracted the preceding description block directly from...

Fedora 38 : rubygem-httparty (2024-a5aad4eede)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-a5aad4eede advisory. Fix CVE-2024-22049 httparty: multipart/form-data request vulnerable to tampering Tenable has extracted the preceding description block directly from...

CVE-2024-21647

A flaw was found in Puma rubygem. Versions prior 6.4.2 are susceptible to a HTTP smuggling attack when parsing chunked transfer encoding bodies on HTTP messages, which don't limit the size of the message chunk extensions. This issue may lead to uncontrolled resource consumption, possibly resultin...

DoS (Denial of Service) net.sourceforge.nekohtml:nekohtml Vulnerability in Jira Service Management Data Center and Server

This High severity Third-Party Dependency vulnerability was introduced in versions 4.20.0, 5.4.0, 5.5.0, 5.6.0, 5.7.0, 5.8.0, 5.9.0, 5.10.0, and 5.11.0 of Jira Service Management Data Center and Server. This Third-Party Dependency vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...