RubyGem Rack 安全漏洞

RubyGem Rack is a modular interface between a web server and a web application developed using the Ruby programming language. A security vulnerability exists in RubyGem Rack that stems from the presence of a code execution issue...

Fedora: Security Advisory for rubygem-jmespath (FEDORA-2022-779e050244)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for rubygem-mechanize (FEDORA-2022-6b1b324753)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for rubygem-jmespath (FEDORA-2022-13d49faee0)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for rubygem-mechanize (FEDORA-2022-fda14723ec)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 35 Update: rubygem-jmespath-1.6.1-1.fc35

Implements JMESPath for Ruby...

SUSE SLES15 Security Update : rubygem-actionpack-5_1, rubygem-activesupport-5_1 (SUSE-SU-2022:2108-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2108-1 advisory. - The actionpack ruby gem before 6.1.3.2, 6.0.3.7, 5.2.4.6, 5.2.6 suffers from a possible denial of service vulnerability in the...

openSUSE: Security Advisory for rubygem-actionpack-5_1, (SUSE-SU-2022:2108-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

SUSE-SU-2022:2046-1 Security update for rubygem-sinatra

This update for rubygem-sinatra fixes the following issues: - CVE-2022-29970: Fixed possible path traversal outside of publicdir when serving static files bsc1199138...

Amazon Linux AMI : rubygem-nokogiri, rubygem18-nokogiri (ALAS-2022-1595)

The version of rubygem18-nokogiri installed on the remote host is prior to 1.5.11-1.16. It is, therefore, affected by a vulnerability as referenced in the ALAS-2022-1595 advisory. Nokogiri is an open source XML and HTML library for Ruby. Nokogiri = 1.13.4. There are no known workarounds for this...

Mechanize before v2.8.5 vulnerable to authorization header leak on port redirect

Summary Mechanize rubygem Cookies do not provide isolation by port. If a cookie is readable by a service running on one port, the cookie is also readable by a service running on another port of the same server. If a cookie is writable by a service on one port, the cookie is also writable by a...

CVE-2022-31033 Authorization header leak in rubygem Mechanize

The Mechanize library is used for automating interaction with websites. Mechanize automatically stores and sends cookies, follows redirects, and can follow links and submit forms. In versions prior to 2.8.5 the Authorization header is leaked after a redirect to a different port on the same site...

Important Photon OS Security Update - PHSA-2022-0399

Updates of 'mariadb', 'libxml2', 'rubygem-yajl-ruby', 'linux', 'linux-aws', 'linux-secure', 'linux-esx', 'linux-rt' packages of Photon OS have been released...

Important Photon OS Security Update - PHSA-2022-3.0-0399

Updates of 'linux-aws', 'mariadb', 'rubygem-yajl-ruby', 'linux-esx', 'linux', 'linux-secure', 'linux-rt', 'libxml2' packages of Photon OS have been released...

SUSE-SU-2022:1918-1 Security update for rubygem-yajl-ruby

This update for rubygem-yajl-ruby fixes the following issue: -CVE-2022-24795: Fixed a heap-based buffer overflow when handling large inputs due to an integer overflow bsc1198405...

Fedora: Security Advisory for rubygem-git (FEDORA-2022-353e1cf8b6)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for rubygem-git (FEDORA-2022-f09e0d8b0e)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

CVE-2020-7021 affecting package rubygem-elasticsearch 7.6.0-1

CVE-2020-7021 affecting package rubygem-elasticsearch 7.6.0-1. An upgraded version of the package is available that resolves this issue...

CVE-2020-7014 affecting package rubygem-elasticsearch 7.6.0-1

CVE-2020-7014 affecting package rubygem-elasticsearch 7.6.0-1. An upgraded version of the package is available that resolves this issue...

CVE-2021-22134 affecting package rubygem-elasticsearch 7.6.0-1

CVE-2021-22134 affecting package rubygem-elasticsearch 7.6.0-1. An upgraded version of the package is available that resolves this issue...