2168 matches found
rubygem-cgi -- cookie prefix spoofing in CGI::Cookie.parse
oooooooq reports: The old versions of CGI::Cookie.parse applied URL decoding to cookie names. An attacker could exploit this vulnerability to spoof security prefixes in cookie names, which may be able to trick a vulnerable application. By this fix, CGI::Cookie.parse no longer decodes cookie names...
SUSE-SU-2021:3729-1 Security update for ardana-ansible, ardana-monasca, crowbar-openstack, influxdb, kibana, openstack-cinder, openstack-ec2-api, openstack-heat-gbp, openstack-heat-templates, openstack-horizon-plugin-gbp-ui, openstack-keystone, openstack-neutron-gbp, openstack-nova, python-eventlet, rubygem-redcarpet, rubygem-puma
This update for ardana-ansible, ardana-monasca, crowbar-openstack, influxdb, kibana, openstack-cinder, openstack-ec2-api, openstack-heat-gbp, openstack-heat-templates, openstack-horizon-plugin-gbp-ui, openstack-keystone, openstack-neutron-gbp, openstack-nova, python-eventlet, rubygem-redcarpet,...
SUSE-SU-2021:3728-1 Security update for ardana-ansible, ardana-monasca, documentation-suse-openstack-cloud, openstack-ec2-api, openstack-heat-templates, python-Django, python-monasca-common, rubygem-redcarpet, rubygem-puma
This update for ardana-ansible, ardana-monasca, documentation-suse-openstack-cloud, openstack-ec2-api, openstack-heat-templates, python-Django, python-monasca-common, rubygem-redcarpet, rubygem-puma contains the following fixes: Security fixes included in this update: rubygem-redcarpet:...
rubygem-date -- Regular Expression Denial of Service Vunlerability of Date Parsing Methods
Stanislav Valkanov reports: Date's parsing methods including Date.parse are using Regexps internally, some of which are vulnerable against regular expression denial of service. Applications and libraries that apply such methods to untrusted input may be affected...
Photon OS 2.0: Rubygem PHSA-2021-2.0-0413
An update of the rubygem package has been released. - A command injection vulnerability in Nokogiri v1.10.3 and earlier allows commands to be executed in a subprocess via Ruby's Kernel.open method. Processes are vulnerable only if the undocumented method Nokogiri::CSS::Tokenizerloadfile is being...
Fedora: Security Advisory for rubygem-rmagick (FEDORA-2021-df1fa3d3e0)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for rubygem-activerecord-5_1 (openSUSE-SU-2021:1468-1)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
OPENSUSE-SU-2021:1468-1 Security update for rubygem-activerecord-5_1
This update for rubygem-activerecord-51 fixes the following issues: - CVE-2021-22880: Fixed possible DoS vector in PostgreSQL money type bsc1182169. This update was imported from the SUSE:SLE-15:Update update project...
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2021-2.0-0413
An update of 'rubygem-nokogiri' packages of Photon OS has been released...
Security update for rubygem-activerecord-5_1 (moderate)
openSUSE Security Update: Security update for rubygem-activerecord-51 Announcement ID: openSUSE-SU-2021:1468-1 Rating: moderate References: 1182169 Cross-References: CVE-2021-22880 CVSS scores: CVE-2021-22880 NVD : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2021-22880 SUSE: 5.3...
openSUSE: Security Advisory for rubygem-activerecord-5_1 (openSUSE-SU-2021:3634-1)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
SUSE SLES15 Security Update : rubygem-activerecord-5_1 (SUSE-SU-2021:3634-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2021:3634-1 advisory. - The PostgreSQL adapter in Active Record before 6.1.2.1, 6.0.3.5, 5.2.4.5 suffers from a regular expression denial of service REDoS vulnerability...
openSUSE 15 Security Update : rubygem-activerecord-5_1 (openSUSE-SU-2021:3634-1)
The remote SUSE Linux SUSE15 host has a package installed that is affected by a vulnerability as referenced in the openSUSE-SU-2021:3634-1 advisory. - The PostgreSQL adapter in Active Record before 6.1.2.1, 6.0.3.5, 5.2.4.5 suffers from a regular expression denial of service REDoS vulnerability...
OPENSUSE-SU-2021:3634-1 Security update for rubygem-activerecord-5_1
This update for rubygem-activerecord-51 fixes the following issues: - CVE-2021-22880: Fixed possible DoS vector in PostgreSQL money type bsc1182169...
SUSE-SU-2021:3634-1 Security update for rubygem-activerecord-5_1
This update for rubygem-activerecord-51 fixes the following issues: - CVE-2021-22880: Fixed possible DoS vector in PostgreSQL money type bsc1182169...
Security update for rubygem-activerecord-5_1 (moderate)
openSUSE Security Update: Security update for rubygem-activerecord-51 Announcement ID: openSUSE-SU-2021:3634-1 Rating: moderate References: 1182169 Cross-References: CVE-2021-22880 CVSS scores: CVE-2021-22880 NVD : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2021-22880 SUSE: 5.3...
RHEL 7 : rh-ruby30-ruby (RHSA-2021:3982)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:3982 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system...
Important Photon OS Security Update - PHSA-2021-4.0-0115
Updates of 'rubygem-nokogiri', 'password-store' packages of Photon OS have been released...
Important Photon OS Security Update - PHSA-2021-0115
Updates of 'password-store', 'rubygem-nokogiri' packages of Photon OS have been released...
SUSE-SU-2021:3267-1 Security update for rubygem-activerecord-4_2
This update for rubygem-activerecord-42 fixes the following issues: - CVE-2021-22880: Fixed possible DoS vector in PostgreSQL money type bsc1182169...