ruby4.0-rubygem-rubyzip-2.3.2-1.19 on GA media (moderate)

ruby4.0-rubygem-rubyzip-2.3.2-1.19 on GA media Announcement ID: openSUSE-SU-2026:10363-1 Rating: moderate Cross-References: CVE-2017-5946 CVE-2018-1000544 Affected Products: openSUSE Tumbleweed An update that solves 2 vulnerabilities can now be installed. Description: These are all security issue...

OPENSUSE-SU-2026:10363-1 ruby4.0-rubygem-rubyzip-2.3.2-1.19 on GA media

These are all security issues fixed in the ruby4.0-rubygem-rubyzip-2.3.2-1.19 package on the GA media of openSUSE Tumbleweed...

EUVD-2017-0236

Malware in sbrugna...

EUVD-2018-0470

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2019-16892

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Rubyzip before 1.3.0, a crafted ZIP file can bypass application checks on ZIP entry sizes because data about the uncompressed size can be spoofed. This allow...

Linux Distros Unpatched Vulnerability : CVE-2017-5946

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Zip::File component in the rubyzip gem before 1.2.1 for Ruby has a directory traversal vulnerability. If a site allows uploading of .zip files, an attacker...

Linux Distros Unpatched Vulnerability : CVE-2018-1000544

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rubyzip gem rubyzip version 1.2.1 and earlier contains a Directory Traversal vulnerability in Zip::File component that can result in write arbitrary files to th...

OPENSUSE-SU-2024:14176-1 ruby3.3-rubygem-rubyzip-2.3.2-1.15 on GA media

These are all security issues fixed in the ruby3.3-rubygem-rubyzip-2.3.2-1.15 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:11352-1 ruby2.7-rubygem-rubyzip-2.3.2-1.2 on GA media

These are all security issues fixed in the ruby2.7-rubygem-rubyzip-2.3.2-1.2 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:13168-1 ruby3.2-rubygem-rubyzip-2.3.2-1.11 on GA media

These are all security issues fixed in the ruby3.2-rubygem-rubyzip-2.3.2-1.11 package on the GA media of openSUSE Tumbleweed...

RHEL 7 : tfm-rubygem-rubyzip (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - rubyzip: arbitrary file write vulnerability / arbitrary code execution using a specially crafted zip file...

RHEL 7 : rubyzip (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - rubyzip: arbitrary file write vulnerability / arbitrary code execution using a specially crafted zip file...

RHEL 7 : CloudForms 4.6.5 (RHSA-2018:3466)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:3466 advisory. Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments...

SUSE CVE-2017-5946

The Zip::File component in the rubyzip gem before 1.2.1 for Ruby has a directory traversal vulnerability. If a site allows uploading of .zip files, an attacker can upload a malicious file that uses "../" pathname substrings to write arbitrary files to the filesystem...

SUSE CVE-2018-1000544

rubyzip gem rubyzip version 1.2.1 and earlier contains a Directory Traversal vulnerability in Zip::File component that can result in write arbitrary files to the filesystem. This attack appear to be exploitable via If a site allows uploading of .zip files , an attacker can upload a malicious file...

SUSE CVE-2019-16892

In Rubyzip before 1.3.0, a crafted ZIP file can bypass application checks on ZIP entry sizes because data about the uncompressed size can be spoofed. This allows attackers to cause a denial of service disk consumption...

OESA-2022-1542 rubygem-rubyzip security update

A ruby module for reading and writing zip files. Security Fixes: In Rubyzip before 1.3.0, a crafted ZIP file can bypass application checks on ZIP entry sizes because data about the uncompressed size can be spoofed. This allows attackers to cause a denial of service disk consumption.CVE-2019-16892...

Mageia: Security Advisory (MGASA-2017-0264)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Discourse < 2.4.0.beta5 Multiple Vulnerabilities

Discourse is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:discourse:discourse"; ifdescripti...

Fedora Update for rubygem-rubyzip FEDORA-2019-8ecd991303

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...