Oracle Linux 9 : ruby:3.3 (ELSA-2026-18030)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-18030 advisory. - Fix arbitrary code execution via deserialization bypass in ERB. CVE-2026-41316 Resolves: RHEL-171255 - Fix possible denial of service in resolv gem...

MiracleLinux 8 : ruby:2.5 (AXSA:2024-8560:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8560:01 advisory. rubygem-uri: ReDoS vulnerability - upstream's incomplete fix for CVE-2023-28755 CVE-2023-36617 ruby: Buffer overread vulnerability in StringIO...

MiracleLinux 8 : ruby:3.1 (AXSA:2024-8503:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8503:01 advisory. ruby: RCE vulnerability with .rdocoptions in RDoc CVE-2024-27281 ruby: Buffer overread vulnerability in StringIO CVE-2024-27280 ruby: Arbitrary memo...

MiracleLinux 9 : ruby:3.3 (AXSA:2024-8491:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8491:01 advisory. ruby: Buffer overread vulnerability in StringIO CVE-2024-27280 ruby: RCE vulnerability with .rdocoptions in RDoc CVE-2024-27281 ruby: Arbitrary memo...

MiracleLinux 8 : ruby:3.0 (AXSA:2024-8502:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8502:01 advisory. ruby/cgi-gem: HTTP response splitting in CGI CVE-2021-33621 ruby: ReDoS vulnerability in URI CVE-2023-28755 ruby: ReDoS vulnerability in Time...

TencentOS Server 3: ruby (TSSA-2024:0331)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0331 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

macOS 26.x < 26.0 Multiple Vulnerabilities (125110)

The remote host is running a version of macOS / Mac OS X that is 26.x prior to 26.0. It is, therefore, affected by multiple vulnerabilities: - There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could...

macOS 14.x < 14.8 Multiple Vulnerabilities (125112)

The remote host is running a version of macOS / Mac OS X that is 14.x prior to 14.8. It is, therefore, affected by multiple vulnerabilities: - This issue was addressed with additional entitlement checks. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. An app may be...

Linux Distros Unpatched Vulnerability : CVE-2024-27280

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A buffer-overread issue was discovered in StringIO 3.0.1, as distributed in Ruby 3.0.x through 3.0.6 and 3.1.x through 3.1.4. The ungetbyte and ungetc methods o...

OESA-2024-1433 ruby security update

Ruby is a fast and easy interpreted scripting language for object-oriented programming. It has many functions for processing text Files and perform system management tasks such as Perl. Security Fixes: A buffer overread flaw was found in rubygem StringIO. The ungetbyte and ungetc methods on a...