Lucene search
+L

55 matches found

redhatcve
redhatcve
added 2026/05/19 5:32 p.m.10 views

CVE-2026-8388

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the JavaScript Engine: JIT component...

7.5CVSS5.7AI score0.00244EPSS
Exploits0References5
euvd
euvd
added 2025/10/07 12:30 a.m.7 views

EUVD-2017-16183

Malware in sbrugna...

5.3CVSS7.4AI score0.00779EPSS
Exploits0References3
nessus
nessus
added 2025/03/05 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2023-28756

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A ReDoS issue was discovered in the Time component through 0.2.1 in Ruby through 3.2.1. The Time parser mishandles invalid URLs that have specific characters. I...

5.3CVSS7.2AI score0.02452EPSS
Exploits0References4
osv
osv
added 2025/01/27 7:20 a.m.13 views

BIT-RUBY-MIN-2023-28756

A ReDoS issue was discovered in the Time component through 0.2.1 in Ruby through 3.2.1. The Time parser mishandles invalid URLs that have specific characters. It causes an increase in execution time for parsing strings to Time objects. The fixed versions are 0.1.1 and 0.2.2...

5.3CVSS6.9AI score0.02452EPSS
Exploits0References12
nessus
nessus
added 2024/04/18 12:0 a.m.21 views

NewStart CGSL CORE 5.04 / MAIN 5.04 : ruby Vulnerability (NS-SA-2024-0012)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has ruby packages installed that are affected by a vulnerability: - A ReDoS issue was discovered in the Time component through 0.2.1 in Ruby through 3.2.1. The Time parser mishandles invalid URLs that have specific characters. ...

5.3CVSS7.9AI score0.02452EPSS
Exploits0References3
nessus
nessus
added 2024/04/05 12:0 a.m.31 views

Rocky Linux 9 : ruby:3.1 (RLSA-2024:1576)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:1576 advisory. - The cgi gem before 0.1.0.2, 0.2.x before 0.2.2, and 0.3.x before 0.3.5 for Ruby allows HTTP response splitting. This is relevant to applications that...

8.8CVSS8.1AI score0.02637EPSS
Exploits1References9
nessus
nessus
added 2024/04/03 12:0 a.m.50 views

AlmaLinux 9 : ruby:3.1 (ALSA-2024:1576)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:1576 advisory. ruby/cgi-gem: HTTP response splitting in CGI CVE-2021-33621 ruby: ReDoS vulnerability in URI CVE-2023-28755 ruby: ReDoS vulnerability - upstream's...

8.8CVSS7.8AI score0.02637EPSS
Exploits1References5
nessus
nessus
added 2024/04/01 12:0 a.m.36 views

RHEL 9 : ruby:3.1 (RHSA-2024:1576)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1576 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system...

8.8CVSS7.9AI score0.02637EPSS
Exploits1References11
nessus
nessus
added 2024/03/21 12:0 a.m.39 views

AlmaLinux 8 : ruby:3.1 (ALSA-2024:1431)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:1431 advisory. ruby/cgi-gem: HTTP response splitting in CGI CVE-2021-33621 ruby: ReDoS vulnerability in URI CVE-2023-28755 ruby: ReDoS vulnerability - upstream's...

8.8CVSS7.8AI score0.02637EPSS
Exploits1References5
osv
osv
added 2024/03/06 11:4 a.m.36 views

BIT-RUBY-2023-28756

A ReDoS issue was discovered in the Time component through 0.2.1 in Ruby through 3.2.1. The Time parser mishandles invalid URLs that have specific characters. It causes an increase in execution time for parsing strings to Time objects. The fixed versions are 0.1.1 and 0.2.2...

5.3CVSS7.2AI score0.02452EPSS
Exploits0References12
nessus
nessus
added 2024/01/24 12:0 a.m.31 views

GLSA-202401-27 : Ruby: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202401-27 Ruby: Multiple vulnerabilities - An issue was discovered in Ruby through 2.5.8, 2.6.x through 2.6.6, and 2.7.x through 2.7.1. WEBrick, a simple HTTP server bundled with Ruby, had not checked the transfer-encoding header...

9.8CVSS8.1AI score0.04766EPSS
Exploits6References18
nessus
nessus
added 2023/11/14 12:0 a.m.51 views

RHEL 8 : ruby:2.5 (RHSA-2023:7025)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:7025 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system...

8.8CVSS7.8AI score0.04127EPSS
Exploits1References13
nessus
nessus
added 2023/10/25 12:0 a.m.42 views

SUSE SLED15: libruby2_5-2_5 / ruby2.5 / ruby2.5-devel / ruby2.5-devel-extra / etc (SUSE-SU-2023:4176-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4176-1 advisory. - CVE-2023-28755: Fixed a ReDoS vulnerability in URI. bsc1209891 - CVE-2023-28756: Fixed an...

8.8CVSS7.1AI score0.03222EPSS
Exploits2References13
nessus
nessus
added 2023/09/27 12:0 a.m.70 views

Amazon Linux 2 : ruby (ALASRUBY3.0-2023-001)

The version of ruby installed on the remote host is prior to 3.0.6-156. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2RUBY3.0-2023-001 advisory. A ReDoS issue was discovered in the URI component through 0.12.0 in Ruby through 3.2.1. The URI parser mishandles...

5.3CVSS8AI score0.02637EPSS
Exploits0References6
nessus
nessus
added 2023/08/31 12:0 a.m.97 views

Rocky Linux 8 : ruby:2.7 (RLSA-2023:3821)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:3821 advisory. - The cgi gem before 0.1.0.2, 0.2.x before 0.2.2, and 0.3.x before 0.3.5 for Ruby allows HTTP response splitting. This is relevant to applications that...

8.8CVSS8AI score0.02637EPSS
Exploits1References8
openvas
openvas
added 2023/07/10 12:0 a.m.19 views

Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2023-2321)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.3CVSS6AI score0.02452EPSS
Exploits0References2
openvas
openvas
added 2023/07/10 12:0 a.m.18 views

Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2023-2341)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.3CVSS6AI score0.02452EPSS
Exploits0References2
nessus
nessus
added 2023/07/09 12:0 a.m.20 views

EulerOS 2.0 SP9 : ruby (EulerOS-SA-2023-2341)

According to the versions of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A ReDoS issue was discovered in the Time component through 0.2.1 in Ruby through 3.2.1. The Time parser mishandles invalid URLs that have specific...

5.3CVSS7.9AI score0.02452EPSS
Exploits0References2
nessus
nessus
added 2023/06/21 12:0 a.m.40 views

Ubuntu 23.04 : Ruby vulnerabilities (USN-6181-1)

The remote Ubuntu 23.04 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6181-1 advisory. Hiroshi Tokumaru discovered that Ruby did not properly handle certain user input for applications the generate HTTP responses using cgi gem. An attacker coul...

8.8CVSS7.9AI score0.02637EPSS
Exploits1References4
nessus
nessus
added 2023/06/13 12:0 a.m.31 views

Amazon Linux 2 : ruby (ALAS-2023-2084)

The version of ruby installed on the remote host is prior to 2.0.0.648-36. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2084 advisory. A ReDoS issue was discovered in the Time component through 0.2.1 in Ruby through 3.2.1. The Time parser mishandles invalid URLs...

5.3CVSS7.9AI score0.02452EPSS
Exploits0References4
Rows per page
Query Builder