EUVD-2022-6242

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2022-31163

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - TZInfo is a Ruby library that provides access to time zone data and allows times to be converted using time zone rules. Versions prior to 0.36.1, as well as tho...

[SECURITY] [DLA 3866-1] ruby-tzinfo security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3866-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk September 03, 2024 https://wiki.debian.org/LTS -...

DLA-3866-1 ruby-tzinfo - security update

Bulletin has no description...

Debian: Security Advisory (DLA-3866-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian dla-3866 : ruby-tzinfo - security update

The remote Debian 11 host has a package installed that is affected by a vulnerability as referenced in the dla-3866 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3866-1 [email protected] https://www.debian.org/lts/security/...

OPENSUSE-SU-2024:14178-1 ruby3.3-rubygem-tzinfo-1.2-1.2.11-1.5 on GA media

These are all security issues fixed in the ruby3.3-rubygem-tzinfo-1.2-1.2.11-1.5 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:13171-1 ruby3.2-rubygem-tzinfo-1.2-1.2.10-1.4 on GA media

These are all security issues fixed in the ruby3.2-rubygem-tzinfo-1.2-1.2.10-1.4 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:12249-1 ruby3.1-rubygem-tzinfo-1.2-1.2.10-1.1 on GA media

These are all security issues fixed in the ruby3.1-rubygem-tzinfo-1.2-1.2.10-1.1 package on the GA media of openSUSE Tumbleweed...

rubygem-tzinfo: arbitrary code execution

A flaw was found in rubygem-tzinfo. When using the Timezone.get function, it fails to validate time zone identifiers correctly, allowing a new line character input within the identifier. This flaw allows an attacker to use the new line character and write any code, which will be executed within t...

Malicious code in tzinfo-i18n (RubyGems)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 80d76ff3efd3a37e90d86c31f34ad01633504eb17709869928335523c66a2a55 The OpenSSF Package Analysis project identified 'tzinfo-i18n' @ 0.1.0 rubygems as malicious. It is considered malicious because: - The package...

MAL-2023-12 Malicious code in tzinfo-i18n (RubyGems)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 80d76ff3efd3a37e90d86c31f34ad01633504eb17709869928335523c66a2a55 The OpenSSF Package Analysis project identified 'tzinfo-i18n' @ 0.1.0 rubygems as malicious. It is considered malicious because: - The package...

rubygem-tzinfo: arbitrary code execution

A flaw was found in rubygem-tzinfo. When using the Timezone.get function, it fails to validate time zone identifiers correctly, allowing a new line character input within the identifier. This flaw allows an attacker to use the new line character and write any code, which will be executed within t...

RHEL 7 : Red Hat Gluster Storage web-admin-build (RHSA-2023:1486)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:1486 advisory. Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Django is a high-level Python...

SUSE CVE-2022-31163

TZInfo is a Ruby library that provides access to time zone data and allows times to be converted using time zone rules. Versions prior to 0.36.1, as well as those prior to 1.2.10 when used with the Ruby data source tzinfo-data, are vulnerable to relative path traversal. With the Ruby data source,...

rubygem-tzinfo: arbitrary code execution

A flaw was found in rubygem-tzinfo. When using the Timezone.get function, it fails to validate time zone identifiers correctly, allowing a new line character input within the identifier. This flaw allows an attacker to use the new line character and write any code, which will be executed within t...

[SECURITY] [DLA 3077-1] ruby-tzinfo security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3077-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb August 18, 2022 https://wiki.debian.org/LTS -...

DLA-3077-1 ruby-tzinfo - security update

Bulletin has no description...

SUSE-SU-2022:2765-1 Security update for rubygem-tzinfo

This update for rubygem-tzinfo fixes the following issues: - CVE-2022-31163: Fixed relative path traversal vulnerability that allows TZInfo::Timezone.get to load arbitrary files bsc1201835...

openSUSE: Security Advisory for rubygem-tzinfo (SUSE-SU-2022:2592-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...