EUVD-2024-35247

Malicious code in bioql PyPI...

EulerOS 2.0 SP11 : ruby (EulerOS-SA-2024-2594)

According to the versions of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Rubygems.org is the Ruby community's gem hosting service. A Gem publisher can cause a Remote DoS when publishing a Gem. This is due to how Ruby read...

Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2024-2542)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP10 : ruby (EulerOS-SA-2024-2429)

According to the versions of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An issue was discovered in Ruby 3.x through 3.3.0. If attacker-supplied data is provided to the Ruby regex compiler, it is possible to extract...

CVE-2024-35221

Rubygems.org is the Ruby community's gem hosting service. A Gem publisher can cause a Remote DoS when publishing a Gem. This is due to how Ruby reads the Manifest of Gem files when using Gem::Specification.fromyaml. fromyaml makes use of SafeYAML.load which allows YAML aliases inside the YAML-bas...

PT-2024-5071 · Unknown · Rubygems.Org

Name of the Vulnerable Software and Affected Versions: RubyGems.org affected versions not specified Description: The issue is related to how Ruby reads the Manifest of Gem files when using Gem::Specification.from yaml, which makes use of SafeYAML.load. This allows YAML aliases inside the YAML-bas...