Showing 1 - 6 of 6

CVE-2021-41819

Status Candidate

Overview

CGI::Cookie.parse in Ruby through 2.6.8 mishandles security prefixes in cookie names. This also affects the CGI gem through 0.3.0 for Ruby.

Red Hat Security Advisory 2022-0708-01: Posted Mar 1, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-0708-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include code execution, denial of service, and spoofing vulnerabilities.; tags | advisory, denial of service, spoof, vulnerability, code execution, ruby; systems | linux, redhat; advisories | CVE-2020-36327, CVE-2021-31799, CVE-2021-31810, CVE-2021-32066, CVE-2021-41817, CVE-2021-41819; SHA-256 | f83547ba4736bf0787d355efe1d9f8bfeb8c4feba15c83208f06fc61783cd7d3; Download | Favorite | View

Red Hat Security Advisory 2022-0582-01: Posted Feb 21, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-0582-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include HTTP request smuggling, HTTP response splitting, code execution, denial of service, information leakage, and spoofing vulnerabilities.; tags | advisory, web, denial of service, spoof, vulnerability, code execution, ruby; systems | linux, redhat; advisories | CVE-2019-15845, CVE-2019-16201, CVE-2019-16254, CVE-2019-16255, CVE-2020-10663, CVE-2020-10933, CVE-2020-25613, CVE-2020-36327, CVE-2021-28965, CVE-2021-31799, CVE-2021-31810, CVE-2021-32066, CVE-2021-41817, CVE-2021-41819; SHA-256 | 28f434c8a7e0c5a9a457c78e1d0a72539ecb56d9a3673853dd0aa3595f619eda; Download | Favorite | View

Red Hat Security Advisory 2022-0581-01: Posted Feb 21, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-0581-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include HTTP request smuggling, HTTP response splitting, code execution, denial of service, information leakage, and spoofing vulnerabilities.; tags | advisory, web, denial of service, spoof, vulnerability, code execution, ruby; systems | linux, redhat; advisories | CVE-2019-15845, CVE-2019-16201, CVE-2019-16254, CVE-2019-16255, CVE-2020-10663, CVE-2020-10933, CVE-2020-25613, CVE-2020-36327, CVE-2021-28965, CVE-2021-31799, CVE-2021-31810, CVE-2021-32066, CVE-2021-41817, CVE-2021-41819; SHA-256 | 8bd21cf01e10e7a947db8efca057a501595b8383a816b9f497a90e17a13ebc45; Download | Favorite | View

Red Hat Security Advisory 2022-0544-01: Posted Feb 17, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-0544-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include code execution, denial of service, and spoofing vulnerabilities.; tags | advisory, denial of service, spoof, vulnerability, code execution, ruby; systems | linux, redhat; advisories | CVE-2020-36327, CVE-2021-31799, CVE-2021-31810, CVE-2021-32066, CVE-2021-41817, CVE-2021-41819; SHA-256 | ceb41e93f7a4f1064aec7c5b8bc73d5be2c606f6aff3d1f38923815c8a60f0aa; Download | Favorite | View

Red Hat Security Advisory 2022-0543-01: Posted Feb 17, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-0543-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include code execution, denial of service, and spoofing vulnerabilities.; tags | advisory, denial of service, spoof, vulnerability, code execution, ruby; systems | linux, redhat; advisories | CVE-2020-36327, CVE-2021-31799, CVE-2021-31810, CVE-2021-32066, CVE-2021-41817, CVE-2021-41819; SHA-256 | dfdba266365e044f1046b80b1a63a79d7490623a6a4906cec8a75fe7353d9087; Download | Favorite | View

Ubuntu Security Notice USN-5235-1: Posted Jan 19, 2022; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 5235-1 - It was discovered that Ruby incorrectly handled certain HTML files. An attacker could possibly use this issue to cause a crash. This issue only affected Ubuntu 20.04 LTS, Ubuntu 21.04, and Ubuntu 21.10. It was discovered that Ruby incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a regular expression denial of service.; tags | advisory, denial of service, ruby; systems | linux, ubuntu; advisories | CVE-2021-41816, CVE-2021-41817, CVE-2021-41819; SHA-256 | a6359db1c94f5fd218ffeb0030ff14aadcb0e1fa663d178749a56f56c3ad47c9; Download | Favorite | View

Page 1 of 1 Back 1 Next