Red Hat Security Advisory 2021-2229-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include a HTTP request smuggling vulnerability.
cea33ad0e2b62557766732321333596dRed Hat Security Advisory 2021-2230-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include HTTP request smuggling, HTTP response splitting, denial of service, information leakage, and insecure permissions vulnerabilities.
e3874da2921faf9eb845a84c5bf2d476Red Hat Security Advisory 2021-2104-01.tt - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include HTTP request smuggling, HTTP response splitting, denial of service, and information leakage vulnerabilities.
2a9021fba3ddb0f54f14cb9a738b0b04OpenNetAdmin versions 8.5.14 through 18.1.1 remote command execution exploit written in Ruby. This exploit was based on the original discovery of the issue by mattpascoe.
b2ea2bd02abebc013ca6ae8665950e12Ubuntu Security Notice 4922-2 - USN-4922-1 fixed a vulnerability in Ruby. This update provides the corresponding update for Ubuntu 21.04. Juho Nurminen discovered that the REXML gem bundled with Ruby incorrectly parsed and serialized XML documents. A remote attacker could possibly use this issue to perform an XML round-trip attack. Various other issues were also addressed.
1b5b7b7ac26e069df4ca39541f536606Ubuntu Security Notice 4922-1 - Juho Nurminen discovered that the REXML gem bundled with Ruby incorrectly parsed and serialized XML documents. A remote attacker could possibly use this issue to perform an XML round-trip attack.
b1cdfd7ce654f38195dd8a4b7ac1e028Ubuntu Security Notice 3685-2 - USN-3685-1 fixed a vulnerability in Ruby. The fix for CVE-2017-0903 introduced a regression in Ruby. This update fixes the problem.
f156e986c66dcd65f01f2e7c3812a8feUbuntu Security Notice 4882-1 - It was discovered that the Ruby JSON gem incorrectly handled certain JSON files. If a user or automated system were tricked into parsing a specially crafted JSON file, a remote attacker could use this issue to execute arbitrary code. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. It was discovered that Ruby incorrectly handled certain socket memory operations. A remote attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. Various other issues were also addressed.
81a24afb7b9477db4f4abcf41514d69dRed Hat Security Advisory 2020-5554-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components.
f80dc5ae648876bf496b8b9551dfff53Red Hat Security Advisory 2020-4134-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. Issues addressed include a cross site request forgery vulnerability.
7b592d1c8a00ce955618e86db98f6569Red Hat Security Advisory 2020-3574-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. Issues addressed include bypass and code execution vulnerabilities.
bd03d4978fc69d3110e68b9684b0e2b9Red Hat Security Advisory 2020-3358-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. Issues addressed include bypass, code execution, and cross site scripting vulnerabilities.
dbaeedb15bc59ebaac47e32fb56252f6OpenEMR versions 5.0.1 and below authenticated remote code execution exploit written in ruby.
0c4b5a66f0b188dd68ac3a5de13961d4Ruby On Rails version 5.0.1 remote code execution exploit.
6c0633d8ae026e22f98ff5981cbe2ff4Red Hat Security Advisory 2020-2839-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks.
92679d78f903b676d9a0c4fa7f9945eeRed Hat Security Advisory 2020-2769-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include a code execution vulnerability.
d863f41048b1ebe1f7f80eddca076cfeKeystone is a lightweight multi-platform, multi-architecture assembler framework. Highlight features include multi-architecture, with support for Arm, Arm64 (AArch64/Armv8), Hexagon, Mips, PowerPC, Sparc, SystemZ, and X86 (include 16/32/64bit). It has a clean and lightweight architecture-neutral API. It's implemented in C/C++ languages, with bindings for Python, NodeJS, Ruby, Go and Rust available and also has native support for Windows and various Unix flavors.
358fb4dc10cac08d9463bb9c2c7a8695Red Hat Security Advisory 2020-2480-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. Timing attack vulnerabilities have been addressed.
a50c222854a1da65e1b385d1b1bccd2fRed Hat Security Advisory 2020-2288-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include HTTP response splitting and buffer under-read vulnerabilities.
9e57a184e4c7e98b79f4e74f758bfc77Red Hat Security Advisory 2020-2212-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include HTTP response splitting and buffer under-read vulnerabilities.
2d553879d3f6203c6cc6b183b21ffa4bRed Hat Security Advisory 2020-1963-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include HTTP response splitting and buffer under-read vulnerabilities.
5ea73ae49b555df6ceffbfb717433758Gentoo Linux Security Advisory 202003-9 - A vulnerability in OpenID library for Ruby at worst might allow an attacker to bypass authentication. Versions less than 2.9.2 are affected.
2f698ac7bf2422801808d665be73b246Gentoo Linux Security Advisory 202003-6 - Multiple vulnerabilities have been found in Ruby, the worst of which could lead to the remote execution of arbitrary code. Versions less than 2.4.9:2.4 are affected.
00261b5f5dfd330247bf1c17eb43ce1bRed Hat Security Advisory 2020-0663-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include code execution, cross site scripting, denial of service, deserialization, and traversal vulnerabilities.
2350e2bab5d86e998e3c1e3a1c793ff7Red Hat Security Advisory 2020-0591-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include code execution, cross site scripting, denial of service, deserialization, and traversal vulnerabilities.
1466db90fcaec7836bac3cd15b7cb8d7
© 2020 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed