what you don't know can hurt you
Showing 1 - 25 of 504 RSS Feed

Ruby Files

Debian Security Advisory 4433-1
Posted Apr 17, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4433-1 - Several vulnerabilities have been discovered in the Rubygems included in the interpreter for the Ruby language, which may result in denial of service or the execution of arbitrary code.

tags | advisory, denial of service, arbitrary, vulnerability, ruby
systems | linux, debian
advisories | CVE-2019-8320, CVE-2019-8321, CVE-2019-8322, CVE-2019-8323, CVE-2019-8324, CVE-2019-8325
MD5 | cde89a6b98e0742a91f9ce6c76c269a6
Ubuntu Security Notice USN-3945-1
Posted Apr 12, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3945-1 - It was discovered that Ruby incorrectly handled certain RubyGems. An attacker could possibly use this issue to execute arbitrary commands. It was discovered that Ruby incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code.

tags | advisory, arbitrary, ruby
systems | linux, ubuntu
advisories | CVE-2019-8320, CVE-2019-8324
MD5 | e31c0b3ee67169a56b90d68e0524ec93
Red Hat Security Advisory 2019-0600-01
Posted Mar 19, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0600-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. Issues addressed include a deserialization vulnerability.

tags | advisory, web, ruby
systems | linux, redhat
advisories | CVE-2018-16476
MD5 | 1851ff3f967e78cafa8097e80c42894d
Red Hat Security Advisory 2019-0315-01
Posted Feb 12, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0315-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. Issues addressed include a cross site scripting vulnerability.

tags | advisory, web, xss, ruby
systems | linux, redhat
advisories | CVE-2018-11627
MD5 | 37af4fadd68586d2c557578b4aa96179
Red Hat Security Advisory 2019-0212-01
Posted Feb 7, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0212-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. Issues addressed include a cross site scripting vulnerability.

tags | advisory, web, xss, ruby
systems | linux, redhat
advisories | CVE-2018-11627
MD5 | 6577192796db1ab307a7960b52e49ff6
Debian Security Advisory 4364-1
Posted Jan 9, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4364-1 - It was discovered that ruby-loofah, a general library for manipulating and transforming HTML/XML documents and fragments, performed insufficient sanitising of SVG elements.

tags | advisory, ruby
systems | linux, debian
advisories | CVE-2018-16468
MD5 | 1ac92e51a244345f0cc61b7ed70eaece
Debian Security Advisory 4358-1
Posted Dec 28, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4358-1 - The Shopify Application Security Team discovered that ruby-sanitize, a whitelist-based HTML sanitizer, is prone to a HTML injection vulnerability. A specially crafted HTML fragment can cause to allow non- whitelisted attributes to be used on a whitelisted HTML element.

tags | advisory, ruby
systems | linux, debian
advisories | CVE-2018-3740
MD5 | 5871c1514b94b71b02b3d526961e0662
Red Hat Security Advisory 2018-3816-01
Posted Dec 13, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3816-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. Issues addressed include memory disclosure and client-side security problems.

tags | advisory, web, ruby
systems | linux, redhat
advisories | CVE-2018-1053, CVE-2018-1058, CVE-2018-10915, CVE-2018-10925
MD5 | 8e006513de19d1c89ea0cf3c9d7db529
Red Hat Security Advisory 2018-3738-01
Posted Nov 30, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3738-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include a name equality check.

tags | advisory, ruby
systems | linux, redhat
advisories | CVE-2018-16395
MD5 | b37cd6a549c5f7b2962bc22ae44d93f7
Red Hat Security Advisory 2018-3731-01
Posted Nov 30, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3731-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include code execution, cross site scripting, denial of service, deserialization, and traversal vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution, xss, ruby
systems | linux, redhat
advisories | CVE-2017-17742, CVE-2018-1000073, CVE-2018-1000074, CVE-2018-1000075, CVE-2018-1000076, CVE-2018-1000077, CVE-2018-1000078, CVE-2018-1000079, CVE-2018-16395, CVE-2018-16396, CVE-2018-6914, CVE-2018-8777, CVE-2018-8778, CVE-2018-8779, CVE-2018-8780
MD5 | d886b0561d5de848dd645b607873d4c9
Red Hat Security Advisory 2018-3730-01
Posted Nov 30, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3730-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include code execution, cross site scripting, denial of service, deserialization, and traversal vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution, xss, ruby
systems | linux, redhat
advisories | CVE-2017-17742, CVE-2018-1000073, CVE-2018-1000074, CVE-2018-1000075, CVE-2018-1000076, CVE-2018-1000077, CVE-2018-1000078, CVE-2018-1000079, CVE-2018-16395, CVE-2018-16396, CVE-2018-6914, CVE-2018-8777, CVE-2018-8778, CVE-2018-8779, CVE-2018-8780
MD5 | 928cb22a25c79f7c4549eddb2a4fcf7f
Red Hat Security Advisory 2018-3729-01
Posted Nov 30, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3729-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include code execution, cross site scripting, denial of service, deserialization, and traversal vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution, xss, ruby
systems | linux, redhat
advisories | CVE-2017-17742, CVE-2018-1000073, CVE-2018-1000074, CVE-2018-1000075, CVE-2018-1000076, CVE-2018-1000077, CVE-2018-1000078, CVE-2018-1000079, CVE-2018-16395, CVE-2018-16396, CVE-2018-6914, CVE-2018-8777, CVE-2018-8778, CVE-2018-8779, CVE-2018-8780
MD5 | 9e1a463c11457fad95d3d1a9a42945d8
Ubuntu Security Notice USN-3808-1
Posted Nov 6, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3808-1 - It was discovered that Ruby incorrectly handled certain X.509 certificates. An attacker could possibly use this issue to bypass the certificate check. It was discovered that Ruby incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code.

tags | advisory, arbitrary, ruby
systems | linux, ubuntu
advisories | CVE-2018-16395, CVE-2018-16396
MD5 | 40861160d83fcf2ea2b6534d3fc4fe66
Red Hat Security Advisory 2018-3466-01
Posted Nov 5, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3466-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. Issues addressed include a code execution vulnerability.

tags | advisory, web, code execution, ruby
systems | linux, redhat
advisories | CVE-2018-1000544
MD5 | c8fd9daeba7ca15104e6c47fe5878c20
Debian Security Advisory 4332-1
Posted Nov 3, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4332-1 - Several vulnerabilities have been discovered in the interpreter for the Ruby language.

tags | advisory, vulnerability, ruby
systems | linux, debian
advisories | CVE-2018-16395, CVE-2018-16396
MD5 | e9c4818aa6963d8109d3854620683e24
Red Hat Security Advisory 2018-2745-01
Posted Sep 26, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2745-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Issues addressed include code execution and traversal vulnerabilities.

tags | advisory, web, vulnerability, code execution, ruby
systems | linux, redhat
advisories | CVE-2018-10905, CVE-2018-3760
MD5 | 71d921baf1c377550682429bed433a41
Red Hat Security Advisory 2018-2561-01
Posted Sep 5, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2561-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. Issues addressed include code execution and traversal vulnerabilities.

tags | advisory, web, vulnerability, code execution, ruby
systems | linux, redhat
advisories | CVE-2018-10905, CVE-2018-3760
MD5 | b9be0002e51a4672521b2f07d2e5bf6f
Debian Security Advisory 4283-1
Posted Sep 3, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4283-1 - It was discovered that ruby-json-jwt, a Ruby implementation of JSON web tokens performed insufficient validation of GCM auth tags.

tags | advisory, web, ruby
systems | linux, debian
advisories | CVE-2018-1000539
MD5 | 6c807bab6935c80577431de085fea133
Debian Security Advisory 4259-1
Posted Aug 1, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4259-1 - Several vulnerabilities have been discovered in the interpreter for the Ruby language, which may result in incorrect processing of HTTP/FTP, directory traversal, command injection, unintended socket creation or information disclosure.

tags | advisory, web, vulnerability, info disclosure, ruby
systems | linux, debian
advisories | CVE-2017-17405, CVE-2017-17742, CVE-2017-17790, CVE-2018-1000073, CVE-2018-1000074, CVE-2018-1000075, CVE-2018-1000076, CVE-2018-1000077, CVE-2018-1000078, CVE-2018-1000079, CVE-2018-6914, CVE-2018-8777, CVE-2018-8778, CVE-2018-8779, CVE-2018-8780
MD5 | a76e5483b8c8bfad98c37d0bb78f7568
Red Hat Security Advisory 2018-2245-01
Posted Jul 24, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2245-01 - Sprockets is a Ruby library for compiling and serving web assets. It features declarative dependency management for JavaScript and CSS assets, as well as a powerful preprocessor pipeline that allows to write assets in languages like CoffeeScript, Sass and SCSS. Issues addressed include a traversal vulnerability.

tags | advisory, web, javascript, ruby
systems | linux, redhat
advisories | CVE-2018-3760
MD5 | 4cddbf970a525c46f424b9018ec2be7a
Red Hat Security Advisory 2018-2244-01
Posted Jul 24, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2244-01 - Sprockets is a Ruby library for compiling and serving web assets. It features declarative dependency management for JavaScript and CSS assets, as well as a powerful preprocessor pipeline that allows to write assets in languages like CoffeeScript, Sass and SCSS. Issues addressed include a traversal vulnerability.

tags | advisory, web, javascript, ruby
systems | linux, redhat
advisories | CVE-2018-3760
MD5 | c8e6a8b16ca9c1af84c6ecdfe2748f94
Debian Security Advisory 4247-1
Posted Jul 17, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4247-1 - A timing attack was discovered in the function for CSRF token validation of the "Ruby rack protection" framework.

tags | advisory, ruby
systems | linux, debian
advisories | CVE-2018-1000119
MD5 | 39d070355f9db731ccc28b7ee0afba09
Red Hat Security Advisory 2018-2184-01
Posted Jul 12, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2184-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. Security fix: ansible: Failed tasks do not honour no_log option allowing for secrets to be disclosed in logs Issues addressed include an information leakage vulnerability.

tags | advisory, web, ruby
systems | linux, redhat
advisories | CVE-2018-10855
MD5 | c5d3d6f4de0a1d1ab0c9c8776805feee
Debian Security Advisory 4242-1
Posted Jul 9, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4242-1 - Orange Tsai discovered a path traversal flaw in ruby-sprockets, a Rack-based asset packaging system. A remote attacker can take advantage of this flaw to read arbitrary files outside an application's root directory via specially crafted requests, when the Sprockets server is used in production.

tags | advisory, remote, arbitrary, root, ruby
systems | linux, debian
advisories | CVE-2018-3760
MD5 | 106d6b21a5ae2a721cddf96019f8467d
Red Hat Security Advisory 2018-1972-01
Posted Jun 25, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1972-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Issues addressed include bypass and code execution vulnerabilities.

tags | advisory, web, vulnerability, code execution, ruby
systems | linux, redhat
advisories | CVE-2018-1101, CVE-2018-1104, CVE-2018-7750
MD5 | 2d02fb099c4f020b7ef7ac6a494c5585
Page 1 of 21
Back12345Next

File Archive:

April 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    21 Files
  • 2
    Apr 2nd
    35 Files
  • 3
    Apr 3rd
    21 Files
  • 4
    Apr 4th
    16 Files
  • 5
    Apr 5th
    15 Files
  • 6
    Apr 6th
    1 Files
  • 7
    Apr 7th
    2 Files
  • 8
    Apr 8th
    23 Files
  • 9
    Apr 9th
    19 Files
  • 10
    Apr 10th
    15 Files
  • 11
    Apr 11th
    14 Files
  • 12
    Apr 12th
    11 Files
  • 13
    Apr 13th
    2 Files
  • 14
    Apr 14th
    5 Files
  • 15
    Apr 15th
    14 Files
  • 16
    Apr 16th
    19 Files
  • 17
    Apr 17th
    19 Files
  • 18
    Apr 18th
    8 Files
  • 19
    Apr 19th
    4 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close