Red Hat Security Advisory 2021-3559-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include a code execution vulnerability.
3bcafc3afe5aa4e9f4251126406b75530da9675dfa4bf6acc6bf586fe9b6c45e
Red Hat Security Advisory 2021-3020-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include a code execution vulnerability.
c6cc28a413af73329b50f0bed720bee159e0591e4902a6b5eb92fb5b4a5fa1ba
Ubuntu Security Notice 5020-1 - It was discovered that Ruby incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. It was discovered that Ruby incorrectly handled certain inputs. An attacker could possibly use this issue to conduct port scans and service banner extractions. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 20.10, and Ubuntu 21.04. Various other issues were also addressed.
ef2211358578c8a48450c1d52656dc5137ab6ffad837d9d5b87e19b92ac24d05
Red Hat Security Advisory 2021-2588-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include HTTP request smuggling, HTTP response splitting, denial of service, information leakage, and insecure permissions vulnerabilities.
5af35473aa05be14b339ef6700164c127af3a9a9f71ad62e2221b2b6addb8987
Red Hat Security Advisory 2021-2587-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include HTTP request smuggling, HTTP response splitting, denial of service, and information leakage vulnerabilities.
5fbf960ff4484cd6f2ef69e135f605145b9a2a39f1b978087c354f225d411a0f
Red Hat Security Advisory 2021-2584-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include a HTTP request smuggling vulnerability.
15b2e047a57627938781b690d083b349e5f03bf97589594bea480a81142efcba
This ruby script is a 4-in-1 exploit that leverages shell upload, bypass, and information disclosure vulnerabilities in Monitorr version 1.7.6m.
4e0943b39fe8d3aa212ab05eca89a795f48e2fb9a93af0d03270d8b8be76b4de
Red Hat Security Advisory 2021-2229-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include a HTTP request smuggling vulnerability.
09cf314ddadf612a7ac6a39c7b50c8561ab57a1f8f3498ac527da04b443821a9
Red Hat Security Advisory 2021-2230-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include HTTP request smuggling, HTTP response splitting, denial of service, information leakage, and insecure permissions vulnerabilities.
7f44016fa2acb5c0eef19435e7da178e870b55a93bc1aadb7ac11648d84d09ce
Debian Linux Security Advisory 4918-1 - Improper pathname handling in ruby-rack-cors, a middleware that makes Rack-based apps CORS compatible, may result in access to private resources.
aad43033fd2d923343981ed3f9f6cf6e629a5e445a969a1991a2feeb576f243c
Red Hat Security Advisory 2021-2104-01.tt - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include HTTP request smuggling, HTTP response splitting, denial of service, and information leakage vulnerabilities.
a48465f7ceae469f6c4a53e76d812b67eeab7919dcdf43f046cfc5753b387376
OpenNetAdmin versions 8.5.14 through 18.1.1 remote command execution exploit written in Ruby. This exploit was based on the original discovery of the issue by mattpascoe.
b82e6c61d40806f2604b1313677e7f7e64221c2886c94d83d210370a8aca9611
Debian Linux Security Advisory 4890-1 - Stan Hu discovered that kramdown, a pure Ruby Markdown parser and converter, performed insufficient namespace validation of Rouge syntax highlighting formatters.
60fe6ac5fd6c7b4347f726fe140eae03e02e88ad5e42ce04e067b8d63dd4276d
Ubuntu Security Notice 4922-2 - USN-4922-1 fixed a vulnerability in Ruby. This update provides the corresponding update for Ubuntu 21.04. Juho Nurminen discovered that the REXML gem bundled with Ruby incorrectly parsed and serialized XML documents. A remote attacker could possibly use this issue to perform an XML round-trip attack. Various other issues were also addressed.
96b1c27761aa4515d434bb88738c784659440ebe67ff98e0ef81fba1977acc46
Ubuntu Security Notice 4922-1 - Juho Nurminen discovered that the REXML gem bundled with Ruby incorrectly parsed and serialized XML documents. A remote attacker could possibly use this issue to perform an XML round-trip attack.
cf2ecedb6dc196e4af175809b78647a6357efa199acf1dec4b27a28339ad47d1
Ubuntu Security Notice 3685-2 - USN-3685-1 fixed a vulnerability in Ruby. The fix for CVE-2017-0903 introduced a regression in Ruby. This update fixes the problem.
e7a582a1d121ff1533a65726ffe5c500c137492e966e1ec7c0aec8d1c81203b7
Ubuntu Security Notice 4882-1 - It was discovered that the Ruby JSON gem incorrectly handled certain JSON files. If a user or automated system were tricked into parsing a specially crafted JSON file, a remote attacker could use this issue to execute arbitrary code. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. It was discovered that Ruby incorrectly handled certain socket memory operations. A remote attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. Various other issues were also addressed.
283a88217feec850de336cca9e09f282e9c9a4430901603c938294b461152b82
Debian Linux Security Advisory 4831-1 - Johan Smits discovered that ruby-redcarpet, a markdown parser, did not properly validate its input. This would allow an attacker to mount a cross-site scripting attack.
c44d3382c1f80e8cf0550616c6754cf2d8909778050390bda5bc76cc7db10c35
Red Hat Security Advisory 2020-5554-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components.
72fb7d8159605d793b6364a140d58c4f6dab3bb0fb53bd87cd5693cc736d1520
Red Hat Security Advisory 2020-4134-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. Issues addressed include a cross site request forgery vulnerability.
d7a924fa93f1dc0be2809f3ed8f22321634d261660f39a52c638e3618931c2a5
Red Hat Security Advisory 2020-3574-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. Issues addressed include bypass and code execution vulnerabilities.
180aa53cbca05482454904febdf9c008320039952a59725600229f347d9d9357
Debian Linux Security Advisory 4743-1 - A flaw was discovered in ruby-kramdown, a fast, pure ruby, Markdown parser and converter, which could result in unintended read access to files or unintended embedded Ruby code execution when the {::options /} extension is used together with the 'template' option.
6bc52df88c96692e59b5c7202800ee946dcb53dad8e3bb0a1c3b8d8e00c387df
Red Hat Security Advisory 2020-3358-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. Issues addressed include bypass, code execution, and cross site scripting vulnerabilities.
a138441bfdebc4ca9e9ff48d83058e48eaa636fac11e78743531b2cd4814d228
OpenEMR versions 5.0.1 and below authenticated remote code execution exploit written in ruby.
7f48877b7731f082b5433de3e5ae805d4a0f4a8de62daf8987025281c09c42ae
Debian Linux Security Advisory 4721-1 - Several vulnerabilities have been discovered in the interpreter for the Ruby language.
9aa54c2ada8b1eb75af8ee2154b8d8568f76ccb35ac271c0dd0ad75a08cfdddf