Debian Linux Security Advisory 4721-1 - Several vulnerabilities have been discovered in the interpreter for the Ruby language.
9aa54c2ada8b1eb75af8ee2154b8d8568f76ccb35ac271c0dd0ad75a08cfdddf
Debian Linux Security Advisory 4730-1 - Michal Bentkowski discovered that ruby-sanitize, a whitelist-based HTML sanitizer, is prone to a HTML sanitization bypass vulnerability when using the "relaxed" or a custom config allowing certain elements. Content in a <math> or <svg> element may not be sanitized correctly even if math and svg are not in the allowlist.
841aefd63808ad7adc10707677debc3dc7eae1c4b7ed749e71ba9b880b422a23
Ruby On Rails version 5.0.1 remote code execution exploit.
683d5a9b1afa700a03c9691bb24a66690a1d3638f1a51a479caba5d775183dde
Red Hat Security Advisory 2020-2839-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks.
5d0415863a7ac6ac661eb3ddbe07e712d47dda455f58ec5fd3e138424ef84c8a
Red Hat Security Advisory 2020-2769-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include a code execution vulnerability.
545889e378a1726819f4eccfed7bea2b2bf0b6cea542c1e2e8ce3ff2d5ad53c1
Keystone is a lightweight multi-platform, multi-architecture assembler framework. Highlight features include multi-architecture, with support for Arm, Arm64 (AArch64/Armv8), Hexagon, Mips, PowerPC, Sparc, SystemZ, and X86 (include 16/32/64bit). It has a clean and lightweight architecture-neutral API. It's implemented in C/C++ languages, with bindings for Python, NodeJS, Ruby, Go and Rust available and also has native support for Windows and various Unix flavors.
c9b3a343ed3e05ee168d29daf89820aff9effb2c74c6803c2d9e21d55b5b7c24
Red Hat Security Advisory 2020-2480-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. Timing attack vulnerabilities have been addressed.
9e63ef4400d812ae1945b2df0d03fce729a14dbc358e52c1d7f3026094f03bce
Red Hat Security Advisory 2020-2288-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include HTTP response splitting and buffer under-read vulnerabilities.
6057050ab3c64cb99a8163b4e83a90ad7fc59730961fc0ad917e9756045e4774
Red Hat Security Advisory 2020-2212-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include HTTP response splitting and buffer under-read vulnerabilities.
204fe9e162ddd4ea0a9b35105fb63a1dffd81b6842577dafec073b364e4e4943
Red Hat Security Advisory 2020-1963-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include HTTP response splitting and buffer under-read vulnerabilities.
d89c1f72c11415c877a264f7eb82847e1dc247053f8bb44de1251e355f54f717
Gentoo Linux Security Advisory 202003-9 - A vulnerability in OpenID library for Ruby at worst might allow an attacker to bypass authentication. Versions less than 2.9.2 are affected.
5aafdc678174f897f8b4b4e0e91f0b6dec0394a81064cf14ba0b2e0cb7269ed8
Gentoo Linux Security Advisory 202003-6 - Multiple vulnerabilities have been found in Ruby, the worst of which could lead to the remote execution of arbitrary code. Versions less than 2.4.9:2.4 are affected.
9a9257b84a08231560b0f6dbe0d09d2e0afac6b539fe8370b12d7ceeb3bb27ab
Red Hat Security Advisory 2020-0663-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include code execution, cross site scripting, denial of service, deserialization, and traversal vulnerabilities.
e0107cb7986229680e31e1bbd0c5628975549a8bf69add5599076c8baacb57a6
Red Hat Security Advisory 2020-0591-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include code execution, cross site scripting, denial of service, deserialization, and traversal vulnerabilities.
6e60f83a7899b23721090dd7233a10b58aecb9b303e627934ee3b4be58c71833
Red Hat Security Advisory 2020-0589-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. A remote code execution vulnerability has been addressed.
72b85f78832b028a25adbb0e1b3d74a8a46515b97d66312ac283e4c4668085da
Red Hat Security Advisory 2020-0588-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. A remote code execution vulnerability has been addressed.
76dabe1fb1f83704fe07415992cc6ce59ac0ca564a556f595df6cccd087ebe63
Red Hat Security Advisory 2020-0542-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include code execution, cross site scripting, denial of service, deserialization, and traversal vulnerabilities.
4f19a78dd5d3c61c3ce79c0d1075a43722dda00bc3563f1213bddfe1887eb30d
Debian Linux Security Advisory 4586-1 - Several vulnerabilities have been discovered in the interpreter for the Ruby language, which could result in unauthorized access by bypassing intended path matchings, denial of service, or the execution of arbitrary code.
89a3287a7f18397cf7ba29822602a738221673bb04079089b1021a5cfa501551
Debian Linux Security Advisory 4587-1 - Several vulnerabilities have been discovered in the interpreter for the Ruby language, which could result in unauthorized access by bypassing intended path matchings, denial of service, or the execution of arbitrary code.
b4e4a598ec0f678c29f0d18792ae30cb04d3da8c85a26fdb228bdc23b74dad38
Red Hat Security Advisory 2019-4201-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. Issues addressed include a denial of service vulnerability.
5acc286f048730b53f20113cb3a7b425a464d583c7b9e562811a50c821f500e6
Ubuntu Security Notice 4201-1 - It was discovered that Ruby incorrectly handled certain files. An attacker could possibly use this issue to pass path matching what can lead to an unauthorized access. It was discovered that Ruby incorrectly handled certain regular expressions. An attacker could use this issue to cause a denial of service. It was discovered that Ruby incorrectly handled certain HTTP headers. An attacker could possibly use this issue to execute arbitrary code. Various other issues were also addressed.
fb5207d2d5cd13b28e5fc571f6f9365cd6eb101ba786fb264b4bd1794b1d6f86
Red Hat Security Advisory 2019-2806-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include a code execution vulnerability.
578ebcf4bc739d63cf9d017f09cf78dc93a26132c534ab18b05662020e5ef80d
Red Hat Security Advisory 2019-2587-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. Issues addressed include code execution and denial of service vulnerabilities.
89b9f7500052fdb49625bbc8a8734904b10ccb16484d2ad58eaf340ea1707561
Red Hat Security Advisory 2019-2565-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. An OpenSSL issue was addressed where an X509 name equality check did not work correctly.
935cc6c3b1e5db1458c55ac7bd5923c3cb3ad5b2cfb9f8be3de685a814df4c15
Red Hat Security Advisory 2019-2466-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. An improper authorization issue was addressed.
534d30174dfb322aaf0fafa9a7a2e1c9ad9cace1cb0ec33d283ab9e63df54fde