Download
| Alert*
oval:org.secpod.oval:def:2500703
Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. oval:org.secpod.oval:def:78163 ruby2.7: Object-oriented scripting language - ruby2.5: Object-oriented scripting language - ruby2.3: Object-oriented scripting language Several security issues were fixed in Ruby. oval:org.secpod.oval:def:706283 ruby2.7: Object-oriented scripting language - ruby2.5: Object-oriented scripting language - ruby2.3: Object-oriented scripting language Several security issues were fixed in Ruby. oval:org.secpod.oval:def:78166 ruby2.7: Object-oriented scripting language - ruby2.5: Object-oriented scripting language - ruby2.3: Object-oriented scripting language Several security issues were fixed in Ruby. oval:org.secpod.oval:def:507109 Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fix: * ruby: Regular expression denial of service vulnerability of Date parsing methods * ruby: Cookie prefix spoofing in CGI::Cookie.parse ... oval:org.secpod.oval:def:1505896 ruby [2.5.9-110] - Fix FTBFS due to an incompatible load directive. - Fix a fiddle import test on an optimized glibc on Power 9. - Fix by adding length limit option for methods that parses date strings. Resolves: CVE-2021-41817 - CGI::Cookie.parse no longer decodes cookie names to prevent spoofing s ... oval:org.secpod.oval:def:605784 Several vulnerabilities have been discovered in the interpreter for the Ruby language and the Rubygems included, which may result on result in information disclosure or denial of service. oval:org.secpod.oval:def:88335 Several vulnerabilities have been discovered in the interpreter for the Ruby language and the Rubygems included, which may result on result in information disclosure or denial of service. oval:org.secpod.oval:def:2107121 Oracle Solaris 11 - ( CVE-2021-41817 ) oval:org.secpod.oval:def:77539 ruby2.7: Object-oriented scripting language - ruby2.5: Object-oriented scripting language - ruby2.3: Object-oriented scripting language Several security issues were fixed in Ruby. oval:org.secpod.oval:def:4501116 Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fix: * ruby: Regular expression denial of service vulnerability of Date parsing methods * ruby: Cookie prefix spoofing in CGI::Cookie.parse ... oval:org.secpod.oval:def:1701677 A flaw was found in ruby, where the date object was found to be vulnerable to a regular expression denial of service during the parsing of dates. This flaw allows an attacker to hang a ruby application by providing a specially crafted date string. The highest threat to this vulnerability is system ... oval:org.secpod.oval:def:1701670 CGI.escape_html in Ruby before 2.7.5 and 3.x before 3.0.3 has an integer overflow and resultant buffer overflow via a long string on platforms where size_t and long have different numbers of bytes. This also affects the CGI gem before 0.3.1 for Ruby. A flaw was found in ruby, where the date object ... oval:org.secpod.oval:def:3300710 SUSE Security Update: Security update for ruby2.5 oval:org.secpod.oval:def:89047353 This update for ruby2.5 fixes the following issues: - CVE-2021-41819: Fixed cookie prefix spoofing in CGI::Cookie.parse . oval:org.secpod.oval:def:1702164 A flaw was discovered in Ruby in the way certain functions handled strings containing NULL bytes. Specifically, the built-in methods File.fnmatch and its alias File.fnmatch? did not properly handle path patterns containing the NULL byte. A remote attacker could exploit this flaw to make a Ruby scrip ... oval:org.secpod.oval:def:78161 Several vulnerabilities have been discovered in the interpreter for the Ruby language and the Rubygems included, which may result on result in XML roundtrip attacks, the execution of arbitrary code, information disclosure, StartTLS stripping in IMAP or denial of service. oval:org.secpod.oval:def:506796 Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: rh-ruby26-ruby . Security Fix: * rubygem-bundler: Dependencies of gems with e ... oval:org.secpod.oval:def:506699 Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fix: * rubygem-bundler: Dependencies of gems with explicit source may be installed from a different source * rubygem-rdoc: Command injectio ... oval:org.secpod.oval:def:4501152 Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fix: * rubygem-bundler: Dependencies of gems with explicit source may be installed from a different source * rubygem-rdoc: Command injectio ... oval:org.secpod.oval:def:605778 Several vulnerabilities have been discovered in the interpreter for the Ruby language and the Rubygems included, which may result on result in XML roundtrip attacks, the execution of arbitrary code, information disclosure, StartTLS stripping in IMAP or denial of service. oval:org.secpod.oval:def:2500613 Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. oval:org.secpod.oval:def:1505543 ruby [2.6.9-108] - Upgrade to Ruby 2.6.9. - Skip JIT tests in RHEL 8. - Fix the issues required to start the "make test-bundler" itself. - Fix Bundler dependency confusion. Resolves: CVE-2020-36327 oval:org.secpod.oval:def:4501061 Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: ruby . Security Fix: * ruby: Regular expression denial of service vulnerabili ... oval:org.secpod.oval:def:507144 Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: ruby . Security Fix: * ruby: Regular expression denial of service vulnerabili ... oval:org.secpod.oval:def:4501026 Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: ruby . Security Fix: * ruby: Regular expression denial of service vulnerabili ... oval:org.secpod.oval:def:1506003 ruby [3.0.4-141] - Upgrade to Ruby 3.0.4. Resolves: rhbz#2109431 Resolves: rhbz#2110981 - Fix double free in Regexp compilation. Resolves: CVE-2022-28738 - Fix buffer overrun in String-to-Float conversion. Resolves: CVE-2022-28739 oval:org.secpod.oval:def:1506005 ruby [2.7.6-138] - Upgrade to Ruby 2.7.6. Resolves: rhbz#2109424 - Fix FTBFS due to an incompatible load directive. Related: rhbz#2109424 - Fix a fiddle import test on an optimized glibc on Power 9. Related: rhbz#2109424 - Fix regular Expression Denial of Service Vulnerability of Date Parsing Method ... oval:org.secpod.oval:def:2500797 Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. oval:org.secpod.oval:def:507195 Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: rh-ruby27-ruby . Security Fix: * ruby: buffer overflow in CGI.escape_html * ... oval:org.secpod.oval:def:507194 Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: rh-ruby30-ruby . Security Fix: * ruby: buffer overflow in CGI.escape_html * ... oval:org.secpod.oval:def:507150 Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: ruby . Security Fix: * ruby: Regular expression denial of service vulnerabili ... oval:org.secpod.oval:def:122125 Ruby is the interpreted scripting language for quick and easy object-oriented programming. It has many features to process text files and to do system management tasks . It is simple, straight-forward, and extensible. oval:org.secpod.oval:def:122129 Ruby is the interpreted scripting language for quick and easy object-oriented programming. It has many features to process text files and to do system management tasks . It is simple, straight-forward, and extensible. oval:org.secpod.oval:def:2501018 Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. |