[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*


oval:org.secpod.oval:def:113615
RubyGems is the Ruby standard for publishing and managing third party libraries.

oval:org.secpod.oval:def:1900320
RubyGems version 2.6.12 and earlier is vulnerable to a DNS hijacking vulnerability that allows a MITM attacker to force the RubyGems client to download and install gems from a server that the attacker controls.

oval:org.secpod.oval:def:52098
ruby2.3: Interpreter of object-oriented scripting language Ruby Several security issues were fixed in Ruby.

oval:org.secpod.oval:def:113132
RubyGems is the Ruby standard for publishing and managing third party libraries.

oval:org.secpod.oval:def:704230
ruby2.3: Interpreter of object-oriented scripting language Ruby Several security issues were fixed in Ruby.

oval:org.secpod.oval:def:52071
ruby2.3: Object-oriented scripting language - ruby1.9.1: Object-oriented scripting language - ruby2.0: Object-oriented scripting language Several security issues were fixed in Ruby.

oval:org.secpod.oval:def:113158
Ruby is the interpreted scripting language for quick and easy object-oriented programming. It has many features to process text files and to do system management tasks . It is simple, straight-forward, and extensible.

oval:org.secpod.oval:def:505102
Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: rh-ruby23-ruby , rh-ruby23-rubygems , rh-ruby23-rubygem-json , rh-ruby23-rubyg ...

oval:org.secpod.oval:def:704180
ruby2.3: Object-oriented scripting language - ruby1.9.1: Object-oriented scripting language - ruby2.0: Object-oriented scripting language Several security issues were fixed in Ruby.

oval:org.secpod.oval:def:1502140
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:502236
Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fix: * It was discovered that the Net::FTP module did not properly process filenames in combination with certain operations. A remote attack ...

oval:org.secpod.oval:def:1600779
SMTP command injection via CRLF sequences in RCPT TO or MAIL FROM commands in Net::SMTPA SMTP command injection flaw was found in the way Ruby#039;s Net::SMTP module handled CRLF sequences in certain SMTP commands. An attacker could potentially use this flaw to inject SMTP commands in a SMTP session ...

oval:org.secpod.oval:def:505030
Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: rh-ruby24-ruby . Security Fix: * A buffer underflow was found in ruby"s sprin ...

oval:org.secpod.oval:def:1600799
Arbitrary heap exposure during a JSON.generate callRuby through 2.2.7, 2.3.x through 2.3.4, and 2.4.x through 2.4.1 can expose arbitrary memory during a JSON.generate call. The issues lies in using strdup in ext/json/ext/generator/generator.c, which will stop after encountering a #039;\\0#039; byte, ...

oval:org.secpod.oval:def:504842
Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: rh-ruby22-ruby , rh-ruby22-rubygems , rh-ruby22-rubygem-psych , rh-ruby22-ruby ...

oval:org.secpod.oval:def:204761
Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fix: * It was discovered that the Net::FTP module did not properly process filenames in combination with certain operations. A remote attack ...

oval:org.secpod.oval:def:53129
Multiple vulnerabilities were discovered in the interpreter for the Ruby language: CVE-2015-9096 SMTP command injection in Net::SMTP. CVE-2016-7798 Incorrect handling of initialization vector in the GCM mode in the OpenSSL extension. CVE-2017-0900 Denial of service in the RubyGems client. CVE-2017-0 ...

oval:org.secpod.oval:def:603090
Multiple vulnerabilities were discovered in the interpreter for the Ruby language: CVE-2015-9096 SMTP command injection in Net::SMTP. CVE-2016-7798 Incorrect handling of initialization vector in the GCM mode in the OpenSSL extension. CVE-2017-0900 Denial of service in the RubyGems client. CVE-2017-0 ...

oval:org.secpod.oval:def:89002928
This update for ruby2.1 fixes the following issues: Security issues fixed: - CVE-2015-9096: Fixed an SMTP command injection via CRLFsequences in a RCPT TO or MAIL FROM command . - CVE-2016-7798: Fixed an IV Reuse in GCM Mode . - CVE-2017-0898: Fixed a buffer underrun vulnerability in Kernel.sprintf ...

CPE    8
cpe:/o:debian:debian_linux:9.0
cpe:/o:debian:debian_linux:8.0
cpe:/a:rubygems:rubygems
cpe:/o:redhat:enterprise_linux_server:7.0
...
CWE    1
CWE-346
*CVE
CVE-2017-0902

© SecPod Technologies