Download
| Alert*
oval:org.secpod.oval:def:1800936
ruby is installed oval:org.secpod.oval:def:1801413 CVE-2019-8320: Delete directory using symlink when decompressing tar CVE-2019-8321: Escape sequence injection vulnerability in verbose CVE-2019-8322: Escape sequence injection vulnerability in gem owner CVE-2019-8323: Escape sequence injection vulnerability in API response handling CVE-2019-8324: In ... oval:org.secpod.oval:def:1801421 CVE-2019-8320: Delete directory using symlink when decompressing tar CVE-2019-8321: Escape sequence injection vulnerability in verbose CVE-2019-8322: Escape sequence injection vulnerability in gem owner CVE-2019-8323: Escape sequence injection vulnerability in API response handling CVE-2019-8324: In ... oval:org.secpod.oval:def:1801425 CVE-2019-8320: Delete directory using symlink when decompressing tar CVE-2019-8321: Escape sequence injection vulnerability in verbose CVE-2019-8322: Escape sequence injection vulnerability in gem owner CVE-2019-8323: Escape sequence injection vulnerability in API response handling CVE-2019-8324: In ... oval:org.secpod.oval:def:1801427 CVE-2019-8320: Delete directory using symlink when decompressing tar CVE-2019-8321: Escape sequence injection vulnerability in verbose CVE-2019-8322: Escape sequence injection vulnerability in gem owner CVE-2019-8323: Escape sequence injection vulnerability in API response handling CVE-2019-8324: In ... oval:org.secpod.oval:def:1800935 An integer overflow vulnerability in nginx range filter module in ngx_ function was found, potentially resulting in memory disclosure when used with 3rd party modules. Issue can be triggered by specially crafted http range request resulting into leaking the content of the cache file header. Affected ... oval:org.mitre.oval:def:11940 Ruby is installed oval:org.secpod.oval:def:1800958 Ruby has multiple vulnerabilities: CVE-2017-17742: HTTP response splitting in WEBrick CVE-2018-6914: Unintentional file and directory creation with directory traversal in tempfile and tmpdir CVE-2018-8777: DoS by large request in WEBrick CVE-2018-8778: Buffer under-read in String#unpack CVE-2018-877 ... oval:org.secpod.oval:def:1800960 Ruby has multiple vulnerabilities: CVE-2017-17742: HTTP response splitting in WEBrick CVE-2018-6914: Unintentional file and directory creation with directory traversal in tempfile and tmpdir CVE-2018-8777: DoS by large request in WEBrick CVE-2018-8778: Buffer under-read in String#unpack CVE-2018-877 ... oval:org.secpod.oval:def:1800961 Ruby has multiple vulnerabilities: CVE-2017-17742: HTTP response splitting in WEBrick CVE-2018-6914: Unintentional file and directory creation with directory traversal in tempfile and tmpdir CVE-2018-8777: DoS by large request in WEBrick CVE-2018-8778: Buffer under-read in String#unpack CVE-2018-877 ... oval:org.secpod.oval:def:604918 Several vulnerabilities have been discovered in the interpreter for the Ruby language. CVE-2020-10663 Jeremy Evans reported an unsafe object creation vulnerability in the json gem bundled with Ruby. When parsing certain JSON documents, the json gem can be coerced into creating arbitrary objects in t ... oval:org.secpod.oval:def:60426 The host is installed with Ruby 2.3 or earlier, 2.4.x through 2.4.7, 2.5.x through 2.5.6 or 2.6.x through 2.6.4 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle regular expression. Successful exploitation causes an effective deni ... oval:org.secpod.oval:def:69796 Several vulnerabilities have been discovered in the interpreter for the Ruby language, which could result in unauthorized access by bypassing intended path matchings, denial of service, or the execution of arbitrary code. oval:org.secpod.oval:def:60438 The host is installed with Ruby 2.3 or earlier, 2.4.x through 2.4.7, 2.5.x through 2.5.6 or 2.6.x through 2.6.4 and is prone to an HTTP response splitting vulnerability. A flaw is present in the application, which fails to properly handle unknown vectors. An attacker can exploit it to insert a newli ... oval:org.secpod.oval:def:60439 The host is installed with Ruby 2.3 or earlier, 2.4.x through 2.4.7, 2.5.x through 2.5.6 or 2.6.x through 2.6.4 and is prone to a code injection vulnerability. A flaw is present in the application, which fails to handle unknown vectors. An attacker can exploit this to call an arbitrary Ruby method. oval:org.secpod.oval:def:60437 The host is installed with Ruby 2.3 or earlier, 2.4.x through 2.4.7, 2.5.x through 2.5.6 or 2.6.x through 2.6.4 and is prone to a NUL injection vulnerability. A flaw is present in the application, which fails to properly handle unknown vectors. An attacker who has the control of the path pattern par ... |