Download
| Alert*
|
oval:org.secpod.oval:def:1500051
Updated ruby packages that fix two security issues and one bug are nowavailable for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderatesecurity impact. Common Vulnerability Scoring System base scores,which give detailed severity ratings, are avail ... oval:org.secpod.oval:def:501017 Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks. It was discovered that Ruby"s REXML library did not properly restrict XML entity expansion. An attacker could use this flaw to cause a denial of service b ... oval:org.secpod.oval:def:1600291 It was discovered that Ruby"s REXML library did not properly restrict XML entity expansion. An attacker could use this flaw to cause a denial of service by tricking a Ruby application using REXML to read text nodes from specially-crafted XML content, which will result in REXML consuming large amount ... oval:org.secpod.oval:def:701054 ruby1.8: Interpreter of object-oriented scripting language Ruby 1.8 Details: USN-1603-1 fixed vulnerabilities in Ruby. This update provides the corresponding updates for Ubuntu 12.10. Original advisory Ruby could allow excessive access in untrusted programs. oval:org.secpod.oval:def:202597 Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks. It was discovered that Ruby"s REXML library did not properly restrict XML entity expansion. An attacker could use this flaw to cause a denial of service b ... oval:org.secpod.oval:def:1300205 Multiple vulnerabilities has been discovered and corrected in ruby: The safe-level feature in Ruby 1.8.7 allows context-dependent attackers to modify strings via the NameError#to_s method when operating on Ruby objects. NOTE: this issue is due to an incomplete fix for CVE-2011-1005 . lib/rexml/text. ... oval:org.secpod.oval:def:202520 Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks. It was found that certain methods did not sanitize file names before passing them to lower layer routines in Ruby. If a Ruby application created files wit ... oval:org.secpod.oval:def:701039 ruby1.8: Interpreter of object-oriented scripting language Ruby 1.8 Ruby could allow excessive access in untrusted programs. oval:org.secpod.oval:def:1500089 Updated ruby packages that fix two security issues are now available forRed Hat Enterprise Linux 6.The Red Hat Security Response Team has rated this update as having moderatesecurity impact. Common Vulnerability Scoring System base scores,which give detailed severity ratings, are available for each ... oval:org.secpod.oval:def:500938 Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks. It was found that certain methods did not sanitize file names before passing them to lower layer routines in Ruby. If a Ruby application created files wit ... |
