Download
| Alert*
oval:org.secpod.oval:def:701233
ruby1.8: Object-oriented scripting language - ruby1.9.1: Object-oriented scripting language Ruby could be made to hang if it received specially crafted input. oval:org.secpod.oval:def:202597 Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks. It was discovered that Ruby"s REXML library did not properly restrict XML entity expansion. An attacker could use this flaw to cause a denial of service b ... oval:org.secpod.oval:def:202615 Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks. It was discovered that Ruby"s REXML library did not properly restrict XML entity expansion. An attacker could use this flaw to cause a denial of service b ... oval:org.secpod.oval:def:601086 Several vulnerabilities have been discovered in the interpreter for the Ruby language, which may lead to denial of service and other security problems. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2013-1821 Ben Murphy discovered that unrestricted entity exp ... oval:org.secpod.oval:def:1500089 Updated ruby packages that fix two security issues are now available forRed Hat Enterprise Linux 6.The Red Hat Security Response Team has rated this update as having moderatesecurity impact. Common Vulnerability Scoring System base scores,which give detailed severity ratings, are available for each ... oval:org.secpod.oval:def:1500008 Updated ruby packages that fix one security issue are now available forRed Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderatesecurity impact. A Common Vulnerability Scoring System base score,which gives a detailed severity rating, is available from t ... oval:org.secpod.oval:def:601161 Several vulnerabilities have been discovered in the interpreter for the Ruby language. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2013-1821 Ben Murphy discovered that unrestricted entity expansion in REXML can lead to a Denial of Service by consuming all ... oval:org.secpod.oval:def:1600291 It was discovered that Ruby"s REXML library did not properly restrict XML entity expansion. An attacker could use this flaw to cause a denial of service by tricking a Ruby application using REXML to read text nodes from specially-crafted XML content, which will result in REXML consuming large amount ... oval:org.secpod.oval:def:1600213 lib/rexml/text.rb in the REXML parser in Ruby before 1.9.3-p392 allows remote attackers to cause a denial of service via crafted text nodes in an XML document, aka an XML Entity Expansion attack. oval:org.secpod.oval:def:501017 Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks. It was discovered that Ruby"s REXML library did not properly restrict XML entity expansion. An attacker could use this flaw to cause a denial of service b ... oval:org.secpod.oval:def:1300205 Multiple vulnerabilities has been discovered and corrected in ruby: The safe-level feature in Ruby 1.8.7 allows context-dependent attackers to modify strings via the NameError#to_s method when operating on Ruby objects. NOTE: this issue is due to an incomplete fix for CVE-2011-1005 . lib/rexml/text. ... oval:org.secpod.oval:def:501018 Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks. It was discovered that Ruby"s REXML library did not properly restrict XML entity expansion. An attacker could use this flaw to cause a denial of service b ... |