Download
| Alert*
oval:org.secpod.oval:def:21814
The host is installed Ruby 1.9.3 and earlier or 2.x through 2.1.2 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle vectors that trigger a stack-based buffer overflow. Successful exploitation allows context-dependent attackers to ... oval:org.secpod.oval:def:203500 Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Multiple denial of service flaws were found in the way the Ruby REXML XML parser performed expansion of parameter entities. A specially crafted XML d ... oval:org.secpod.oval:def:501469 Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Multiple denial of service flaws were found in the way the Ruby REXML XML parser performed expansion of parameter entities. A specially crafted XML d ... oval:org.secpod.oval:def:601950 Multiple vulnerabilities were discovered in the interpreter for the Ruby language: CVE-2014-4975 The encodes function in pack.c had an off-by-one error that could lead to a stack-based buffer overflow. This could allow remote attackers to cause a denial of service or arbitrary code execution. CVE-2 ... oval:org.secpod.oval:def:702276 ruby2.0: Object-oriented scripting language - ruby2.1: Object-oriented scripting language - ruby1.9.1: Object-oriented scripting language - ruby1.8: Object-oriented scripting language Several security issues were fixed in Ruby. oval:org.secpod.oval:def:1501360 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:52335 ruby2.0: Object-oriented scripting language - ruby2.1: Object-oriented scripting language - ruby1.9.1: Object-oriented scripting language - ruby1.8: Object-oriented scripting language Several security issues were fixed in Ruby. oval:org.secpod.oval:def:89044784 This ruby2.1 update to version 2.1.9 fixes the following issues: Security issues fixed: - CVE-2016-2339: heap overflow vulnerability in the Fiddle::Function.new"initialize" (bsc#1018808) - CVE-2015-7551: Unsafe tainted string usage in Fiddle and DL (bsc#959495) - CVE-2015-3900: hostname validation d ... oval:org.secpod.oval:def:1500811 Updated ruby packages that fix three security issues are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are available for each vul ... |