[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*


oval:org.secpod.oval:def:53180
Several vulnerabilities have been discovered in the interpreter for the Ruby language. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2017-0898 aerodudrizzt reported a buffer underrun vulnerability in the sprintf method of the Kernel module resulting in heap ...

oval:org.secpod.oval:def:52071
ruby2.3: Object-oriented scripting language - ruby1.9.1: Object-oriented scripting language - ruby2.0: Object-oriented scripting language Several security issues were fixed in Ruby.

oval:org.secpod.oval:def:113532
Ruby is the interpreted scripting language for quick and easy object-oriented programming. It has many features to process text files and to do system management tasks . It is simple, straight-forward, and extensible.

oval:org.secpod.oval:def:505102
Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: rh-ruby23-ruby , rh-ruby23-rubygems , rh-ruby23-rubygem-json , rh-ruby23-rubyg ...

oval:org.secpod.oval:def:704180
ruby2.3: Object-oriented scripting language - ruby1.9.1: Object-oriented scripting language - ruby2.0: Object-oriented scripting language Several security issues were fixed in Ruby.

oval:org.secpod.oval:def:1502140
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:502236
Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fix: * It was discovered that the Net::FTP module did not properly process filenames in combination with certain operations. A remote attack ...

oval:org.secpod.oval:def:703838
ruby1.9.1: Object-oriented scripting language Several security issues were fixed in Ruby.

oval:org.secpod.oval:def:52888
ruby1.9.1: Object-oriented scripting language Several security issues were fixed in Ruby.

oval:org.secpod.oval:def:603168
Several vulnerabilities have been discovered in the interpreter for the Ruby language. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2017-0898 aerodudrizzt reported a buffer underrun vulnerability in the sprintf method of the Kernel module resulting in heap ...

oval:org.secpod.oval:def:1600779
SMTP command injection via CRLF sequences in RCPT TO or MAIL FROM commands in Net::SMTPA SMTP command injection flaw was found in the way Ruby#039;s Net::SMTP module handled CRLF sequences in certain SMTP commands. An attacker could potentially use this flaw to inject SMTP commands in a SMTP session ...

oval:org.secpod.oval:def:505030
Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: rh-ruby24-ruby . Security Fix: * A buffer underflow was found in ruby"s sprin ...

oval:org.secpod.oval:def:1600799
Arbitrary heap exposure during a JSON.generate callRuby through 2.2.7, 2.3.x through 2.3.4, and 2.4.x through 2.4.1 can expose arbitrary memory during a JSON.generate call. The issues lies in using strdup in ext/json/ext/generator/generator.c, which will stop after encountering a #039;\\0#039; byte, ...

oval:org.secpod.oval:def:504842
Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: rh-ruby22-ruby , rh-ruby22-rubygems , rh-ruby22-rubygem-psych , rh-ruby22-ruby ...

oval:org.secpod.oval:def:204761
Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fix: * It was discovered that the Net::FTP module did not properly process filenames in combination with certain operations. A remote attack ...

oval:org.secpod.oval:def:48668
The host is installed with Apple Mac OS X 10.12.6 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle issues related to ruby. Successful exploitation may allow attackers to cause unexpected application termination or arbitrary code ...

oval:org.secpod.oval:def:113817
Ruby is the interpreted scripting language for quick and easy object-oriented programming. It has many features to process text files and to do system management tasks . It is simple, straight-forward, and extensible.

oval:org.secpod.oval:def:48684
The host is installed with Apple Mac OS X through 10.12.6, 10.13.6 or 10.14 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to properly handle multiple issues. Successful exploitation allows remote attackers to execute arbitrary code or read restricted ...

oval:org.secpod.oval:def:2103534
Ruby before 2.4.3 allows Net::FTP command injection. Net::FTP#get, getbinaryfile, gettextfile, put, putbinaryfile, and puttextfile use Kernel#open to open a local file. If the localfile argument starts with the "|" pipe character, the command following the pipe character is executed. The default val ...

oval:org.secpod.oval:def:2103546
The parser_yyerror function in the UTF-8 parser in Ruby 2.4.1 allows attackers to cause a denial of service (invalid write or read) or possibly have unspecified other impact via a crafted Ruby script, related to the parser_tokadd_utf8 function in parse.y. NOTE: this might have security relevance as ...

oval:org.secpod.oval:def:89002928
This update for ruby2.1 fixes the following issues: Security issues fixed: - CVE-2015-9096: Fixed an SMTP command injection via CRLFsequences in a RCPT TO or MAIL FROM command . - CVE-2016-7798: Fixed an IV Reuse in GCM Mode . - CVE-2017-0898: Fixed a buffer underrun vulnerability in Kernel.sprintf ...

CPE    1
cpe:/a:ruby-lang:ruby:2.2.0
CWE    1
CWE-134
*CVE
CVE-2017-0898

© SecPod Technologies