Download
| Alert*
|
oval:org.secpod.oval:def:114113
Ruby is the interpreted scripting language for quick and easy object-oriented programming. It has many features to process text files and to do system management tasks . It is simple, straight-forward, and extensible. oval:org.secpod.oval:def:114074 Ruby is the interpreted scripting language for quick and easy object-oriented programming. It has many features to process text files and to do system management tasks . It is simple, straight-forward, and extensible. oval:org.secpod.oval:def:1700020 Path traversal when writing to a symlinked basedir outside of the rootRubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 series: 2.4.3 and earlier, Ruby 2.5 series: 2.5.0 and earlier, prior to trunk revision 62422 contains a Directory Traversal vulnerab ... oval:org.secpod.oval:def:1600867 Path traversal when writing to a symlinked basedir outside of the rootRubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 series: 2.4.3 and earlier, Ruby 2.5 series: 2.5.0 and earlier, prior to trunk revision 62422 contains a Directory Traversal vulnerab ... oval:org.secpod.oval:def:53383 Several vulnerabilities have been discovered in the interpreter for the Ruby language, which may result in incorrect processing of HTTP/FTP, directory traversal, command injection, unintended socket creation or information disclosure. This update also fixes several issues in RubyGems which could all ... oval:org.secpod.oval:def:52084 ruby2.3: Interpreter of object-oriented scripting language Ruby - ruby1.9.1: Interpreter of object-oriented scripting language Ruby Several security issues were fixed in Ruby. oval:org.secpod.oval:def:505102 Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: rh-ruby23-ruby , rh-ruby23-rubygems , rh-ruby23-rubygem-json , rh-ruby23-rubyg ... oval:org.secpod.oval:def:504842 Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: rh-ruby22-ruby , rh-ruby22-rubygems , rh-ruby22-rubygem-psych , rh-ruby22-ruby ... oval:org.secpod.oval:def:1502140 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:502236 Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fix: * It was discovered that the Net::FTP module did not properly process filenames in combination with certain operations. A remote attack ... oval:org.secpod.oval:def:204761 Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fix: * It was discovered that the Net::FTP module did not properly process filenames in combination with certain operations. A remote attack ... oval:org.secpod.oval:def:505105 Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: rh-ruby24-ruby . Security Fix: * ruby: Command injection vulnerability in Net ... oval:org.secpod.oval:def:704205 ruby2.3: Interpreter of object-oriented scripting language Ruby - ruby1.9.1: Interpreter of object-oriented scripting language Ruby Several security issues were fixed in Ruby. oval:org.secpod.oval:def:603472 Several vulnerabilities have been discovered in the interpreter for the Ruby language, which may result in incorrect processing of HTTP/FTP, directory traversal, command injection, unintended socket creation or information disclosure. This update also fixes several issues in RubyGems which could all ... oval:org.secpod.oval:def:89002928 This update for ruby2.1 fixes the following issues: Security issues fixed: - CVE-2015-9096: Fixed an SMTP command injection via CRLFsequences in a RCPT TO or MAIL FROM command . - CVE-2016-7798: Fixed an IV Reuse in GCM Mode . - CVE-2017-0898: Fixed a buffer underrun vulnerability in Kernel.sprintf ... oval:org.secpod.oval:def:2103534 Ruby before 2.4.3 allows Net::FTP command injection. Net::FTP#get, getbinaryfile, gettextfile, put, putbinaryfile, and puttextfile use Kernel#open to open a local file. If the localfile argument starts with the "|" pipe character, the command following the pipe character is executed. The default val ... oval:org.secpod.oval:def:2103546 The parser_yyerror function in the UTF-8 parser in Ruby 2.4.1 allows attackers to cause a denial of service (invalid write or read) or possibly have unspecified other impact via a crafted Ruby script, related to the parser_tokadd_utf8 function in parse.y. NOTE: this might have security relevance as ... |
