-
Red Hat Security Advisory 2024-1576-03
Ruby Files ≈ Packet Storm Apr 1, 2024 | 14:05 pmRed Hat Security Advisory 2024-1576-03 - An update for the ruby:3.1 module is now available for Red Hat Enterprise Linux 9. Issues addressed include HTTP response splitting and denial of service vulnerabilities.
Read more... -
Red Hat Security Advisory 2024-1431-03
Ruby Files ≈ Packet Storm Mar 20, 2024 | 14:38 pmRed Hat Security Advisory 2024-1431-03 - An update for the ruby:3.1 module is now available for Red Hat Enterprise Linux 8. Issues addressed include HTTP response splitting and denial of service vulnerabilities.
Read more... -
Debian Security Advisory 5635-1
Ruby Files ≈ Packet Storm Mar 5, 2024 | 14:41 pmDebian Linux Security Advisory 5635-1 - Aviv Keller discovered that the frames.html file generated by YARD, a documentation generation tool for the Ruby programming language, was vulnerable to cross-site scripting.
Read more... -
Debian Security Advisory 5616-1
Ruby Files ≈ Packet Storm Feb 6, 2024 | 15:52 pmDebian Linux Security Advisory 5616-1 - It was discovered that ruby-sanitize, a whitelist-based HTML sanitizer, insufficiently sanitized style elements, which may result in cross-site scripting.
Read more... -
Gentoo Linux Security Advisory 202401-27
Ruby Files ≈ Packet Storm Jan 24, 2024 | 15:01 pmGentoo Linux Security Advisory 202401-27 - Multiple vulnerabilities have been discovered in Ruby, the worst of which could lead to execution of arbitrary code. Multiple versions are affected.
Read more... -
Red Hat Security Advisory 2023-7025-01
Ruby Files ≈ Packet Storm Nov 15, 2023 | 14:04 pmRed Hat Security Advisory 2023-7025-01 - An update for the ruby:2.5 module is now available for Red Hat Enterprise Linux 8. Issues addressed include HTTP response splitting and denial of service vulnerabilities.
Read more... -
Debian Security Advisory 5530-1
Ruby Files ≈ Packet Storm Oct 23, 2023 | 14:32 pmDebian Linux Security Advisory 5530-1 - Several vulnerabilities were discovered in ruby-rack, a modular Ruby webserver interface, which may result in denial of service and shell escape sequence injection.
Read more... -
Ubuntu Security Notice USN-6219-1
Ruby Files ≈ Packet Storm Jul 17, 2023 | 13:58 pmUbuntu Security Notice 6219-1 - It was discovered that Ruby incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 20.10 and Ubuntu 20.04 LTS. It was[…]
Read more... -
Red Hat Security Advisory 2023-3821-01
Ruby Files ≈ Packet Storm Jun 28, 2023 | 03:08 amRed Hat Security Advisory 2023-3821-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include HTTP response splitting and denial of service vulnerabilities.
Read more... -
Ubuntu Security Notice USN-6181-1
Ruby Files ≈ Packet Storm Jun 21, 2023 | 15:59 pmUbuntu Security Notice 6181-1 - Hiroshi Tokumaru discovered that Ruby did not properly handle certain user input for applications the generate HTTP responses using cgi gem. An attacker could possibly use this issue to maliciously modify the response a user[…]
Read more...