Red Hat Security Advisory 2019-2466-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. An improper authorization issue was addressed.
534d30174dfb322aaf0fafa9a7a2e1c9ad9cace1cb0ec33d283ab9e63df54fdeRed Hat Security Advisory 2019-2028-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include code execution, cross site scripting, denial of service, deserialization, and traversal vulnerabilities.
af7ea0f16d842acd5f9542998eec45ad2db90757e380ffb121da8f0487dca24dRed Hat Security Advisory 2019-1972-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include a code execution vulnerability.
243d42780d0dffc6e5200ed2c728c29512064ea83fe40f2580153d4294be20c9Red Hat Security Advisory 2019-1948-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. A name equality check issue was addressed.
38b7ef5d4ee2aaa9f014ed6de563438f3a839d16e1f95c9210323831f89f1abeRed Hat Security Advisory 2019-1833-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. This update fixes various bugs and adds enhancements.
983ea931c7621104c1aa972f82be6812018d0337d9de311aa3b376963f662aadDebian Linux Security Advisory 4481-1 - Harsh Jaiswal discovered a remote shell execution vulnerability in ruby-mini-magick, a Ruby library providing a wrapper around ImageMagick or GraphicsMagick, exploitable when using MiniMagick::Image.open with specially crafted URLs coming from unsanitized user input.
aa36aad09cf68ec9fc2dbd5a8d487adeecae222cc133274c56e70352ee64c874Red Hat Security Advisory 2019-1429-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. Issues addressed include a code execution vulnerability.
5b7f130f699a5a49f828b29131f6acba61d5b7e4ecc5061ffeb6c7667b32abd3Red Hat Security Advisory 2019-1289-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. Issues addressed include denial of service and traversal vulnerabilities.
295e04ff44625fe2b1afd775f67a1695a4c5c80d13c93f4b05ff3c6cc820a505Red Hat Security Advisory 2019-1235-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include a code execution vulnerability.
68b47f4ffdc07819c94fbeb47e6d696fbb807757f05ad06fdc02f508ff57c808Red Hat Security Advisory 2019-1151-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include a code execution vulnerability.
7b6b814596aa4be0ca9078da206b4ded22ebbda65f93064fad40ba4e4b39299fRed Hat Security Advisory 2019-1148-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include a code execution vulnerability.
26fdddfec5579545f5ee9d461266473699286717bb06b61f6ffe10ad638c1155Red Hat Security Advisory 2019-1147-01 - Ruby on Rails is a model-view-controller framework for web application development. Action Pack implements the controller and the view components. Issues addressed include denial of service and traversal vulnerabilities.
176ad29ccd859ac97edaa6ffb34b14feb1b0ff7c23cab9ba1d7903f20b06bc9fRed Hat Security Advisory 2019-1150-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include a code execution vulnerability.
07d489d2c615f7e15ca8a1478b8074194c9f9181351454af685b18724ae679b4Red Hat Security Advisory 2019-1149-01 - Ruby on Rails is a model-view-controller framework for web application development. Action Pack implements the controller and the view components. Issues addressed include denial of service and traversal vulnerabilities.
c1a51d9d3ab875233af1650dbdb71dcc1e0855a934989c6d5da9ccdfb15e9856This Metasploit module exploits a vulnerability in Ruby on Rails. In development mode, a Rails application would use its name as the secret_key_base, and can be easily extracted by visiting an invalid resource for a path. As a result, this allows a remote user to create and deliver a signed serialized payload, load it by the application, and gain remote code execution.
c41bfe806c54e70143302c2e59ad47e1d40d583ed2206ee0b710112183f254cbRed Hat Security Advisory 2019-0796-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. Issues addressed include database disclosure, denial of service, and traversal vulnerabilities.
7b0abf23eaef6dbaecd5d1d1ec306c91e866820b9b88b17aa29456046bde3439Debian Linux Security Advisory 4433-1 - Several vulnerabilities have been discovered in the Rubygems included in the interpreter for the Ruby language, which may result in denial of service or the execution of arbitrary code.
e3199047134c8bcfe7382ed803154e3f50c1ae57b7e6b37aef6f86cfedc00a6dUbuntu Security Notice 3945-1 - It was discovered that Ruby incorrectly handled certain RubyGems. An attacker could possibly use this issue to execute arbitrary commands. It was discovered that Ruby incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code.
07662eb98638315d7a099a07debfc7edf0f7ee599416db7060d2ec162c0b8110Red Hat Security Advisory 2019-0600-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. Issues addressed include a deserialization vulnerability.
24506c94945d77f1e69082d8877ef9e168907f81511d95811e8962ffa7ee64a0Red Hat Security Advisory 2019-0315-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. Issues addressed include a cross site scripting vulnerability.
dbe3bdd9fb25b0f8e7112aad117c48847fd8f9f967a4b076ee5b40dfcc7e2918Red Hat Security Advisory 2019-0212-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. Issues addressed include a cross site scripting vulnerability.
835760b3d6dfa49fe6d91c0adf7b5055c3da00d6b75ac1af0554eedc1a8d3fafDebian Linux Security Advisory 4364-1 - It was discovered that ruby-loofah, a general library for manipulating and transforming HTML/XML documents and fragments, performed insufficient sanitising of SVG elements.
fbbb51e620d1c0eb3b989fd23a9cffa84aeaadf79ae04a75f02355665e687999Debian Linux Security Advisory 4358-1 - The Shopify Application Security Team discovered that ruby-sanitize, a whitelist-based HTML sanitizer, is prone to a HTML injection vulnerability. A specially crafted HTML fragment can cause to allow non- whitelisted attributes to be used on a whitelisted HTML element.
40a3126031a021ed1604bc09ac2d9b39a41e33cd6fb5c6d278a6de68d833df59Red Hat Security Advisory 2018-3816-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. Issues addressed include memory disclosure and client-side security problems.
5babb9742f0b837b18016ae6e3fd236587c37fab6420f152508b801587269e6cRed Hat Security Advisory 2018-3738-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include a name equality check.
eb0ce715cf844684ef01e1980a5cde4f3ad3c61658a96a7c429bb1f1502520db
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed