This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Ruby-Lang First view 2007-10-01
Product Ruby Last view 2023-03-31
Version Type
Update  
Edition  
Language  
Sofware Edition  
Target Software  
Target Hardware  
Other  

Activity : Overall

COMMON PLATFORM ENUMERATION: Repartition per Version

CPE Name Affected CVE
cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:* 67
cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:* 67
cpe:2.3:a:ruby-lang:ruby:1.8.5:*:*:*:*:*:*:* 64
cpe:2.3:a:ruby-lang:ruby:1.8.7:p71:*:*:*:*:*:* 62
cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:* 62
cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:* 62
cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:* 62
cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:* 62
cpe:2.3:a:ruby-lang:ruby:1.8:*:*:*:*:*:*:* 62
cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:* 62
cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:* 62
cpe:2.3:a:ruby-lang:ruby:1.8.1:*:*:*:*:*:*:* 62
cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:* 62
cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:* 62
cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:* 62
cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:* 62
cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:* 62
cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:* 62
cpe:2.3:a:ruby-lang:ruby:1.8.4:*:*:*:*:*:*:* 61
cpe:2.3:a:ruby-lang:ruby:1.8.5:p11:*:*:*:*:*:* 61
cpe:2.3:a:ruby-lang:ruby:1.8.5:preview4:*:*:*:*:*:* 61
cpe:2.3:a:ruby-lang:ruby:1.6.8:*:*:*:*:*:*:* 61
cpe:2.3:a:ruby-lang:ruby:1.8.4:preview2:*:*:*:*:*:* 61
cpe:2.3:a:ruby-lang:ruby:1.8.2:*:*:*:*:*:*:* 61
cpe:2.3:a:ruby-lang:ruby:1.8.5:p2:*:*:*:*:*:* 61
cpe:2.3:a:ruby-lang:ruby:1.8.5:p114:*:*:*:*:*:* 61
cpe:2.3:a:ruby-lang:ruby:1.8.5:p12:*:*:*:*:*:* 61
cpe:2.3:a:ruby-lang:ruby:1.8.3:preview2:*:*:*:*:*:* 61
cpe:2.3:a:ruby-lang:ruby:1.8.3:preview1:*:*:*:*:*:* 61
cpe:2.3:a:ruby-lang:ruby:1.8.5:preview3:*:*:*:*:*:* 61
cpe:2.3:a:ruby-lang:ruby:1.8.5:p52:*:*:*:*:*:* 61
cpe:2.3:a:ruby-lang:ruby:1.8.4:preview1:*:*:*:*:*:* 61
cpe:2.3:a:ruby-lang:ruby:1.8.5:p115:*:*:*:*:*:* 61
cpe:2.3:a:ruby-lang:ruby:1.8.3:*:*:*:*:*:*:* 61
cpe:2.3:a:ruby-lang:ruby:1.8.5:p231:*:*:*:*:*:* 61
cpe:2.3:a:ruby-lang:ruby:1.8.2:preview4:*:*:*:*:*:* 61
cpe:2.3:a:ruby-lang:ruby:1.8.2:preview2:*:*:*:*:*:* 61
cpe:2.3:a:ruby-lang:ruby:1.8.2:preview3:*:*:*:*:*:* 61
cpe:2.3:a:ruby-lang:ruby:1.8.1:-9:*:*:*:*:*:* 61
cpe:2.3:a:ruby-lang:ruby:1.8.5:p113:*:*:*:*:*:* 61
cpe:2.3:a:ruby-lang:ruby:1.8.4:preview3:*:*:*:*:*:* 61
cpe:2.3:a:ruby-lang:ruby:1.8.5:preview2:*:*:*:*:*:* 61
cpe:2.3:a:ruby-lang:ruby:1.8.5:preview5:*:*:*:*:*:* 61
cpe:2.3:a:ruby-lang:ruby:1.8.5:p35:*:*:*:*:*:* 61
cpe:2.3:a:ruby-lang:ruby:1.8.3:preview3:*:*:*:*:*:* 61
cpe:2.3:a:ruby-lang:ruby:1.8.5:preview1:*:*:*:*:*:* 61
cpe:2.3:a:ruby-lang:ruby:1.8.6:p111:*:*:*:*:*:* 60
cpe:2.3:a:ruby-lang:ruby:1.8.6:p36:*:*:*:*:*:* 60
cpe:2.3:a:ruby-lang:ruby:1.8.6:p230:*:*:*:*:*:* 60
cpe:2.3:a:ruby-lang:ruby:1.8.6:p286:*:*:*:*:*:* 60

Related : CVE

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
5.3 2023-03-31 CVE-2023-28756

A ReDoS issue was discovered in the Time component through 0.2.1 in Ruby through 3.2.1. The Time parser mishandles invalid URLs that have specific characters. It causes an increase in execution time for parsing strings to Time objects. The fixed versions are 0.1.1 and 0.2.2.

7.5 2023-02-09 CVE-2023-22795

A regular expression based DoS vulnerability in Action Dispatch <6.1.7.1 and <7.0.4.1 related to the If-None-Match header. A specially crafted HTTP If-None-Match header can cause the regular expression engine to enter a state of catastrophic backtracking, when on a version of Ruby below 3.2.0. This can cause the process to use large amounts of CPU and memory, leading to a possible DoS vulnerability All users running an affected release should either upgrade or use one of the workarounds immediately.

8.8 2022-11-18 CVE-2021-33621

The cgi gem before 0.1.0.2, 0.2.x before 0.2.2, and 0.3.x before 0.3.5 for Ruby allows HTTP response splitting. This is relevant to applications that use untrusted user input either to generate an HTTP response or to create a CGI::Cookie object.

9.8 2022-09-29 CVE-2016-2338

An exploitable heap overflow vulnerability exists in the Psych::Emitter start_document function of Ruby. In Psych::Emitter start_document function heap buffer "head" allocation is made based on tags array length. Specially constructed object passed as element of tags array can increase this array size after mentioned allocation and cause heap overflow.

7.5 2022-05-09 CVE-2022-28739

There is a buffer over-read in Ruby before 2.6.10, 2.7.x before 2.7.6, 3.x before 3.0.4, and 3.1.x before 3.1.2. It occurs in String-to-Float conversion, including Kernel#Float and String#to_f.

9.8 2022-05-09 CVE-2022-28738

A double free was found in the Regexp compiler in Ruby 3.x before 3.0.4 and 3.1.x before 3.1.2. If a victim attempts to create a Regexp from untrusted user input, an attacker may be able to write to unexpected memory locations.

7.5 2022-01-01 CVE-2021-41819

CGI::Cookie.parse in Ruby through 2.6.8 mishandles security prefixes in cookie names. This also affects the CGI gem through 0.3.0 for Ruby.

7.5 2022-01-01 CVE-2021-41817

Date.parse in the date gem through 3.2.0 for Ruby allows ReDoS (regular expression Denial of Service) via a long string. The fixed versions are 3.2.1, 3.1.2, 3.0.2, and 2.0.1.

7.4 2021-08-01 CVE-2021-32066

An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. Net::IMAP does not raise an exception when StartTLS fails with an an unknown response, which might allow man-in-the-middle attackers to bypass the TLS protections by leveraging a network position between the client and the registry to block the StartTLS command, aka a "StartTLS stripping attack."

7.5 2021-07-30 CVE-2021-28966

In Ruby through 3.0 on Windows, a remote attacker can submit a crafted path when a Web application handles a parameter with TmpDir.

5.8 2021-07-13 CVE-2021-31810

An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. A malicious FTP server can use the PASV response to trick Net::FTP into connecting back to a given IP address and port. This potentially makes curl extract information about services that are otherwise private and not disclosed (e.g., the attacker can conduct port scans and service banner extractions).

7.5 2021-04-21 CVE-2021-28965

The REXML gem before 3.2.5 in Ruby before 2.6.7, 2.7.x before 2.7.3, and 3.x before 3.0.1 does not properly address XML round-trip issues. An incorrect document can be produced after parsing and serializing.

7.5 2020-10-06 CVE-2020-25613

An issue was discovered in Ruby through 2.5.8, 2.6.x through 2.6.6, and 2.7.x through 2.7.1. WEBrick, a simple HTTP server bundled with Ruby, had not checked the transfer-encoding header value rigorously. An attacker may potentially exploit this issue to bypass a reverse proxy (which also has a poor header check), which may lead to an HTTP Request Smuggling attack.

5.3 2020-05-04 CVE-2020-10933

An issue was discovered in Ruby 2.5.x through 2.5.7, 2.6.x through 2.6.5, and 2.7.0. If a victim calls BasicSocket#read_nonblock(requested_size, buffer, exception: false), the method resizes the buffer to fit the requested size, but no data is copied. Thus, the buffer string provides the previous value of the heap. This may expose possibly sensitive data from the interpreter.

7.5 2020-04-28 CVE-2020-10663

The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through 2.6.5, has an Unsafe Object Creation Vulnerability. This is quite similar to CVE-2013-0269, but does not rely on poor garbage-collection behavior within Ruby. Specifically, use of JSON parsing methods can lead to creation of a malicious object within the interpreter, with adverse effects that are application-dependent.

7.5 2020-02-28 CVE-2020-5247

In Puma (RubyGem) before 4.3.2 and before 3.12.3, if an application using Puma allows untrusted input in a response header, an attacker can use newline characters (i.e. `CR`, `LF` or`/r`, `/n`) to end the header and inject malicious content, such as additional headers or an entirely new response body. This vulnerability is known as HTTP Response Splitting. While not an attack in itself, response splitting is a vector for several other attacks, such as cross-site scripting (XSS). This is related to CVE-2019-16254, which fixed this vulnerability for the WEBrick Ruby web server. This has been fixed in versions 4.3.2 and 3.12.3 by checking all headers for line endings and rejecting headers with those characters.

5.9 2019-11-29 CVE-2015-1855

verify_certificate_identity in the OpenSSL extension in Ruby before 2.0.0 patchlevel 645, 2.1.x before 2.1.6, and 2.2.x before 2.2.2 does not properly validate hostnames, which allows remote attackers to spoof servers via vectors related to (1) multiple wildcards, (1) wildcards in IDNA names, (3) case sensitivity, and (4) non-ASCII characters.

8.1 2019-11-26 CVE-2019-16255

Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 allows code injection if the first argument (aka the "command" argument) to Shell#[] or Shell#test in lib/shell.rb is untrusted data. An attacker can exploit this to call an arbitrary Ruby method.

5.3 2019-11-26 CVE-2019-16254

Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 allows HTTP Response Splitting. If a program using WEBrick inserts untrusted input into the response header, an attacker can exploit it to insert a newline character to split a header, and inject malicious content to deceive clients. NOTE: this issue exists because of an incomplete fix for CVE-2017-17742, which addressed the CRLF vector, but did not address an isolated CR or an isolated LF.

7.5 2019-11-26 CVE-2019-16201

WEBrick::HTTPAuth::DigestAuth in Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 has a regular expression Denial of Service cause by looping/backtracking. A victim must expose a WEBrick server that uses DigestAuth to the Internet or a untrusted network.

6.5 2019-11-26 CVE-2019-15845

Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 mishandles path checking within File.fnmatch functions.

9.8 2019-11-26 CVE-2011-4121

The OpenSSL extension of Ruby (Git trunk) versions after 2011-09-01 up to 2011-11-03 always generated an exponent value of '1' to be used for private RSA key generation. A remote attacker could use this flaw to bypass or corrupt integrity of services, depending on strong private RSA keys generation mechanism.

5.3 2019-11-26 CVE-2011-3624

Various methods in WEBrick::HTTPRequest in Ruby 1.9.2 and 1.8.7 and earlier do not validate the X-Forwarded-For, X-Forwarded-Host and X-Forwarded-Server headers in requests, which might allow remote attackers to inject arbitrary text into log files or bypass intended address parsing via a crafted header.

8.1 2018-11-16 CVE-2018-16396

An issue was discovered in Ruby before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.2, and 2.6.x before 2.6.0-preview3. It does not taint strings that result from unpacking tainted strings with some formats.

9.8 2018-11-16 CVE-2018-16395

An issue was discovered in the OpenSSL library in Ruby before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.2, and 2.6.x before 2.6.0-preview3. When two OpenSSL::X509::Name objects are compared using ==, depending on the ordering, non-equal objects may return true. When the first argument is one character longer than the second, or the second argument contains a character that is one less than a character in the same position of the first argument, the result of == will be true. This could be leveraged to create an illegitimate certificate that may be accepted as legitimate and then used in signing or encryption operations.

CWE : Common Weakness Enumeration

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
%idName
13% (11) CWE-20 Improper Input Validation
8% (7) CWE-264 Permissions, Privileges, and Access Controls
8% (7) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
7% (6) CWE-399 Resource Management Errors
7% (6) CWE-310 Cryptographic Issues
7% (6) CWE-287 Improper Authentication
7% (6) CWE-189 Numeric Errors
6% (5) CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path ...
4% (4) CWE-74 Failure to Sanitize Data into a Different Plane ('Injection')
3% (3) CWE-787 Out-of-bounds Write
2% (2) CWE-134 Uncontrolled Format String
2% (2) CWE-125 Out-of-bounds Read
2% (2) CWE-113 Failure to Sanitize CRLF Sequences in HTTP Headers ('HTTP Response ...
1% (1) CWE-755 Improper Handling of Exceptional Conditions
1% (1) CWE-565 Reliance on Cookies without Validation and Integrity Checking
1% (1) CWE-476 NULL Pointer Dereference
1% (1) CWE-444 Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggli...
1% (1) CWE-415 Double Free
1% (1) CWE-400 Uncontrolled Resource Consumption ('Resource Exhaustion')
1% (1) CWE-326 Inadequate Encryption Strength
1% (1) CWE-254 Security Features
1% (1) CWE-190 Integer Overflow or Wraparound
1% (1) CWE-94 Failure to Control Generation of Code ('Code Injection')
1% (1) CWE-93 Failure to Sanitize CRLF Sequences ('CRLF Injection')
1% (1) CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting')

Oval Markup Language : Definitions

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
OvalID Name
oval:org.mitre.oval:def:10738 The connect method in lib/net/http.rb in the (1) Net::HTTP and (2) Net::HTTPS...
oval:org.mitre.oval:def:18657 DSA-1412-1 ruby1.9 - possible man-in-the-middle attacks
oval:org.mitre.oval:def:18414 DSA-1410-1 ruby1.8 - possible man-in-the-middle attacks
oval:org.mitre.oval:def:17689 USN-596-1 -- ruby1.8 vulnerabilities
oval:org.mitre.oval:def:11025 The (1) Net::ftptls, (2) Net::telnets, (3) Net::imap, (4) Net::pop, and (5) N...
oval:org.mitre.oval:def:21946 ELSA-2007:0965: ruby security update (Moderate)
oval:org.mitre.oval:def:10937 Directory traversal vulnerability in WEBrick in Ruby 1.8 before 1.8.5-p115 an...
oval:org.mitre.oval:def:21785 ELSA-2008:0897: ruby security update (Moderate)
oval:org.mitre.oval:def:11601 Multiple integer overflows in the rb_str_buf_append function in Ruby 1.8.4 an...
oval:org.mitre.oval:def:10524 Multiple integer overflows in the rb_ary_store function in Ruby 1.8.4 and ear...
oval:org.mitre.oval:def:9646 The rb_str_format function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231...
oval:org.mitre.oval:def:17484 USN-621-1 -- ruby1.8 vulnerabilities
oval:org.mitre.oval:def:9606 Integer overflow in the (1) rb_ary_splice function in Ruby 1.8.4 and earlier,...
oval:org.mitre.oval:def:9959 Integer overflow in the (1) rb_ary_splice function in Ruby 1.8.4 and earlier,...
oval:org.mitre.oval:def:28980 RHSA-2008:0561 -- ruby security update (Moderate)
oval:org.mitre.oval:def:9863 Integer overflow in the rb_ary_fill function in array.c in Ruby before revisi...
oval:org.mitre.oval:def:7922 DSA-1618 ruby1.9 -- several vulnerabilities
oval:org.mitre.oval:def:7871 DSA-1612 ruby1.8 -- several vulnerabilities
oval:org.mitre.oval:def:20314 DSA-1618-1 ruby1.9 - several vulnerabilities
oval:org.mitre.oval:def:20201 DSA-1612-1 ruby1.8 - several vulnerabilities
oval:org.mitre.oval:def:21762 ELSA-2008:0561: ruby security update (Moderate)
oval:org.mitre.oval:def:11602 Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, an...
oval:org.mitre.oval:def:9682 Algorithmic complexity vulnerability in the WEBrick::HTTPUtils.split_header_v...
oval:org.mitre.oval:def:9793 The dl module in Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 thro...
oval:org.mitre.oval:def:9570 The regular expression engine (regex.c) in Ruby 1.8.5 and earlier, 1.8.6 thro...

Open Source Vulnerability Database (OSVDB)

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
78118 Ruby Hash Collission Form Parameter Parsing Remote DoS
74841 Ruby Random Seed Reset Random Number Value Prediction Weakness
74647 Ruby lib/securerandom.rb SecureRandom.random_bytes Function PRNG Initializati...
71640 Apple Mac OS X Ruby BigDecimal Class Integer Truncation Arbitrary Code Execution
70958 Ruby FileUtils.remove_entry_secure Method File Symlink Race Condition Arbitra...
70957 Ruby Exception#to_s Method Safe Level Security Bypass
66040 Ruby on Windows ARGF.inplace_mode Variable Local Overflow
61774 WEBrick HTTP Request Escape Sequence Terminal Command Injection
60880 Ruby string.c rb_str_justify() Function Overflow
55031 Ruby BigDecimal Library Float Data Type Conversion String Argument Handling DoS
52194 Ruby ext/openssl/ossl_ocsp.c OCSP_basic_verify() Function X.509 Certificate H...
47800 Ruby Regexp Engine (regex.c) Crafted Socket Request DoS
47753 Ruby REXML Library Crafted XML Document Handling DoS
47472 Ruby dl Module DL.dlopen Arbitrary Library Access
47471 WEBrick in Ruby WEBrick::HTTP::DefaultFileHandler Crafted HTTP Request DoS
47470 Ruby Safe Level Multiple Function Restriction Bypass
47469 Ruby resolv.rb DNS Query ID Field Prediction Cache Poisoning
46691 Ruby rb_ary_fill() Function Overflow
46554 Ruby rb_ary_splice Function Overflow (beg + rlen)
46553 Ruby rb_ary_splice Function REALLOC_N Overflow
46552 Ruby rb_str_format Function Unspecified Memory Corruption
46551 Ruby rb_ary_store Function Multiple Overflows
46550 Ruby rb_str_buf_append Function Multiple Overflows
44682 WEBrick in Ruby URI Multiple Encoded Traversal Arbitrary File Access
42616 Ruby WEBrick WEBrick::HTTPServ* :NondisclosureName Option Mixed Case Arbitrar...

OpenVAS Exploits

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2012-11-26 Name : FreeBSD Ports: ruby
File : nvt/freebsd_ruby13.nasl
2012-11-26 Name : FreeBSD Ports: ruby
File : nvt/freebsd_ruby14.nasl
2012-11-26 Name : FreeBSD Ports: ruby
File : nvt/freebsd_ruby15.nasl
2012-11-19 Name : Fedora Update for ruby FEDORA-2012-18017
File : nvt/gb_fedora_2012_18017_ruby_fc17.nasl
2012-10-31 Name : Ubuntu Update for ruby1.8 USN-1603-2
File : nvt/gb_ubuntu_USN_1603_2.nasl
2012-10-23 Name : Fedora Update for ruby FEDORA-2012-16086
File : nvt/gb_fedora_2012_16086_ruby_fc17.nasl
2012-10-23 Name : Ubuntu Update for ruby1.9.1 USN-1614-1
File : nvt/gb_ubuntu_USN_1614_1.nasl
2012-10-16 Name : Fedora Update for ruby FEDORA-2012-15395
File : nvt/gb_fedora_2012_15395_ruby_fc17.nasl
2012-10-16 Name : Fedora Update for ruby FEDORA-2012-15507
File : nvt/gb_fedora_2012_15507_ruby_fc16.nasl
2012-10-11 Name : Ubuntu Update for ruby1.9.1 USN-1602-1
File : nvt/gb_ubuntu_USN_1602_1.nasl
2012-10-11 Name : Ubuntu Update for ruby1.8 USN-1603-1
File : nvt/gb_ubuntu_USN_1603_1.nasl
2012-09-27 Name : Ubuntu Update for ruby1.9.1 USN-1583-1
File : nvt/gb_ubuntu_USN_1583_1.nasl
2012-07-30 Name : CentOS Update for irb CESA-2011:0908 centos4 x86_64
File : nvt/gb_CESA-2011_0908_irb_centos4_x86_64.nasl
2012-07-30 Name : CentOS Update for ruby CESA-2011:0909 centos5 x86_64
File : nvt/gb_CESA-2011_0909_ruby_centos5_x86_64.nasl
2012-07-30 Name : CentOS Update for ruby CESA-2012:0069 centos6
File : nvt/gb_CESA-2012_0069_ruby_centos6.nasl
2012-07-30 Name : CentOS Update for irb CESA-2012:0070 centos4
File : nvt/gb_CESA-2012_0070_irb_centos4.nasl
2012-07-30 Name : CentOS Update for ruby CESA-2012:0070 centos5
File : nvt/gb_CESA-2012_0070_ruby_centos5.nasl
2012-07-09 Name : RedHat Update for ruby RHSA-2011:1581-03
File : nvt/gb_RHSA-2011_1581-03_ruby.nasl
2012-07-09 Name : RedHat Update for ruby RHSA-2012:0069-01
File : nvt/gb_RHSA-2012_0069-01_ruby.nasl
2012-06-06 Name : RedHat Update for ruby RHSA-2011:0910-01
File : nvt/gb_RHSA-2011_0910-01_ruby.nasl
2012-05-18 Name : Mac OS X Multiple Vulnerabilities (2012-002)
File : nvt/gb_macosx_su12-002.nasl
2012-04-02 Name : Fedora Update for ruby FEDORA-2011-17542
File : nvt/gb_fedora_2011_17542_ruby_fc16.nasl
2012-03-07 Name : Mandriva Update for ruby MDVSA-2012:024 (ruby)
File : nvt/gb_mandriva_MDVSA_2012_024.nasl
2012-03-07 Name : Ubuntu Update for ruby1.8 USN-1377-1
File : nvt/gb_ubuntu_USN_1377_1.nasl
2012-02-12 Name : FreeBSD Ports: jruby
File : nvt/freebsd_jruby.nasl

Information Assurance Vulnerability Management (IAVM)

id Description
2014-A-0030 Apple Mac OS X Security Update 2014-001
Severity: Category I - VMSKEY: V0044547

Snort® IPS/IDS

Date Description
2018-06-26 Ruby Net FTP library command injection attempt
RuleID : 46791 - Type : SERVER-WEBAPP - Revision : 2
2014-03-15 XML exponential entity expansion attack attempt
RuleID : 29800 - Type : FILE-OTHER - Revision : 4
2014-01-10 XML exponential entity expansion attack attempt
RuleID : 27096 - Type : FILE-OTHER - Revision : 5

Nessus® Vulnerability Scanner

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2019-01-10 Name: The remote Amazon Linux 2 host is missing a security update.
File: al2_ALAS-2019-1143.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-319b9d0f68.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-6070bcf454.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-dd8162c004.nasl - Type: ACT_GATHER_INFO
2018-12-14 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2018-3738.nasl - Type: ACT_GATHER_INFO
2018-12-07 Name: The remote Amazon Linux AMI host is missing a security update.
File: ala_ALAS-2018-1113.nasl - Type: ACT_GATHER_INFO
2018-11-23 Name: The remote Fedora host is missing a security update.
File: fedora_2018-190ecd2ef8.nasl - Type: ACT_GATHER_INFO
2018-11-21 Name: The remote EulerOS Virtualization host is missing multiple security updates.
File: EulerOS_SA-2018-1374.nasl - Type: ACT_GATHER_INFO
2018-11-05 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-4332.nasl - Type: ACT_GATHER_INFO
2018-10-31 Name: The remote host is missing a macOS or Mac OS X security update that fixes mul...
File: macosx_SecUpd2018-005.nasl - Type: ACT_GATHER_INFO
2018-10-29 Name: The remote Debian host is missing a security update.
File: debian_DLA-1558.nasl - Type: ACT_GATHER_INFO
2018-10-26 Name: The remote EulerOS Virtualization host is missing a security update.
File: EulerOS_SA-2018-1347.nasl - Type: ACT_GATHER_INFO
2018-10-22 Name: The remote FreeBSD host is missing one or more security-related updates.
File: freebsd_pkg_afc604840652440eb01a5ef814747f06.nasl - Type: ACT_GATHER_INFO
2018-09-18 Name: The remote EulerOS Virtualization host is missing multiple security updates.
File: EulerOS_SA-2018-1248.nasl - Type: ACT_GATHER_INFO
2018-09-18 Name: The remote EulerOS Virtualization host is missing multiple security updates.
File: EulerOS_SA-2018-1275.nasl - Type: ACT_GATHER_INFO
2018-08-29 Name: The remote Debian host is missing a security update.
File: debian_DLA-1480.nasl - Type: ACT_GATHER_INFO
2018-08-17 Name: The remote PhotonOS host is missing multiple security updates.
File: PhotonOS_PHSA-2017-0002.nasl - Type: ACT_GATHER_INFO
2018-08-17 Name: The remote PhotonOS host is missing multiple security updates.
File: PhotonOS_PHSA-2017-0021.nasl - Type: ACT_GATHER_INFO
2018-08-17 Name: The remote PhotonOS host is missing multiple security updates.
File: PhotonOS_PHSA-2017-0024.nasl - Type: ACT_GATHER_INFO
2018-08-17 Name: The remote PhotonOS host is missing multiple security updates.
File: PhotonOS_PHSA-2017-0034.nasl - Type: ACT_GATHER_INFO
2018-08-17 Name: The remote PhotonOS host is missing multiple security updates.
File: PhotonOS_PHSA-2017-0037.nasl - Type: ACT_GATHER_INFO
2018-08-17 Name: The remote PhotonOS host is missing multiple security updates.
File: PhotonOS_PHSA-2018-1_0-0098-a.nasl - Type: ACT_GATHER_INFO
2018-08-17 Name: The remote PhotonOS host is missing multiple security updates.
File: PhotonOS_PHSA-2018-1_0-0100.nasl - Type: ACT_GATHER_INFO
2018-08-02 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-4259.nasl - Type: ACT_GATHER_INFO
2018-07-24 Name: The remote PhotonOS host is missing multiple security updates.
File: PhotonOS_PHSA-2018-2_0-0011-a.nasl - Type: ACT_GATHER_INFO