Red Hat Security Advisory 2019-2466-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. An improper authorization issue was addressed.
534d30174dfb322aaf0fafa9a7a2e1c9ad9cace1cb0ec33d283ab9e63df54fde
Red Hat Security Advisory 2019-2028-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include code execution, cross site scripting, denial of service, deserialization, and traversal vulnerabilities.
af7ea0f16d842acd5f9542998eec45ad2db90757e380ffb121da8f0487dca24d
Red Hat Security Advisory 2019-1972-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include a code execution vulnerability.
243d42780d0dffc6e5200ed2c728c29512064ea83fe40f2580153d4294be20c9
Red Hat Security Advisory 2019-1948-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. A name equality check issue was addressed.
38b7ef5d4ee2aaa9f014ed6de563438f3a839d16e1f95c9210323831f89f1abe
Red Hat Security Advisory 2019-1833-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. This update fixes various bugs and adds enhancements.
983ea931c7621104c1aa972f82be6812018d0337d9de311aa3b376963f662aad
Debian Linux Security Advisory 4481-1 - Harsh Jaiswal discovered a remote shell execution vulnerability in ruby-mini-magick, a Ruby library providing a wrapper around ImageMagick or GraphicsMagick, exploitable when using MiniMagick::Image.open with specially crafted URLs coming from unsanitized user input.
aa36aad09cf68ec9fc2dbd5a8d487adeecae222cc133274c56e70352ee64c874
Red Hat Security Advisory 2019-1429-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. Issues addressed include a code execution vulnerability.
5b7f130f699a5a49f828b29131f6acba61d5b7e4ecc5061ffeb6c7667b32abd3
Red Hat Security Advisory 2019-1289-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. Issues addressed include denial of service and traversal vulnerabilities.
295e04ff44625fe2b1afd775f67a1695a4c5c80d13c93f4b05ff3c6cc820a505
Red Hat Security Advisory 2019-1235-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include a code execution vulnerability.
68b47f4ffdc07819c94fbeb47e6d696fbb807757f05ad06fdc02f508ff57c808
Red Hat Security Advisory 2019-1151-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include a code execution vulnerability.
7b6b814596aa4be0ca9078da206b4ded22ebbda65f93064fad40ba4e4b39299f
Red Hat Security Advisory 2019-1148-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include a code execution vulnerability.
26fdddfec5579545f5ee9d461266473699286717bb06b61f6ffe10ad638c1155
Red Hat Security Advisory 2019-1147-01 - Ruby on Rails is a model-view-controller framework for web application development. Action Pack implements the controller and the view components. Issues addressed include denial of service and traversal vulnerabilities.
176ad29ccd859ac97edaa6ffb34b14feb1b0ff7c23cab9ba1d7903f20b06bc9f
Red Hat Security Advisory 2019-1150-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include a code execution vulnerability.
07d489d2c615f7e15ca8a1478b8074194c9f9181351454af685b18724ae679b4
Red Hat Security Advisory 2019-1149-01 - Ruby on Rails is a model-view-controller framework for web application development. Action Pack implements the controller and the view components. Issues addressed include denial of service and traversal vulnerabilities.
c1a51d9d3ab875233af1650dbdb71dcc1e0855a934989c6d5da9ccdfb15e9856
This Metasploit module exploits a vulnerability in Ruby on Rails. In development mode, a Rails application would use its name as the secret_key_base, and can be easily extracted by visiting an invalid resource for a path. As a result, this allows a remote user to create and deliver a signed serialized payload, load it by the application, and gain remote code execution.
c41bfe806c54e70143302c2e59ad47e1d40d583ed2206ee0b710112183f254cb
Red Hat Security Advisory 2019-0796-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. Issues addressed include database disclosure, denial of service, and traversal vulnerabilities.
7b0abf23eaef6dbaecd5d1d1ec306c91e866820b9b88b17aa29456046bde3439
Debian Linux Security Advisory 4433-1 - Several vulnerabilities have been discovered in the Rubygems included in the interpreter for the Ruby language, which may result in denial of service or the execution of arbitrary code.
e3199047134c8bcfe7382ed803154e3f50c1ae57b7e6b37aef6f86cfedc00a6d
Ubuntu Security Notice 3945-1 - It was discovered that Ruby incorrectly handled certain RubyGems. An attacker could possibly use this issue to execute arbitrary commands. It was discovered that Ruby incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code.
07662eb98638315d7a099a07debfc7edf0f7ee599416db7060d2ec162c0b8110
Red Hat Security Advisory 2019-0600-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. Issues addressed include a deserialization vulnerability.
24506c94945d77f1e69082d8877ef9e168907f81511d95811e8962ffa7ee64a0
Red Hat Security Advisory 2019-0315-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. Issues addressed include a cross site scripting vulnerability.
dbe3bdd9fb25b0f8e7112aad117c48847fd8f9f967a4b076ee5b40dfcc7e2918
Red Hat Security Advisory 2019-0212-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. Issues addressed include a cross site scripting vulnerability.
835760b3d6dfa49fe6d91c0adf7b5055c3da00d6b75ac1af0554eedc1a8d3faf
Debian Linux Security Advisory 4364-1 - It was discovered that ruby-loofah, a general library for manipulating and transforming HTML/XML documents and fragments, performed insufficient sanitising of SVG elements.
fbbb51e620d1c0eb3b989fd23a9cffa84aeaadf79ae04a75f02355665e687999
Debian Linux Security Advisory 4358-1 - The Shopify Application Security Team discovered that ruby-sanitize, a whitelist-based HTML sanitizer, is prone to a HTML injection vulnerability. A specially crafted HTML fragment can cause to allow non- whitelisted attributes to be used on a whitelisted HTML element.
40a3126031a021ed1604bc09ac2d9b39a41e33cd6fb5c6d278a6de68d833df59
Red Hat Security Advisory 2018-3816-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. Issues addressed include memory disclosure and client-side security problems.
5babb9742f0b837b18016ae6e3fd236587c37fab6420f152508b801587269e6c
Red Hat Security Advisory 2018-3738-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include a name equality check.
eb0ce715cf844684ef01e1980a5cde4f3ad3c61658a96a7c429bb1f1502520db