Several security issues were fixed in Ruby ...
Synopsis
Critical: ruby security update
Type/Severity
Security Advisory: Critical
Topic
Updated ruby packages that fix one security issue are now available forRed Hat Enterprise Linux 62, 63, and 64 Extended Update SupportThe Red Hat Security Response Team has rated this update as having criticalsecurit ...
Synopsis
Critical: ruby193-ruby security update
Type/Severity
Security Advisory: Critical
Topic
Updated ruby193-ruby packages that fix one security issue are now availablefor Red Hat Software Collections 1The Red Hat Security Response Team has rated this update as having criticalsecurity impact A Common V ...
Synopsis
Critical: ruby193-ruby security update
Type/Severity
Security Advisory: Critical
Topic
Updated ruby193-ruby packages that fix one security issue are now availablefor Red Hat OpenStack 30The Red Hat Security Response Team has rated this update as having criticalsecurity impact A Common Vulnerabil ...
Synopsis
Critical: ruby security update
Type/Severity
Security Advisory: Critical
Topic
Updated ruby packages that fix one security issue are now available forRed Hat Enterprise Linux 6The Red Hat Security Response Team has rated this update as having criticalsecurity impact A Common Vulnerability Scoring ...
Charlie Somerville discovered that Ruby incorrectly handled floating
point number conversion If an application using Ruby accepted untrusted
input strings and converted them to floating point numbers, an attacker
able to provide such input could cause the application to crash or,
possibly, execute arbitrary code with the privileges of the applicat ...
Several vulnerabilities have been discovered in the interpreter for the
Ruby language The Common Vulnerabilities and Exposures project
identifies the following problems:
CVE-2013-1821
Ben Murphy discovered that unrestricted entity expansion in REXML
can lead to a Denial of Service by consuming all host memory
CVE-2013-4073
William (B ...
Heap-based buffer overflow in Ruby 18, 19 before 193-p484, 20 before 200-p353, 21 before 210 preview2, and trunk before revision 43780 allows context-dependent attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a string that is converted to a floating point value, as demonstrated using (1) ...
Heap-based buffer overflow in Ruby 18, 19 before 193-p484, 20 before 200-p353, 21 before 210 preview2, and trunk before revision 43780 allows context-dependent attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a string that is converted to a floating point value, as demonstrated using (1) ...