ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2019.0062
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2019-0062)
Resumen:	The remote host is missing an update for the 'jruby' package(s) announced via the MGASA-2019-0062 advisory.
Descripción:	Summary: The remote host is missing an update for the 'jruby' package(s) announced via the MGASA-2019-0062 advisory. Vulnerability Insight: Several vulnerabilities were discovered in jruby. They would allow an attacker to use specially crafted gem files to mount cross-site scripting attacks, cause denial of service through an infinite loop, write arbitrary files, or run malicious code (CVE-2018-1000073, CVE-2018-1000074, CVE-2018-1000075, CVE-2018-1000076, CVE-2018-1000077, CVE-2018-1000078, CVE-2018-1000079). Affected Software/OS: 'jruby' package(s) on Mageia 6. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2018-1000073 Debian Security Information: DSA-4219 (Google Search) https://www.debian.org/security/2018/dsa-4219 Debian Security Information: DSA-4259 (Google Search) https://www.debian.org/security/2018/dsa-4259 http://blog.rubygems.org/2018/02/15/2.7.6-released.html https://github.com/rubygems/rubygems/commit/1b931fc03b819b9a0214be3eaca844ef534175e2 https://lists.debian.org/debian-lts-announce/2018/08/msg00028.html RedHat Security Advisories: RHSA-2018:3729 https://access.redhat.com/errata/RHSA-2018:3729 RedHat Security Advisories: RHSA-2018:3730 https://access.redhat.com/errata/RHSA-2018:3730 RedHat Security Advisories: RHSA-2018:3731 https://access.redhat.com/errata/RHSA-2018:3731 RedHat Security Advisories: RHSA-2019:2028 https://access.redhat.com/errata/RHSA-2019:2028 RedHat Security Advisories: RHSA-2020:0542 https://access.redhat.com/errata/RHSA-2020:0542 RedHat Security Advisories: RHSA-2020:0591 https://access.redhat.com/errata/RHSA-2020:0591 RedHat Security Advisories: RHSA-2020:0663 https://access.redhat.com/errata/RHSA-2020:0663 SuSE Security Announcement: openSUSE-SU-2019:1771 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00036.html https://usn.ubuntu.com/3621-1/ Common Vulnerability Exposure (CVE) ID: CVE-2018-1000074 https://github.com/rubygems/rubygems/commit/254e3d0ee873c008c0b74e8b8abcbdab4caa0a6d https://lists.debian.org/debian-lts-announce/2018/04/msg00017.html https://lists.debian.org/debian-lts-announce/2019/05/msg00028.html https://usn.ubuntu.com/3621-2/ https://usn.ubuntu.com/3685-1/ Common Vulnerability Exposure (CVE) ID: CVE-2018-1000075 https://github.com/rubygems/rubygems/commit/92e98bf8f810bd812f919120d4832df51bc25d83 https://lists.debian.org/debian-lts-announce/2018/04/msg00000.html https://lists.debian.org/debian-lts-announce/2018/04/msg00001.html https://lists.debian.org/debian-lts-announce/2018/04/msg00023.html https://lists.debian.org/debian-lts-announce/2018/07/msg00012.html Common Vulnerability Exposure (CVE) ID: CVE-2018-1000076 https://github.com/rubygems/rubygems/commit/f5042b879259b1f1ce95a0c5082622c646376693 Common Vulnerability Exposure (CVE) ID: CVE-2018-1000077 https://github.com/rubygems/rubygems/commit/feadefc2d351dcb95d6492f5ad17ebca546eb964 Common Vulnerability Exposure (CVE) ID: CVE-2018-1000078 https://github.com/rubygems/rubygems/commit/66a28b9275551384fdab45f3591a82d6b59952cb Common Vulnerability Exposure (CVE) ID: CVE-2018-1000079 https://github.com/rubygems/rubygems/commit/666ef793cad42eed96f7aee1cdf77865db921099 https://github.com/rubygems/rubygems/commit/f83f911e19e27cbac1ccce7471d96642241dd759
Copyright	Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.