Detections
Analytics

TencentOS Server 3: ruby:3.0 (TSSA-2024:0234)

high Nessus Plugin ID 239106

Synopsis

The remote TencentOS Server 3 host is missing one or more security updates.

Description

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0234 advisory.

 Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:

 CVE-2021-33621:
 The cgi gem before 0.1.0.2, 0.2.x before 0.2.2, and 0.3.x before 0.3.5 for Ruby allows HTTP response splitting. This is relevant to applications that use untrusted user input either to generate an HTTP response or to create a CGI::Cookie object.

 CVE-2023-28755:
 A ReDoS issue was discovered in the URI component through 0.12.0 in Ruby through 3.2.1. The URI parser mishandles invalid URLs that have specific characters. It causes an increase in execution time for parsing strings to URI objects. The fixed versions are 0.12.1, 0.11.1, 0.10.2 and 0.10.0.1.

 CVE-2023-28756:
 A ReDoS issue was discovered in the Time component through 0.2.1 in Ruby through 3.2.1. The Time parser mishandles invalid URLs that have specific characters. It causes an increase in execution time for parsing strings to Time objects. The fixed versions are 0.1.1 and 0.2.2.

 CVE-2024-27280:
 A buffer overread flaw was found in rubygem StringIO. The ungetbyte and ungetc methods on a StringIO object can read past the end of a string, and a subsequent call to StringIO.gets may return the memory value.

 CVE-2024-27281:
 A flaw was found in Rubygem RDoc. When parsing .rdoc_options used for configuration in RDoc as a YAML file there are no restrictions on the classes that can be restored. This issue may lead to object injection, resulting in remote code execution.

 CVE-2024-27282:
 A flaw was found in Ruby. If attacker-supplied data is provided to the Ruby regex compiler, it is possible to extract arbitrary heap data relative to the start of the text, including pointers and sensitive strings.

Tenable has extracted the preceding description block directly from the Tencent Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://mirrors.tencent.com/tlinux/errata/tssa-20240234.xml

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33621

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28755

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28756

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27280

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27281

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27282

Plugin Details

Severity: High

ID: 239106

File Name: tencentos_TSSA_2024_0234.nasl

Version: 1.1

Type: local

Published: 6/16/2025

Updated: 6/16/2025

Supported Sensors: Nessus

Vulnerability Information

CPE: p-cpe:/a:tencent:tencentos_server:ruby, cpe:/o:tencent:tencentos_server:3, p-cpe:/a:tencent:tencentos_server:rubygem-pg, p-cpe:/a:tencent:tencentos_server:rubygem-mysql2, p-cpe:/a:tencent:tencentos_server:rubygem-abrt

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/etc/os-release, Host/TencentOS/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 5/30/2024

Vulnerability Publication Date: 5/30/2024