[FEDORA-2017-6e6f4f95e6] Fedora 26: ruby
Severity
Critical
Affected Packages
1
CVEs
3
Update to Ruby 2.4.2.
Package | Affected Version |
---|---|
pkg:rpm/fedora/ruby?distro=fedora-26 | < 2.4.2.84.fc26 |
- ID
- FEDORA-2017-6e6f4f95e6
- Severity
- critical
- Severity from
- CVE-2017-0898
- URL
- https://bodhi.fedoraproject.org/updates/FEDORA-2017-6e6f4f95e6
- Published
-
2017-12-26T16:32:32
(6 years ago) - Modified
-
2017-12-26T16:32:32
(6 years ago) - Rights
- Copyright 2017 Red Hat, Inc.
- Other Advisories
-
- ALAS-2017-906
- ALAS-2017-915
- ALPINE:CVE-2017-0898
- ALPINE:CVE-2017-10784
- ALPINE:CVE-2017-14033
- DSA-4031-1
- ELSA-2018-0378
- FEDORA-2017-4166994614
- FREEBSD:95B01379-9D52-11E7-A25C-471BAFC3262F
- GLSA-201710-18
- RHSA-2018:0378
- RUBYSEC:OPENSSL-2017-14033
- RUBYSEC:WEBRICK-2017-10784
- SSA:2017-261-03
- SUSE-SU-2020:1570-1
- USN-3439-1
- USN-3528-1
- USN-3685-1
Source | # ID | Name | URL |
---|---|---|---|
Bugzilla | 1491866 | Bug #1491866 - CVE-2017-14033 ruby: Buffer underrun in OpenSSL ASN1 decode | https://bugzilla.redhat.com/show_bug.cgi?id=1491866 |
Bugzilla | 1492015 | Bug #1492015 - CVE-2017-0898 ruby: Buffer underrun vulnerability in Kernel.sprintf | https://bugzilla.redhat.com/show_bug.cgi?id=1492015 |
Bugzilla | 1492012 | Bug #1492012 - CVE-2017-10784 ruby: Escape sequence injection vulnerability in the Basic authentication of WEBrick | https://bugzilla.redhat.com/show_bug.cgi?id=1492012 |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/fedora/ruby?distro=fedora-26 | fedora | ruby | < 2.4.2.84.fc26 | fedora-26 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |