[FEDORA-2018-1fffa787e7] Fedora 26: ruby

Severity Critical

Affected Packages 1

CVEs 8

Fix: Multiple vulnerabilities in RubyGems https://www.ruby-
lang.org/en/news/2018/02/17/multiple-vulnerabilities-in-rubygems/

Package	Affected Version
pkg:rpm/fedora/ruby?distro=fedora-26	< 2.4.3.87.fc26

ID

FEDORA-2018-1fffa787e7

Severity

critical

Severity from

CVE-2018-1000076

URL

Published

2018-03-11T20:00:06
(6 years ago)

Modified

2018-03-11T20:00:06
(6 years ago)

Rights

Other Advisories

Source	# ID	Name	URL
Bugzilla	1547431	Bug #1547431 - CVE-2018-1000073 CVE-2018-1000074 CVE-2018-1000075 CVE-2018-1000076 CVE-2018-1000077 CVE-2018-1000078 CVE-2018-1000079 rubygems: various flaws [fedora-all]	https://bugzilla.redhat.com/show_bug.cgi?id=1547431
Bugzilla	1528226	Bug #1528226 - CVE-2017-17790 ruby: Command injection in lib/resolv.rb:lazy_initialize() allows arbitrary code execution [fedora-all]	https://bugzilla.redhat.com/show_bug.cgi?id=1528226

Type	Package URL	Namespace	Name / Product	Version	Distribution / Platform	Arch	Patch / Fix
Affected	pkg:rpm/fedora/ruby?distro=fedora-26	fedora	ruby	< 2.4.3.87.fc26	fedora-26

# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	Exploits	PoC	Pubblication Date	Modification Date
# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	PoC	Pubblication Date	Modification Date