[FEDORA-2022-82a9edac27] Fedora 34: ruby
Severity
Critical
Affected Packages
1
CVEs
5
- Rebuilt.
Package | Affected Version |
---|---|
pkg:rpm/fedora/ruby?distro=fedora-34 | < 3.0.4.153.fc34 |
- ID
- FEDORA-2022-82a9edac27
- Severity
- critical
- Severity from
- CVE-2021-41816
- URL
- https://bodhi.fedoraproject.org/updates/FEDORA-2022-82a9edac27
- Published
-
2022-05-08T02:03:44
(2 years ago) - Modified
-
2022-05-08T02:03:44
(2 years ago) - Rights
- Copyright 2022 Red Hat, Inc.
- Other Advisories
-
- ALAS-2022-1638
- ALAS2-2022-1853
- ALAS2-2023-2345
- ALAS2-2024-2486
- ALPINE:CVE-2021-41816
- ALPINE:CVE-2021-41817
- ALPINE:CVE-2021-41819
- ALPINE:CVE-2022-28738
- ALPINE:CVE-2022-28739
- ALSA-2022:0543
- ALSA-2022:5779
- ALSA-2022:6447
- ALSA-2022:6450
- ALSA-2022:6585
- ALSA-2023:7025
- DSA-5066-1
- DSA-5067-1
- ELSA-2022-0543
- ELSA-2022-5338
- ELSA-2022-5779
- ELSA-2022-6447
- ELSA-2022-6450
- ELSA-2022-6585
- ELSA-2023-12064
- ELSA-2023-7025
- FEDORA-2022-8cf0124add
- FEDORA-2022-a7ca6ee0cf
- FREEBSD:06ED6A49-BAD4-11EC-9CFE-0800270512F4
- FREEBSD:2C6AF5C3-4D36-11EC-A539-0800270512F4
- FREEBSD:4548EC97-4D38-11EC-A539-0800270512F4
- FREEBSD:6916EA94-4628-11EC-BBE2-0800270512F4
- FREEBSD:F22144D7-BAD1-11EC-9CFE-0800270512F4
- GLSA-202401-27
- MS:CVE-2021-41817
- MS:CVE-2021-41819
- MS:CVE-2022-28739
- RHSA-2022:0543
- RHSA-2022:5338
- RHSA-2022:5779
- RHSA-2022:6447
- RHSA-2022:6450
- RHSA-2022:6585
- RHSA-2023:7025
- RLSA-2022:0543
- RLSA-2022:5338
- RLSA-2022:5779
- RLSA-2022:6447
- RLSA-2022:6450
- RLSA-2022:6585
- RUBYSEC:CGI-2021-41816
- RUBYSEC:CGI-2021-41819
- RUBYSEC:DATE-2021-41817
- SSA:2022-103-01
- SUSE-SU-2022:1512-1
- SUSE-SU-2022:3292-1
- SUSE-SU-2023:4176-1
- USN-5235-1
- USN-5462-1
- USN-5462-2
Source | # ID | Name | URL |
---|---|---|---|
Bugzilla | 2025104 | Bug #2025104 - CVE-2021-41817 ruby: Regular expression denial of service vulnerability of Date parsing methods | https://bugzilla.redhat.com/show_bug.cgi?id=2025104 |
Bugzilla | 2075685 | Bug #2075685 - CVE-2022-28738 Ruby: Double free in Regexp compilation | https://bugzilla.redhat.com/show_bug.cgi?id=2075685 |
Bugzilla | 2026757 | Bug #2026757 - CVE-2021-41819 ruby: Cookie prefix spoofing in CGI::Cookie.parse | https://bugzilla.redhat.com/show_bug.cgi?id=2026757 |
Bugzilla | 2075687 | Bug #2075687 - CVE-2022-28739 Ruby: Buffer overrun in String-to-Float conversion | https://bugzilla.redhat.com/show_bug.cgi?id=2075687 |
Bugzilla | 2026752 | Bug #2026752 - CVE-2021-41816 ruby: buffer overflow in CGI.escape_html | https://bugzilla.redhat.com/show_bug.cgi?id=2026752 |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/fedora/ruby?distro=fedora-34 | fedora | ruby | < 3.0.4.153.fc34 | fedora-34 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |