[FEDORA-2022-a7ca6ee0cf] Fedora 36: ruby
Severity
Critical
Affected Packages
1
CVEs
2
Upgrade to Ruby 3.1.2.
Package | Affected Version |
---|---|
pkg:rpm/fedora/ruby?distro=fedora-36 | < 3.1.2.164.fc36 |
- ID
- FEDORA-2022-a7ca6ee0cf
- Severity
- critical
- Severity from
- CVE-2022-28738
- URL
- https://bodhi.fedoraproject.org/updates/FEDORA-2022-a7ca6ee0cf
- Published
-
2022-05-07T05:07:39
(2 years ago) - Modified
-
2022-05-07T05:07:39
(2 years ago) - Rights
- Copyright 2022 Red Hat, Inc.
- Other Advisories
-
- ALAS-2022-1638
- ALAS2-2022-1853
- ALPINE:CVE-2022-28738
- ALPINE:CVE-2022-28739
- ALSA-2022:6447
- ALSA-2022:6450
- ALSA-2022:6585
- ALSA-2023:7025
- ELSA-2022-5338
- ELSA-2022-6447
- ELSA-2022-6450
- ELSA-2022-6585
- ELSA-2023-12064
- ELSA-2023-7025
- FEDORA-2022-82a9edac27
- FEDORA-2022-8cf0124add
- FREEBSD:06ED6A49-BAD4-11EC-9CFE-0800270512F4
- FREEBSD:F22144D7-BAD1-11EC-9CFE-0800270512F4
- GLSA-202401-27
- MS:CVE-2022-28739
- RHSA-2022:5338
- RHSA-2022:6447
- RHSA-2022:6450
- RHSA-2022:6585
- RHSA-2023:7025
- RLSA-2022:5338
- RLSA-2022:6447
- RLSA-2022:6450
- RLSA-2022:6585
- SSA:2022-103-01
- SUSE-SU-2022:1512-1
- USN-5462-1
- USN-5462-2
Source | # ID | Name | URL |
---|---|---|---|
Bugzilla | 2075685 | Bug #2075685 - CVE-2022-28738 Ruby: Double free in Regexp compilation | https://bugzilla.redhat.com/show_bug.cgi?id=2075685 |
Bugzilla | 2075687 | Bug #2075687 - CVE-2022-28739 Ruby: Buffer overrun in String-to-Float conversion | https://bugzilla.redhat.com/show_bug.cgi?id=2075687 |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/fedora/ruby?distro=fedora-36 | fedora | ruby | < 3.1.2.164.fc36 | fedora-36 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |