[FEDORA-2024-14db7b21a2] Fedora 40: ruby
Severity
Critical
Affected Packages
1
CVEs
3
Upgrade to Ruby 3.3.1.
Package | Affected Version |
---|---|
pkg:rpm/fedora/ruby?distro=fedora-40 | < 3.3.1.7.fc40 |
- ID
- FEDORA-2024-14db7b21a2
- Severity
- critical
- Severity from
- CVE-2024-27280
- URL
- https://bodhi.fedoraproject.org/updates/FEDORA-2024-14db7b21a2
- Published
-
2024-05-03T01:46:00
(4 months ago) - Modified
-
2024-05-03T01:46:00
(4 months ago) - Rights
- Copyright 2024 Red Hat, Inc.
- Other Advisories
-
- ALPINE:CVE-2024-27280
- ALPINE:CVE-2024-27281
- ALPINE:CVE-2024-27282
- ALSA-2024:3500
- ALSA-2024:3546
- ALSA-2024:3668
- ALSA-2024:3670
- ALSA-2024:3671
- ALSA-2024:3838
- ALSA-2024:4499
- DSA-5677-1
- ELSA-2024-3500
- ELSA-2024-3546
- ELSA-2024-3668
- ELSA-2024-3670
- ELSA-2024-3671
- ELSA-2024-3838
- ELSA-2024-4499
- FEDORA-2024-31cac8b8ec
- FEDORA-2024-48bdd3abbf
- FREEBSD:2CE1A2F1-0177-11EF-A45E-08002784C58D
- GLSA-202406-03
- RHSA-2024:3500
- RHSA-2024:3546
- RHSA-2024:3668
- RHSA-2024:3670
- RHSA-2024:3671
- RHSA-2024:3838
- RHSA-2024:4499
- RUBYSEC:RDOC-2024-27281
- RUBYSEC:STRINGIO-2024-27280
- SSA:2024-114-01
- USN-6838-1
- USN-6853-1
Source | # ID | Name | URL |
---|---|---|---|
Bugzilla | 2276810 | Bug #2276810 - CVE-2024-27282 ruby: Arbitrary memory address read vulnerability with Regex search | https://bugzilla.redhat.com/show_bug.cgi?id=2276810 |
Bugzilla | 2270749 | Bug #2270749 - CVE-2024-27281 ruby: RCE vulnerability with .rdoc_options in RDoc | https://bugzilla.redhat.com/show_bug.cgi?id=2270749 |
Bugzilla | 2270750 | Bug #2270750 - CVE-2024-27280 ruby: Buffer overread vulnerability in StringIO | https://bugzilla.redhat.com/show_bug.cgi?id=2270750 |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/fedora/ruby?distro=fedora-40 | fedora | ruby | < 3.3.1.7.fc40 | fedora-40 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |