[FEDORA-2024-31cac8b8ec] Fedora 39: ruby
Severity
Critical
Affected Packages
1
CVEs
5
Upgrade to Ruby 3.2.4.
| Package | Affected Version |
|---|---|
 pkg:rpm/fedora/ruby?distro=fedora-39
|
< 3.2.4.182.fc39 |
- ID
- FEDORA-2024-31cac8b8ec
- Severity
- critical
- Severity from
- CVE-2024-27280
- URL
- https://bodhi.fedoraproject.org/updates/FEDORA-2024-31cac8b8ec
- Published
-
2024-05-04T01:33:23
(4 months ago) - Modified
-
2024-05-04T01:33:23
(4 months ago) - Rights
- Copyright 2024 Red Hat, Inc.
- Other Advisories
-
-
ALPINE:CVE-2023-28755
-
ALPINE:CVE-2024-27280
-
ALPINE:CVE-2024-27281
-
ALPINE:CVE-2024-27282
-
ALSA-2023:3821
-
ALSA-2023:7025
-
ALSA-2024:1431
-
ALSA-2024:1576
-
ALSA-2024:3500
-
ALSA-2024:3546
-
ALSA-2024:3668
-
ALSA-2024:3670
-
ALSA-2024:3671
-
ALSA-2024:3838
-
ALSA-2024:4499
-
DSA-5677-1
-
ELSA-2023-3821
-
ELSA-2023-7025
-
ELSA-2024-1431
-
ELSA-2024-1576
-
ELSA-2024-3500
-
ELSA-2024-3546
-
ELSA-2024-3668
-
ELSA-2024-3670
-
ELSA-2024-3671
-
ELSA-2024-3838
-
ELSA-2024-4499
-
FEDORA-2023-6b924d3b75
-
FEDORA-2023-a7be7ea1aa
-
FEDORA-2023-f58d72c700
-
FEDORA-2024-14db7b21a2
-
FEDORA-2024-48bdd3abbf
-
FREEBSD:2CE1A2F1-0177-11EF-A45E-08002784C58D
-
FREEBSD:9B60BBA1-CF18-11ED-BD44-080027F5FEC9
-
GLSA-202401-27
-
GLSA-202406-03
-
RHSA-2023:3821
-
RHSA-2023:7025
-
RHSA-2024:1431
-
RHSA-2024:1576
-
RHSA-2024:3500
-
RHSA-2024:3546
-
RHSA-2024:3668
-
RHSA-2024:3670
-
RHSA-2024:3671
-
RHSA-2024:3838
-
RHSA-2024:4499
-
RUBYSEC:RDOC-2024-27281
-
RUBYSEC:STRINGIO-2024-27280
-
RUBYSEC:URI-2023-28755
-
RUBYSEC:URI-2023-36617
-
SSA:2023-090-01
-
SSA:2024-114-01
-
SUSE-SU-2023:4176-1
-
USN-6055-1
-
USN-6055-2
-
USN-6087-1
-
USN-6181-1
-
USN-6219-1
-
USN-6838-1
-
USN-6853-1
-
| Source | # ID | Name | URL |
|---|---|---|---|
| Bugzilla | 2270749 | Bug #2270749 - CVE-2024-27281 ruby: RCE vulnerability with .rdoc_options in RDoc |
|
| Bugzilla | 2270750 | Bug #2270750 - CVE-2024-27280 ruby: Buffer overread vulnerability in StringIO |
|
| Bugzilla | 2276810 | Bug #2276810 - CVE-2024-27282 ruby: Arbitrary memory address read vulnerability with Regex search |
|
| Bugzilla | 2218614 | Bug #2218614 - CVE-2023-36617 rubygem-uri: ReDoS vulnerability - upstream's incomplete fix for CVE-2023-28755 |
|
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:rpm/fedora/ruby?distro=fedora-39 | fedora |
ruby
|
< 3.2.4.182.fc39 | fedora-39 |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |