[USN-3808-1] Ruby vulnerabilities
Severity
Medium
Affected Packages
22
CVEs
2
Several security issues were fixed in Ruby.
It was discovered that Ruby incorrectly handled certain X.509
certificates. An attacker could possibly use this issue to
bypass the certificate check. (CVE-2018-16395)
It was discovered that Ruby incorrectly handled certain
inputs. An attacker could possibly use this issue to execute
arbitrary code. (CVE-2018-16396)
- ID
- USN-3808-1
- Severity
- medium
- URL
- https://ubuntu.com/security/notices/USN-3808-1
- Published
-
2018-11-05T19:26:30
(5 years ago) - Modified
-
2018-11-05T19:26:30
(5 years ago) - Other Advisories
-
-
ALAS-2018-1113
-
ALAS-2020-1416
-
ALAS2-2019-1143
-
ALAS2-2019-1276
-
ALPINE:CVE-2018-16395
-
ALPINE:CVE-2018-16396
-
DSA-4332-1
-
ELSA-2018-3738
-
ELSA-2019-2028
-
FEDORA-2018-190ecd2ef8
-
FEDORA-2018-319b9d0f68
-
FEDORA-2018-6070bcf454
-
FREEBSD:AFC60484-0652-440E-B01A-5EF814747F06
-
MS:CVE-2018-16395
-
openSUSE-SU-2019:1771-1
-
RHSA-2018:3738
-
RHSA-2019:2028
-
RUBYSEC:OPENSSL-2018-16395
-
SUSE-SU-2019:1804-1
-
SUSE-SU-2020:1570-1
-
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:deb/ubuntu/ruby2.5?distro=bionic | ubuntu |
 ruby2.5
|
< 2.5.1-1ubuntu1.1 | bionic | ||
| Affected | pkg:deb/ubuntu/ruby2.5-doc?distro=bionic | ubuntu |
ruby2.5-doc
|
< 2.5.1-1ubuntu1.1 | bionic | ||
| Affected | pkg:deb/ubuntu/ruby2.5-dev?distro=bionic | ubuntu |
ruby2.5-dev
|
< 2.5.1-1ubuntu1.1 | bionic | ||
| Affected | pkg:deb/ubuntu/ruby2.3?distro=xenial | ubuntu |
ruby2.3
|
< 2.3.1-2~16.04.11 | xenial | ||
| Affected | pkg:deb/ubuntu/ruby2.3-tcltk?distro=xenial | ubuntu |
ruby2.3-tcltk
|
< 2.3.1-2~16.04.11 | xenial | ||
| Affected | pkg:deb/ubuntu/ruby2.3-doc?distro=xenial | ubuntu |
ruby2.3-doc
|
< 2.3.1-2~16.04.11 | xenial | ||
| Affected | pkg:deb/ubuntu/ruby2.3-dev?distro=xenial | ubuntu |
ruby2.3-dev
|
< 2.3.1-2~16.04.11 | xenial | ||
| Affected | pkg:deb/ubuntu/ruby2.0?distro=trusty | ubuntu |
ruby2.0
|
< 2.0.0.484-1ubuntu2.11 | trusty | ||
| Affected | pkg:deb/ubuntu/ruby2.0-tcltk?distro=trusty | ubuntu |
ruby2.0-tcltk
|
< 2.0.0.484-1ubuntu2.11 | trusty | ||
| Affected | pkg:deb/ubuntu/ruby2.0-doc?distro=trusty | ubuntu |
ruby2.0-doc
|
< 2.0.0.484-1ubuntu2.11 | trusty | ||
| Affected | pkg:deb/ubuntu/ruby2.0-dev?distro=trusty | ubuntu |
ruby2.0-dev
|
< 2.0.0.484-1ubuntu2.11 | trusty | ||
| Affected | pkg:deb/ubuntu/ruby1.9.3?distro=trusty | ubuntu |
ruby1.9.3
|
< 1.9.3.484-2ubuntu1.13 | trusty | ||
| Affected | pkg:deb/ubuntu/ruby1.9.1?distro=trusty | ubuntu |
ruby1.9.1
|
< 1.9.3.484-2ubuntu1.13 | trusty | ||
| Affected | pkg:deb/ubuntu/ruby1.9.1-full?distro=trusty | ubuntu |
ruby1.9.1-full
|
< 1.9.3.484-2ubuntu1.13 | trusty | ||
| Affected | pkg:deb/ubuntu/ruby1.9.1-examples?distro=trusty | ubuntu |
ruby1.9.1-examples
|
< 1.9.3.484-2ubuntu1.13 | trusty | ||
| Affected | pkg:deb/ubuntu/ruby1.9.1-dev?distro=trusty | ubuntu |
ruby1.9.1-dev
|
< 1.9.3.484-2ubuntu1.13 | trusty | ||
| Affected | pkg:deb/ubuntu/ri1.9.1?distro=trusty | ubuntu |
ri1.9.1
|
< 1.9.3.484-2ubuntu1.13 | trusty | ||
| Affected | pkg:deb/ubuntu/libtcltk-ruby1.9.1?distro=trusty | ubuntu |
libtcltk-ruby1.9.1
|
< 1.9.3.484-2ubuntu1.13 | trusty | ||
| Affected | pkg:deb/ubuntu/libruby2.5?distro=bionic | ubuntu |
libruby2.5
|
< 2.5.1-1ubuntu1.1 | bionic | ||
| Affected | pkg:deb/ubuntu/libruby2.3?distro=xenial | ubuntu |
libruby2.3
|
< 2.3.1-2~16.04.11 | xenial | ||
| Affected | pkg:deb/ubuntu/libruby2.0?distro=trusty | ubuntu |
libruby2.0
|
< 2.0.0.484-1ubuntu2.11 | trusty | ||
| Affected | pkg:deb/ubuntu/libruby1.9.1?distro=trusty | ubuntu |
libruby1.9.1
|
< 1.9.3.484-2ubuntu1.13 | trusty |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |