[USN-3945-1] Ruby vulnerabilities
Severity
Medium
Affected Packages
26
CVEs
6
Several security issues were fixed in Ruby.
It was discovered that Ruby incorrectly handled certain RubyGems.
An attacker could possibly use this issue to execute arbitrary commands.
(CVE-2019-8320)
It was discovered that Ruby incorrectly handled certain inputs.
An attacker could possibly use this issue to execute arbitrary code.
(CVE-2019-8321, CVE-2019-8322, CVE-2019-8323, CVE-2019-8324, CVE-2019-8325)
- ID
- USN-3945-1
- Severity
- medium
- URL
- https://ubuntu.com/security/notices/USN-3945-1
- Published
-
2019-04-11T12:59:47
(5 years ago) - Modified
-
2019-04-11T12:59:47
(5 years ago) - Other Advisories
-
- ALAS-2019-1255
- ALAS2-2019-1249
- ALBA-2019:3384
- ALPINE:CVE-2019-8320
- ALPINE:CVE-2019-8321
- ALPINE:CVE-2019-8322
- ALPINE:CVE-2019-8323
- ALPINE:CVE-2019-8324
- ALPINE:CVE-2019-8325
- ALSA-2019:1972
- DSA-4433-1
- ELSA-2019-1235
- ELSA-2019-1972
- FEDORA-2019-a155364f3c
- FEDORA-2019-feac6674b7
- FREEBSD:27B12D04-4722-11E9-8B7C-B5E01141761F
- openSUSE-SU-2019:1771-1
- RHBA-2019:3384
- RHSA-2019:1235
- RHSA-2019:1972
- RLBA-2019:3384
- RLSA-2019:1972
- RUBYSEC:RUBYGEMS-UPDATE-2019-8320
- RUBYSEC:RUBYGEMS-UPDATE-2019-8321
- RUBYSEC:RUBYGEMS-UPDATE-2019-8322
- RUBYSEC:RUBYGEMS-UPDATE-2019-8323
- RUBYSEC:RUBYGEMS-UPDATE-2019-8324
- RUBYSEC:RUBYGEMS-UPDATE-2019-8325
- SUSE-SU-2019:1804-1
- SUSE-SU-2020:1570-1
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:deb/ubuntu/ruby2.5?distro=cosmic | ubuntu | ruby2.5 | < 2.5.1-5ubuntu4.3 | cosmic | ||
Affected | pkg:deb/ubuntu/ruby2.5?distro=bionic | ubuntu | ruby2.5 | < 2.5.1-1ubuntu1.2 | bionic | ||
Affected | pkg:deb/ubuntu/ruby2.5-doc?distro=cosmic | ubuntu | ruby2.5-doc | < 2.5.1-5ubuntu4.3 | cosmic | ||
Affected | pkg:deb/ubuntu/ruby2.5-doc?distro=bionic | ubuntu | ruby2.5-doc | < 2.5.1-1ubuntu1.2 | bionic | ||
Affected | pkg:deb/ubuntu/ruby2.5-dev?distro=cosmic | ubuntu | ruby2.5-dev | < 2.5.1-5ubuntu4.3 | cosmic | ||
Affected | pkg:deb/ubuntu/ruby2.5-dev?distro=bionic | ubuntu | ruby2.5-dev | < 2.5.1-1ubuntu1.2 | bionic | ||
Affected | pkg:deb/ubuntu/ruby2.3?distro=xenial | ubuntu | ruby2.3 | < 2.3.1-2~16.04.12 | xenial | ||
Affected | pkg:deb/ubuntu/ruby2.3-tcltk?distro=xenial | ubuntu | ruby2.3-tcltk | < 2.3.1-2~16.04.12 | xenial | ||
Affected | pkg:deb/ubuntu/ruby2.3-doc?distro=xenial | ubuntu | ruby2.3-doc | < 2.3.1-2~16.04.12 | xenial | ||
Affected | pkg:deb/ubuntu/ruby2.3-dev?distro=xenial | ubuntu | ruby2.3-dev | < 2.3.1-2~16.04.12 | xenial | ||
Affected | pkg:deb/ubuntu/ruby2.0?distro=trusty | ubuntu | ruby2.0 | < 2.0.0.484-1ubuntu2.13 | trusty | ||
Affected | pkg:deb/ubuntu/ruby2.0-tcltk?distro=trusty | ubuntu | ruby2.0-tcltk | < 2.0.0.484-1ubuntu2.13 | trusty | ||
Affected | pkg:deb/ubuntu/ruby2.0-doc?distro=trusty | ubuntu | ruby2.0-doc | < 2.0.0.484-1ubuntu2.13 | trusty | ||
Affected | pkg:deb/ubuntu/ruby2.0-dev?distro=trusty | ubuntu | ruby2.0-dev | < 2.0.0.484-1ubuntu2.13 | trusty | ||
Affected | pkg:deb/ubuntu/ruby1.9.3?distro=trusty | ubuntu | ruby1.9.3 | < 1.9.3.484-2ubuntu1.14 | trusty | ||
Affected | pkg:deb/ubuntu/ruby1.9.1?distro=trusty | ubuntu | ruby1.9.1 | < 1.9.3.484-2ubuntu1.14 | trusty | ||
Affected | pkg:deb/ubuntu/ruby1.9.1-full?distro=trusty | ubuntu | ruby1.9.1-full | < 1.9.3.484-2ubuntu1.14 | trusty | ||
Affected | pkg:deb/ubuntu/ruby1.9.1-examples?distro=trusty | ubuntu | ruby1.9.1-examples | < 1.9.3.484-2ubuntu1.14 | trusty | ||
Affected | pkg:deb/ubuntu/ruby1.9.1-dev?distro=trusty | ubuntu | ruby1.9.1-dev | < 1.9.3.484-2ubuntu1.14 | trusty | ||
Affected | pkg:deb/ubuntu/ri1.9.1?distro=trusty | ubuntu | ri1.9.1 | < 1.9.3.484-2ubuntu1.14 | trusty | ||
Affected | pkg:deb/ubuntu/libtcltk-ruby1.9.1?distro=trusty | ubuntu | libtcltk-ruby1.9.1 | < 1.9.3.484-2ubuntu1.14 | trusty | ||
Affected | pkg:deb/ubuntu/libruby2.5?distro=cosmic | ubuntu | libruby2.5 | < 2.5.1-5ubuntu4.3 | cosmic | ||
Affected | pkg:deb/ubuntu/libruby2.5?distro=bionic | ubuntu | libruby2.5 | < 2.5.1-1ubuntu1.2 | bionic | ||
Affected | pkg:deb/ubuntu/libruby2.3?distro=xenial | ubuntu | libruby2.3 | < 2.3.1-2~16.04.12 | xenial | ||
Affected | pkg:deb/ubuntu/libruby2.0?distro=trusty | ubuntu | libruby2.0 | < 2.0.0.484-1ubuntu2.13 | trusty | ||
Affected | pkg:deb/ubuntu/libruby1.9.1?distro=trusty | ubuntu | libruby1.9.1 | < 1.9.3.484-2ubuntu1.14 | trusty |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |