[USN-5020-1] Ruby vulnerabilities
Severity
Medium
Affected Packages
21
CVEs
3
Several security issues were fixed in Ruby.
It was discovered that Ruby incorrectly handled certain inputs.
An attacker could possibly use this issue to execute arbitrary code.
(CVE-2021-31799)
It was discovered that Ruby incorrectly handled certain inputs.
An attacker could possibly use this issue to conduct
port scans and service banner extractions. This issue only affected
Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 20.10, and Ubuntu 21.04. (CVE-2021-31810)
It was discovered that Ruby incorrectly handled certain inputs.
An attacker could possibly use this issue to perform
machine-in-the-middle attackers to bypass the TLS protection.
(CVE-2021-32066)
- ID
- USN-5020-1
- Severity
- medium
- URL
- https://ubuntu.com/security/notices/USN-5020-1
- Published
-
2021-07-21T14:20:02
(3 years ago) - Modified
-
2021-07-21T14:20:02
(3 years ago) - Other Advisories
-
- ALAS-2021-1505
- ALAS-2021-1506
- ALAS2-2021-1641
- ALAS2-2024-2534
- ALAS2-2024-2570
- ALPINE:CVE-2021-31799
- ALPINE:CVE-2021-31810
- ALPINE:CVE-2021-32066
- ALSA-2021:3020
- ALSA-2022:0543
- ALSA-2022:0672
- ASA-202107-18
- ASA-202107-23
- ASA-202107-24
- DSA-5066-1
- ELSA-2021-3020
- ELSA-2022-0543
- ELSA-2022-0672
- FEDORA-2021-36cdab1f8d
- FREEBSD:57027417-AB7F-11EB-9596-080027F515EA
- FREEBSD:7ED5779C-E4C7-11EB-91D7-08002728F74C
- GLSA-202401-05
- GLSA-202401-27
- openSUSE-SU-2021:1535-1
- openSUSE-SU-2021:3838-1
- RHSA-2021:3020
- RHSA-2022:0543
- RHSA-2022:0672
- RLSA-2021:3020
- RLSA-2022:0543
- RLSA-2022:0672
- RUBYSEC:RDOC-2021-31799
- SUSE-SU-2021:3837-1
- SUSE-SU-2021:3838-1
- SUSE-SU-2022:1512-1
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:deb/ubuntu/ruby2.7?distro=hirsute | ubuntu | ruby2.7 | < 2.7.2-4ubuntu1.2 | hirsute | ||
Affected | pkg:deb/ubuntu/ruby2.7?distro=groovy | ubuntu | ruby2.7 | < 2.7.1-3ubuntu1.4 | groovy | ||
Affected | pkg:deb/ubuntu/ruby2.7?distro=focal | ubuntu | ruby2.7 | < 2.7.0-5ubuntu1.5 | focal | ||
Affected | pkg:deb/ubuntu/ruby2.7-doc?distro=hirsute | ubuntu | ruby2.7-doc | < 2.7.2-4ubuntu1.2 | hirsute | ||
Affected | pkg:deb/ubuntu/ruby2.7-doc?distro=groovy | ubuntu | ruby2.7-doc | < 2.7.1-3ubuntu1.4 | groovy | ||
Affected | pkg:deb/ubuntu/ruby2.7-doc?distro=focal | ubuntu | ruby2.7-doc | < 2.7.0-5ubuntu1.5 | focal | ||
Affected | pkg:deb/ubuntu/ruby2.7-dev?distro=hirsute | ubuntu | ruby2.7-dev | < 2.7.2-4ubuntu1.2 | hirsute | ||
Affected | pkg:deb/ubuntu/ruby2.7-dev?distro=groovy | ubuntu | ruby2.7-dev | < 2.7.1-3ubuntu1.4 | groovy | ||
Affected | pkg:deb/ubuntu/ruby2.7-dev?distro=focal | ubuntu | ruby2.7-dev | < 2.7.0-5ubuntu1.5 | focal | ||
Affected | pkg:deb/ubuntu/ruby2.5?distro=bionic | ubuntu | ruby2.5 | < 2.5.1-1ubuntu1.10 | bionic | ||
Affected | pkg:deb/ubuntu/ruby2.5-doc?distro=bionic | ubuntu | ruby2.5-doc | < 2.5.1-1ubuntu1.10 | bionic | ||
Affected | pkg:deb/ubuntu/ruby2.5-dev?distro=bionic | ubuntu | ruby2.5-dev | < 2.5.1-1ubuntu1.10 | bionic | ||
Affected | pkg:deb/ubuntu/ruby2.3?distro=xenial | ubuntu | ruby2.3 | < 2.3.1-2~ubuntu16.04.16+esm1 | xenial | ||
Affected | pkg:deb/ubuntu/ruby2.3-tcltk?distro=xenial | ubuntu | ruby2.3-tcltk | < 2.3.1-2~ubuntu16.04.16+esm1 | xenial | ||
Affected | pkg:deb/ubuntu/ruby2.3-doc?distro=xenial | ubuntu | ruby2.3-doc | < 2.3.1-2~ubuntu16.04.16+esm1 | xenial | ||
Affected | pkg:deb/ubuntu/ruby2.3-dev?distro=xenial | ubuntu | ruby2.3-dev | < 2.3.1-2~ubuntu16.04.16+esm1 | xenial | ||
Affected | pkg:deb/ubuntu/libruby2.7?distro=hirsute | ubuntu | libruby2.7 | < 2.7.2-4ubuntu1.2 | hirsute | ||
Affected | pkg:deb/ubuntu/libruby2.7?distro=groovy | ubuntu | libruby2.7 | < 2.7.1-3ubuntu1.4 | groovy | ||
Affected | pkg:deb/ubuntu/libruby2.7?distro=focal | ubuntu | libruby2.7 | < 2.7.0-5ubuntu1.5 | focal | ||
Affected | pkg:deb/ubuntu/libruby2.5?distro=bionic | ubuntu | libruby2.5 | < 2.5.1-1ubuntu1.10 | bionic | ||
Affected | pkg:deb/ubuntu/libruby2.3?distro=xenial | ubuntu | libruby2.3 | < 2.3.1-2~ubuntu16.04.16+esm1 | xenial |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |