[USN-5235-1] Ruby vulnerabilities
Severity
Medium
Affected Packages
21
CVEs
3
Several security issues were fixed in Ruby.
It was discovered that Ruby incorrectly handled certain HTML files.
An attacker could possibly use this issue to cause a crash. This
issue only affected Ubuntu 20.04 LTS, Ubuntu 21.04, and Ubuntu 21.10.
(CVE-2021-41816)
It was discovered that Ruby incorrectly handled certain regular expressions.
An attacker could possibly use this issue to cause a regular expression
denial of service. (CVE-2021-41817)
It was discovered that Ruby incorrectly handled certain cookie names.
An attacker could possibly use this issue to access or expose
sensitive information. (CVE-2021-41819)
- ID
- USN-5235-1
- Severity
- medium
- URL
- https://ubuntu.com/security/notices/USN-5235-1
- Published
-
2022-01-18T17:13:18
(2 years ago) - Modified
-
2022-01-18T17:13:18
(2 years ago) - Other Advisories
-
-
ALAS2-2023-2345
-
ALAS2-2024-2486
-
ALPINE:CVE-2021-41816
-
ALPINE:CVE-2021-41817
-
ALPINE:CVE-2021-41819
-
ALSA-2022:0543
-
ALSA-2022:5779
-
ALSA-2022:6447
-
ALSA-2022:6450
-
DSA-5066-1
-
DSA-5067-1
-
ELSA-2022-0543
-
ELSA-2022-5779
-
ELSA-2022-6447
-
ELSA-2022-6450
-
FEDORA-2022-82a9edac27
-
FEDORA-2022-8cf0124add
-
FREEBSD:2C6AF5C3-4D36-11EC-A539-0800270512F4
-
FREEBSD:4548EC97-4D38-11EC-A539-0800270512F4
-
FREEBSD:6916EA94-4628-11EC-BBE2-0800270512F4
-
GLSA-202401-27
-
MS:CVE-2021-41817
-
MS:CVE-2021-41819
-
RHSA-2022:0543
-
RHSA-2022:5779
-
RHSA-2022:6447
-
RHSA-2022:6450
-
RLSA-2022:0543
-
RLSA-2022:5779
-
RLSA-2022:6447
-
RLSA-2022:6450
-
RUBYSEC:CGI-2021-41816
-
RUBYSEC:CGI-2021-41819
-
RUBYSEC:DATE-2021-41817
-
SUSE-SU-2022:1512-1
-
SUSE-SU-2022:3292-1
-
SUSE-SU-2023:4176-1
-
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:deb/ubuntu/ruby2.7?distro=impish | ubuntu |
 ruby2.7
|
< 2.7.4-1ubuntu3.1 | impish | ||
| Affected | pkg:deb/ubuntu/ruby2.7?distro=hirsute | ubuntu |
ruby2.7
|
< 2.7.2-4ubuntu1.3 | hirsute | ||
| Affected | pkg:deb/ubuntu/ruby2.7?distro=focal | ubuntu |
ruby2.7
|
< 2.7.0-5ubuntu1.6 | focal | ||
| Affected | pkg:deb/ubuntu/ruby2.7-doc?distro=impish | ubuntu |
ruby2.7-doc
|
< 2.7.4-1ubuntu3.1 | impish | ||
| Affected | pkg:deb/ubuntu/ruby2.7-doc?distro=hirsute | ubuntu |
ruby2.7-doc
|
< 2.7.2-4ubuntu1.3 | hirsute | ||
| Affected | pkg:deb/ubuntu/ruby2.7-doc?distro=focal | ubuntu |
ruby2.7-doc
|
< 2.7.0-5ubuntu1.6 | focal | ||
| Affected | pkg:deb/ubuntu/ruby2.7-dev?distro=impish | ubuntu |
ruby2.7-dev
|
< 2.7.4-1ubuntu3.1 | impish | ||
| Affected | pkg:deb/ubuntu/ruby2.7-dev?distro=hirsute | ubuntu |
ruby2.7-dev
|
< 2.7.2-4ubuntu1.3 | hirsute | ||
| Affected | pkg:deb/ubuntu/ruby2.7-dev?distro=focal | ubuntu |
ruby2.7-dev
|
< 2.7.0-5ubuntu1.6 | focal | ||
| Affected | pkg:deb/ubuntu/ruby2.5?distro=bionic | ubuntu |
ruby2.5
|
< 2.5.1-1ubuntu1.11 | bionic | ||
| Affected | pkg:deb/ubuntu/ruby2.5-doc?distro=bionic | ubuntu |
ruby2.5-doc
|
< 2.5.1-1ubuntu1.11 | bionic | ||
| Affected | pkg:deb/ubuntu/ruby2.5-dev?distro=bionic | ubuntu |
ruby2.5-dev
|
< 2.5.1-1ubuntu1.11 | bionic | ||
| Affected | pkg:deb/ubuntu/ruby2.3?distro=xenial | ubuntu |
ruby2.3
|
< 2.3.1-2~ubuntu16.04.16+esm2 | xenial | ||
| Affected | pkg:deb/ubuntu/ruby2.3-tcltk?distro=xenial | ubuntu |
ruby2.3-tcltk
|
< 2.3.1-2~ubuntu16.04.16+esm2 | xenial | ||
| Affected | pkg:deb/ubuntu/ruby2.3-doc?distro=xenial | ubuntu |
ruby2.3-doc
|
< 2.3.1-2~ubuntu16.04.16+esm2 | xenial | ||
| Affected | pkg:deb/ubuntu/ruby2.3-dev?distro=xenial | ubuntu |
ruby2.3-dev
|
< 2.3.1-2~ubuntu16.04.16+esm2 | xenial | ||
| Affected | pkg:deb/ubuntu/libruby2.7?distro=impish | ubuntu |
libruby2.7
|
< 2.7.4-1ubuntu3.1 | impish | ||
| Affected | pkg:deb/ubuntu/libruby2.7?distro=hirsute | ubuntu |
libruby2.7
|
< 2.7.2-4ubuntu1.3 | hirsute | ||
| Affected | pkg:deb/ubuntu/libruby2.7?distro=focal | ubuntu |
libruby2.7
|
< 2.7.0-5ubuntu1.6 | focal | ||
| Affected | pkg:deb/ubuntu/libruby2.5?distro=bionic | ubuntu |
libruby2.5
|
< 2.5.1-1ubuntu1.11 | bionic | ||
| Affected | pkg:deb/ubuntu/libruby2.3?distro=xenial | ubuntu |
libruby2.3
|
< 2.3.1-2~ubuntu16.04.16+esm2 | xenial |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |