First published: Mon Feb 21 2022(Updated: )
Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks.<br>Security Fix(es):<br><li> rubygem-bundler: Dependencies of gems with explicit source may be installed from a different source (CVE-2020-36327)</li> <li> ruby: NUL injection vulnerability of File.fnmatch and File.fnmatch? (CVE-2019-15845)</li> <li> ruby: Regular expression denial of service vulnerability of WEBrick's Digest authentication (CVE-2019-16201)</li> <li> ruby: Code injection via command argument of Shell#test / Shell#[] (CVE-2019-16255)</li> <li> rubygem-json: Unsafe object creation vulnerability in JSON (CVE-2020-10663)</li> <li> ruby: BasicSocket#read_nonblock method leads to information disclosure (CVE-2020-10933)</li> <li> ruby: Potential HTTP request smuggling in WEBrick (CVE-2020-25613)</li> <li> ruby: XML round-trip vulnerability in REXML (CVE-2021-28965)</li> <li> rubygem-rdoc: Command injection vulnerability in RDoc (CVE-2021-31799)</li> <li> ruby: FTP PASV command response can cause Net::FTP to connect to arbitrary host (CVE-2021-31810)</li> <li> ruby: StartTLS stripping vulnerability in Net::IMAP (CVE-2021-32066)</li> <li> ruby: Regular expression denial of service vulnerability of Date parsing methods (CVE-2021-41817)</li> <li> ruby: Cookie prefix spoofing in CGI::Cookie.parse (CVE-2021-41819)</li> <li> ruby: HTTP response splitting in WEBrick (CVE-2019-16254)</li> For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/ruby | <2.6.9-107.module+el8.1.0+14088+04cf326e | 2.6.9-107.module+el8.1.0+14088+04cf326e |
redhat/rubygem-abrt | <0.3.0-4.module+el8.1.0+3653+beb38eb0 | 0.3.0-4.module+el8.1.0+3653+beb38eb0 |
redhat/rubygem-bson | <4.5.0-1.module+el8.1.0+3653+beb38eb0 | 4.5.0-1.module+el8.1.0+3653+beb38eb0 |
redhat/rubygem-mongo | <2.8.0-1.module+el8.1.0+3653+beb38eb0 | 2.8.0-1.module+el8.1.0+3653+beb38eb0 |
redhat/rubygem-mysql2 | <0.5.2-1.module+el8.1.0+3653+beb38eb0 | 0.5.2-1.module+el8.1.0+3653+beb38eb0 |
redhat/rubygem-pg | <1.1.4-1.module+el8.1.0+3653+beb38eb0 | 1.1.4-1.module+el8.1.0+3653+beb38eb0 |
redhat/ruby-doc | <2.6.9-107.module+el8.1.0+14088+04cf326e | 2.6.9-107.module+el8.1.0+14088+04cf326e |
redhat/rubygem-abrt | <0.3.0-4.module+el8.1.0+3653+beb38eb0 | 0.3.0-4.module+el8.1.0+3653+beb38eb0 |
redhat/rubygem-abrt-doc | <0.3.0-4.module+el8.1.0+3653+beb38eb0 | 0.3.0-4.module+el8.1.0+3653+beb38eb0 |
redhat/rubygem-bson-doc | <4.5.0-1.module+el8.1.0+3653+beb38eb0 | 4.5.0-1.module+el8.1.0+3653+beb38eb0 |
redhat/rubygem-bundler | <1.17.2-107.module+el8.1.0+14088+04cf326e | 1.17.2-107.module+el8.1.0+14088+04cf326e |
redhat/rubygem-irb | <1.0.0-107.module+el8.1.0+14088+04cf326e | 1.0.0-107.module+el8.1.0+14088+04cf326e |
redhat/rubygem-minitest | <5.11.3-107.module+el8.1.0+14088+04cf326e | 5.11.3-107.module+el8.1.0+14088+04cf326e |
redhat/rubygem-mongo | <2.8.0-1.module+el8.1.0+3653+beb38eb0 | 2.8.0-1.module+el8.1.0+3653+beb38eb0 |
redhat/rubygem-mongo-doc | <2.8.0-1.module+el8.1.0+3653+beb38eb0 | 2.8.0-1.module+el8.1.0+3653+beb38eb0 |
redhat/rubygem-mysql2-doc | <0.5.2-1.module+el8.1.0+3653+beb38eb0 | 0.5.2-1.module+el8.1.0+3653+beb38eb0 |
redhat/rubygem-net-telnet | <0.2.0-107.module+el8.1.0+14088+04cf326e | 0.2.0-107.module+el8.1.0+14088+04cf326e |
redhat/rubygem-pg-doc | <1.1.4-1.module+el8.1.0+3653+beb38eb0 | 1.1.4-1.module+el8.1.0+3653+beb38eb0 |
redhat/rubygem-rake | <12.3.3-107.module+el8.1.0+14088+04cf326e | 12.3.3-107.module+el8.1.0+14088+04cf326e |
redhat/rubygem-rdoc | <6.1.2.1-107.module+el8.1.0+14088+04cf326e | 6.1.2.1-107.module+el8.1.0+14088+04cf326e |
redhat/rubygem-test-unit | <3.2.9-107.module+el8.1.0+14088+04cf326e | 3.2.9-107.module+el8.1.0+14088+04cf326e |
redhat/rubygem-xmlrpc | <0.3.0-107.module+el8.1.0+14088+04cf326e | 0.3.0-107.module+el8.1.0+14088+04cf326e |
redhat/rubygems | <3.0.3.1-107.module+el8.1.0+14088+04cf326e | 3.0.3.1-107.module+el8.1.0+14088+04cf326e |
redhat/rubygems-devel | <3.0.3.1-107.module+el8.1.0+14088+04cf326e | 3.0.3.1-107.module+el8.1.0+14088+04cf326e |
redhat/ruby | <2.6.9-107.module+el8.1.0+14088+04cf326e | 2.6.9-107.module+el8.1.0+14088+04cf326e |
redhat/ruby-debuginfo | <2.6.9-107.module+el8.1.0+14088+04cf326e | 2.6.9-107.module+el8.1.0+14088+04cf326e |
redhat/ruby-debugsource | <2.6.9-107.module+el8.1.0+14088+04cf326e | 2.6.9-107.module+el8.1.0+14088+04cf326e |
redhat/ruby-devel | <2.6.9-107.module+el8.1.0+14088+04cf326e | 2.6.9-107.module+el8.1.0+14088+04cf326e |
redhat/ruby-libs | <2.6.9-107.module+el8.1.0+14088+04cf326e | 2.6.9-107.module+el8.1.0+14088+04cf326e |
redhat/ruby-libs-debuginfo | <2.6.9-107.module+el8.1.0+14088+04cf326e | 2.6.9-107.module+el8.1.0+14088+04cf326e |
redhat/rubygem-bigdecimal | <1.4.1-107.module+el8.1.0+14088+04cf326e | 1.4.1-107.module+el8.1.0+14088+04cf326e |
redhat/rubygem-bigdecimal-debuginfo | <1.4.1-107.module+el8.1.0+14088+04cf326e | 1.4.1-107.module+el8.1.0+14088+04cf326e |
redhat/rubygem-bson | <4.5.0-1.module+el8.1.0+3653+beb38eb0 | 4.5.0-1.module+el8.1.0+3653+beb38eb0 |
redhat/rubygem-bson-debuginfo | <4.5.0-1.module+el8.1.0+3653+beb38eb0 | 4.5.0-1.module+el8.1.0+3653+beb38eb0 |
redhat/rubygem-bson-debugsource | <4.5.0-1.module+el8.1.0+3653+beb38eb0 | 4.5.0-1.module+el8.1.0+3653+beb38eb0 |
redhat/rubygem-io-console | <0.4.7-107.module+el8.1.0+14088+04cf326e | 0.4.7-107.module+el8.1.0+14088+04cf326e |
redhat/rubygem-io-console-debuginfo | <0.4.7-107.module+el8.1.0+14088+04cf326e | 0.4.7-107.module+el8.1.0+14088+04cf326e |
redhat/rubygem-json | <2.1.0-107.module+el8.1.0+14088+04cf326e | 2.1.0-107.module+el8.1.0+14088+04cf326e |
redhat/rubygem-json-debuginfo | <2.1.0-107.module+el8.1.0+14088+04cf326e | 2.1.0-107.module+el8.1.0+14088+04cf326e |
redhat/rubygem-mysql2 | <0.5.2-1.module+el8.1.0+3653+beb38eb0 | 0.5.2-1.module+el8.1.0+3653+beb38eb0 |
redhat/rubygem-mysql2-debuginfo | <0.5.2-1.module+el8.1.0+3653+beb38eb0 | 0.5.2-1.module+el8.1.0+3653+beb38eb0 |
redhat/rubygem-mysql2-debugsource | <0.5.2-1.module+el8.1.0+3653+beb38eb0 | 0.5.2-1.module+el8.1.0+3653+beb38eb0 |
redhat/rubygem-openssl | <2.1.2-107.module+el8.1.0+14088+04cf326e | 2.1.2-107.module+el8.1.0+14088+04cf326e |
redhat/rubygem-openssl-debuginfo | <2.1.2-107.module+el8.1.0+14088+04cf326e | 2.1.2-107.module+el8.1.0+14088+04cf326e |
redhat/rubygem-pg | <1.1.4-1.module+el8.1.0+3653+beb38eb0 | 1.1.4-1.module+el8.1.0+3653+beb38eb0 |
redhat/rubygem-pg-debuginfo | <1.1.4-1.module+el8.1.0+3653+beb38eb0 | 1.1.4-1.module+el8.1.0+3653+beb38eb0 |
redhat/rubygem-pg-debugsource | <1.1.4-1.module+el8.1.0+3653+beb38eb0 | 1.1.4-1.module+el8.1.0+3653+beb38eb0 |
redhat/rubygem-psych | <3.1.0-107.module+el8.1.0+14088+04cf326e | 3.1.0-107.module+el8.1.0+14088+04cf326e |
redhat/rubygem-psych-debuginfo | <3.1.0-107.module+el8.1.0+14088+04cf326e | 3.1.0-107.module+el8.1.0+14088+04cf326e |
redhat/ruby | <2.6.9-107.module+el8.1.0+14088+04cf326e | 2.6.9-107.module+el8.1.0+14088+04cf326e |
redhat/ruby-debuginfo | <2.6.9-107.module+el8.1.0+14088+04cf326e | 2.6.9-107.module+el8.1.0+14088+04cf326e |
redhat/ruby-debuginfo | <2.6.9-107.module+el8.1.0+14088+04cf326e | 2.6.9-107.module+el8.1.0+14088+04cf326e |
redhat/ruby-debugsource | <2.6.9-107.module+el8.1.0+14088+04cf326e | 2.6.9-107.module+el8.1.0+14088+04cf326e |
redhat/ruby-debugsource | <2.6.9-107.module+el8.1.0+14088+04cf326e | 2.6.9-107.module+el8.1.0+14088+04cf326e |
redhat/ruby-devel | <2.6.9-107.module+el8.1.0+14088+04cf326e | 2.6.9-107.module+el8.1.0+14088+04cf326e |
redhat/ruby-devel | <2.6.9-107.module+el8.1.0+14088+04cf326e | 2.6.9-107.module+el8.1.0+14088+04cf326e |
redhat/ruby-libs | <2.6.9-107.module+el8.1.0+14088+04cf326e | 2.6.9-107.module+el8.1.0+14088+04cf326e |
redhat/ruby-libs | <2.6.9-107.module+el8.1.0+14088+04cf326e | 2.6.9-107.module+el8.1.0+14088+04cf326e |
redhat/ruby-libs-debuginfo | <2.6.9-107.module+el8.1.0+14088+04cf326e | 2.6.9-107.module+el8.1.0+14088+04cf326e |
redhat/ruby-libs-debuginfo | <2.6.9-107.module+el8.1.0+14088+04cf326e | 2.6.9-107.module+el8.1.0+14088+04cf326e |
redhat/rubygem-bigdecimal | <1.4.1-107.module+el8.1.0+14088+04cf326e | 1.4.1-107.module+el8.1.0+14088+04cf326e |
redhat/rubygem-bigdecimal | <1.4.1-107.module+el8.1.0+14088+04cf326e | 1.4.1-107.module+el8.1.0+14088+04cf326e |
redhat/rubygem-bigdecimal-debuginfo | <1.4.1-107.module+el8.1.0+14088+04cf326e | 1.4.1-107.module+el8.1.0+14088+04cf326e |
redhat/rubygem-bigdecimal-debuginfo | <1.4.1-107.module+el8.1.0+14088+04cf326e | 1.4.1-107.module+el8.1.0+14088+04cf326e |
redhat/rubygem-bson | <4.5.0-1.module+el8.1.0+3653+beb38eb0 | 4.5.0-1.module+el8.1.0+3653+beb38eb0 |
redhat/rubygem-bson-debuginfo | <4.5.0-1.module+el8.1.0+3653+beb38eb0 | 4.5.0-1.module+el8.1.0+3653+beb38eb0 |
redhat/rubygem-bson-debugsource | <4.5.0-1.module+el8.1.0+3653+beb38eb0 | 4.5.0-1.module+el8.1.0+3653+beb38eb0 |
redhat/rubygem-io-console | <0.4.7-107.module+el8.1.0+14088+04cf326e | 0.4.7-107.module+el8.1.0+14088+04cf326e |
redhat/rubygem-io-console | <0.4.7-107.module+el8.1.0+14088+04cf326e | 0.4.7-107.module+el8.1.0+14088+04cf326e |
redhat/rubygem-io-console-debuginfo | <0.4.7-107.module+el8.1.0+14088+04cf326e | 0.4.7-107.module+el8.1.0+14088+04cf326e |
redhat/rubygem-io-console-debuginfo | <0.4.7-107.module+el8.1.0+14088+04cf326e | 0.4.7-107.module+el8.1.0+14088+04cf326e |
redhat/rubygem-json | <2.1.0-107.module+el8.1.0+14088+04cf326e | 2.1.0-107.module+el8.1.0+14088+04cf326e |
redhat/rubygem-json | <2.1.0-107.module+el8.1.0+14088+04cf326e | 2.1.0-107.module+el8.1.0+14088+04cf326e |
redhat/rubygem-json-debuginfo | <2.1.0-107.module+el8.1.0+14088+04cf326e | 2.1.0-107.module+el8.1.0+14088+04cf326e |
redhat/rubygem-json-debuginfo | <2.1.0-107.module+el8.1.0+14088+04cf326e | 2.1.0-107.module+el8.1.0+14088+04cf326e |
redhat/rubygem-mysql2 | <0.5.2-1.module+el8.1.0+3653+beb38eb0 | 0.5.2-1.module+el8.1.0+3653+beb38eb0 |
redhat/rubygem-mysql2-debuginfo | <0.5.2-1.module+el8.1.0+3653+beb38eb0 | 0.5.2-1.module+el8.1.0+3653+beb38eb0 |
redhat/rubygem-mysql2-debugsource | <0.5.2-1.module+el8.1.0+3653+beb38eb0 | 0.5.2-1.module+el8.1.0+3653+beb38eb0 |
redhat/rubygem-openssl | <2.1.2-107.module+el8.1.0+14088+04cf326e | 2.1.2-107.module+el8.1.0+14088+04cf326e |
redhat/rubygem-openssl | <2.1.2-107.module+el8.1.0+14088+04cf326e | 2.1.2-107.module+el8.1.0+14088+04cf326e |
redhat/rubygem-openssl-debuginfo | <2.1.2-107.module+el8.1.0+14088+04cf326e | 2.1.2-107.module+el8.1.0+14088+04cf326e |
redhat/rubygem-openssl-debuginfo | <2.1.2-107.module+el8.1.0+14088+04cf326e | 2.1.2-107.module+el8.1.0+14088+04cf326e |
redhat/rubygem-pg | <1.1.4-1.module+el8.1.0+3653+beb38eb0 | 1.1.4-1.module+el8.1.0+3653+beb38eb0 |
redhat/rubygem-pg-debuginfo | <1.1.4-1.module+el8.1.0+3653+beb38eb0 | 1.1.4-1.module+el8.1.0+3653+beb38eb0 |
redhat/rubygem-pg-debugsource | <1.1.4-1.module+el8.1.0+3653+beb38eb0 | 1.1.4-1.module+el8.1.0+3653+beb38eb0 |
redhat/rubygem-psych | <3.1.0-107.module+el8.1.0+14088+04cf326e | 3.1.0-107.module+el8.1.0+14088+04cf326e |
redhat/rubygem-psych | <3.1.0-107.module+el8.1.0+14088+04cf326e | 3.1.0-107.module+el8.1.0+14088+04cf326e |
redhat/rubygem-psych-debuginfo | <3.1.0-107.module+el8.1.0+14088+04cf326e | 3.1.0-107.module+el8.1.0+14088+04cf326e |
redhat/rubygem-psych-debuginfo | <3.1.0-107.module+el8.1.0+14088+04cf326e | 3.1.0-107.module+el8.1.0+14088+04cf326e |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.