First published: Tue Mar 28 2023(Updated: )
Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. <br>Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY (Don't Repeat Yourself) principle.<br>Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks.<br>Security Fix(es):<br><li> puma-5.6.4: http request smuggling vulnerabilities (CVE-2022-24790)</li> <li> rubygem-rack: crafted requests can cause shell escape sequences (CVE-2022-30123)</li> <li> moment: inefficient parsing algorithm resulting in DoS (CVE-2022-31129)</li> <li> rubygem-tzinfo: arbitrary code execution (CVE-2022-31163)</li> <li> rubygem-rack: crafted multipart POST request may cause a DoS (CVE-2022-30122)</li> For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/grafana | <5.2.4-6.el7 | 5.2.4-6.el7 |
redhat/python-django | <1.11.27-4.el7 | 1.11.27-4.el7 |
redhat/ruby | <2.4.9-94.el7 | 2.4.9-94.el7 |
redhat/rubygem-activemodel | <5.2.0-1.el7 | 5.2.0-1.el7 |
redhat/rubygem-activesupport | <5.2.0-1.el7 | 5.2.0-1.el7 |
redhat/rubygem-bcrypt | <3.1.12-2.el7 | 3.1.12-2.el7 |
redhat/rubygem-concurrent-ruby | <1.1.9-1.el7 | 1.1.9-1.el7 |
redhat/rubygem-i18n | <1.9.1-1.el7 | 1.9.1-1.el7 |
redhat/rubygem-mustermann | <1.0.3-1.el7 | 1.0.3-1.el7 |
redhat/rubygem-nio4r | <2.3.1-2.el7 | 2.3.1-2.el7 |
redhat/rubygem-puma | <4.3.12-1.el7 | 4.3.12-1.el7 |
redhat/rubygem-rack | <2.2.4-1.el7 | 2.2.4-1.el7 |
redhat/rubygem-rack-protection | <2.2.0-1.el7 | 2.2.0-1.el7 |
redhat/rubygem-sinatra | <2.2.0-1.el7 | 2.2.0-1.el7 |
redhat/rubygem-tilt | <2.0.11-1.el7 | 2.0.11-1.el7 |
redhat/rubygem-tzinfo | <1.2.10-1.el7 | 1.2.10-1.el7 |
redhat/python-django-bash-completion | <1.11.27-4.el7 | 1.11.27-4.el7 |
redhat/python2-django | <1.11.27-4.el7 | 1.11.27-4.el7 |
redhat/python2-django-doc | <1.11.27-4.el7 | 1.11.27-4.el7 |
redhat/ruby-debuginfo | <2.4.9-94.el7 | 2.4.9-94.el7 |
redhat/ruby-devel | <2.4.9-94.el7 | 2.4.9-94.el7 |
redhat/ruby-doc | <2.4.9-94.el7 | 2.4.9-94.el7 |
redhat/ruby-irb | <2.4.9-94.el7 | 2.4.9-94.el7 |
redhat/ruby-libs | <2.4.9-94.el7 | 2.4.9-94.el7 |
redhat/rubygem-activemodel-doc | <5.2.0-1.el7 | 5.2.0-1.el7 |
redhat/rubygem-activesupport-doc | <5.2.0-1.el7 | 5.2.0-1.el7 |
redhat/rubygem-bcrypt-debuginfo | <3.1.12-2.el7 | 3.1.12-2.el7 |
redhat/rubygem-bcrypt-doc | <3.1.12-2.el7 | 3.1.12-2.el7 |
redhat/rubygem-bigdecimal | <1.3.2-94.el7 | 1.3.2-94.el7 |
redhat/rubygem-concurrent-ruby-doc | <1.1.9-1.el7 | 1.1.9-1.el7 |
redhat/rubygem-i18n-doc | <1.9.1-1.el7 | 1.9.1-1.el7 |
redhat/rubygem-io-console | <0.4.6-94.el7 | 0.4.6-94.el7 |
redhat/rubygem-json | <2.0.4-94.el7 | 2.0.4-94.el7 |
redhat/rubygem-minitest | <5.10.1-94.el7 | 5.10.1-94.el7 |
redhat/rubygem-mustermann-doc | <1.0.3-1.el7 | 1.0.3-1.el7 |
redhat/rubygem-net-telnet | <0.1.1-94.el7 | 0.1.1-94.el7 |
redhat/rubygem-nio4r-debuginfo | <2.3.1-2.el7 | 2.3.1-2.el7 |
redhat/rubygem-nio4r-doc | <2.3.1-2.el7 | 2.3.1-2.el7 |
redhat/rubygem-openssl | <2.0.9-94.el7 | 2.0.9-94.el7 |
redhat/rubygem-psych | <2.2.2-94.el7 | 2.2.2-94.el7 |
redhat/rubygem-puma-debuginfo | <4.3.12-1.el7 | 4.3.12-1.el7 |
redhat/rubygem-puma-doc | <4.3.12-1.el7 | 4.3.12-1.el7 |
redhat/rubygem-rack-doc | <2.2.4-1.el7 | 2.2.4-1.el7 |
redhat/rubygem-rack-protection-doc | <2.2.0-1.el7 | 2.2.0-1.el7 |
redhat/rubygem-rake | <12.0.0-94.el7 | 12.0.0-94.el7 |
redhat/rubygem-rdoc | <5.0.1-94.el7 | 5.0.1-94.el7 |
redhat/rubygem-sinatra-doc | <2.2.0-1.el7 | 2.2.0-1.el7 |
redhat/rubygem-test-unit | <3.2.3-94.el7 | 3.2.3-94.el7 |
redhat/rubygem-tilt-doc | <2.0.11-1.el7 | 2.0.11-1.el7 |
redhat/rubygem-tzinfo-doc | <1.2.10-1.el7 | 1.2.10-1.el7 |
redhat/rubygem-xmlrpc | <0.2.1-94.el7 | 0.2.1-94.el7 |
redhat/rubygems | <2.6.14.4-94.el7 | 2.6.14.4-94.el7 |
redhat/rubygems-devel | <2.6.14.4-94.el7 | 2.6.14.4-94.el7 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.