Lucene search
RedHatRHSA-2021:2584HistoryJun 29, 2021 - 1:57 p.m.
(RHSA-2021:2584) Moderate: ruby:2.7 security, bug fix, and enhancement update
2021-06-2913:57:50
access.redhat.com
30
0.003 Low
EPSS
Percentile
69.5%
Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks.
The following packages have been upgraded to a later upstream version: ruby (2.7.3). (BZ#1951999)
Security Fix(es):
-
ruby: Potential HTTP request smuggling in WEBrick (CVE-2020-25613)
-
ruby: XML round-trip vulnerability in REXML (CVE-2021-28965)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
- Resolv::DNS: ruby:2.7/ruby: timeouts if multiple IPv6 name servers are given and address contains leading zero [rhel-8] (BZ#1952000)
Related
rocky
rocky
ruby:2.7 security, bug fix, and enhancement update
2021-06-29 13:57:50
ruby:2.5 security, bug fix, and enhancement update
2021-06-29 13:58:20
ruby:2.6 security, bug fix, and enhancement update
2021-06-29 13:58:40
nessus
nessus
EulerOS Virtualization for ARM 64 3.0.2.0 : ruby (EulerOS-SA-2021-2069)
2021-07-02 00:00:00
RHEL 7 : rh-ruby27-ruby (RHSA-2021:2229)
2022-09-15 00:00:00
Oracle Linux 8 : ruby:2.7 (ELSA-2021-2584)
2021-07-07 00:00:00
oraclelinux
oraclelinux
ruby:2.7 security, bug fix, and enhancement update
2021-07-07 00:00:00
ruby:2.5 security, bug fix, and enhancement update
2021-07-02 00:00:00
ruby:2.6 security, bug fix, and enhancement update
2021-07-07 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2021-2069)
2021-07-02 00:00:00
Ubuntu: Security Advisory (USN-4922-1)
2021-04-21 00:00:00
Fedora: Security Advisory for rubygem-railties (FEDORA-2021-7b8b65bc7a)
2021-04-25 00:00:00
almalinux
almalinux
Moderate: ruby:2.7 security, bug fix, and enhancement update
2021-06-29 13:57:50
Moderate: ruby:2.5 security, bug fix, and enhancement update
2021-06-29 13:58:20
Moderate: ruby:2.6 security, bug fix, and enhancement update
2021-06-29 13:58:40
osv
osv
Moderate: ruby:2.7 security, bug fix, and enhancement update
2021-06-29 13:57:50
Moderate: ruby:2.7 security, bug fix, and enhancement update
2021-06-29 13:57:50
CVE-2021-28965
2021-04-21 07:15:07
redhat
redhat
nvd
nvd
CVE-2021-28965
2021-04-21 07:15:07
CVE-2020-25613
2020-10-06 13:15:13
cloudfoundry
cloudfoundry
USN-4922-1: Ruby vulnerability | Cloud Foundry
2021-04-29 00:00:00
USN-4882-1: Ruby vulnerabilities | Cloud Foundry
2021-04-14 00:00:00
cbl_mariner
cbl_mariner
CVE-2021-28965 affecting package ruby 2.6.6-4
2021-06-09 03:50:37
CVE-2021-28965 affecting package ruby for versions less than 2.7.4-1
2022-04-09 06:51:53
CVE-2020-25613 affecting package ruby 2.6.6-4
2020-11-30 19:30:48
ubuntu
ubuntu
Ruby vulnerability
2021-04-26 00:00:00
Ruby vulnerability
2021-04-20 00:00:00
Ruby vulnerabilities
2021-03-18 00:00:00
redhatcve
redhatcve
CVE-2021-28965
2021-04-08 17:16:00
CVE-2020-25613
2020-09-29 18:18:27
fedora
fedora
[SECURITY] Fedora 33 Update: ruby-2.7.3-136.fc33
2021-04-17 14:06:37
[SECURITY] Fedora 33 Update: ruby-2.7.2-135.fc33
2020-10-23 22:25:31
[SECURITY] Fedora 32 Update: ruby-2.7.2-135.fc32
2020-10-15 22:33:53
prion
prion
Code injection
2021-04-21 07:15:00
Authorization
2020-10-06 13:15:00
ubuntucve
ubuntucve
CVE-2021-28965
2021-04-12 00:00:00
CVE-2020-25613
2020-10-06 00:00:00
cvelist
cvelist
CVE-2020-25613
2020-10-06 00:00:00
CVE-2021-28965
2021-04-21 06:55:24
veracode
veracode
HTTP Request Smuggling
2020-09-30 00:35:20
XML Injection
2021-04-17 02:47:08
debiancve
debiancve
CVE-2020-25613
2020-10-06 13:15:13
CVE-2021-28965
2021-04-21 07:15:07
amazon
amazon
suse
suse
Security update for ruby2.5 (important)
2021-03-25 00:00:00
Security update for ruby2.5 (moderate)
2021-04-24 00:00:00
hackerone
hackerone
Ruby: Round-trip instability in REXML
2021-02-16 08:10:08
freebsd
freebsd
Gitlab -- Vulnerabilities
2021-04-14 00:00:00
ruby -- XML round-trip vulnerability in REXML
2021-04-05 00:00:00
alpinelinux
alpinelinux
CVE-2020-25613
2020-10-06 13:15:13
CVE-2021-28965
2021-04-21 07:15:07
debian
debian
[SECURITY] [DLA 2392-1] jruby security update
2020-10-01 15:52:45
[SECURITY] [DLA 2391-1] ruby2.3 security update
2020-10-01 15:50:18
[SECURITY] [DSA 5066-1] ruby2.5 security update
2022-02-03 19:26:40
cve
cve
CVE-2020-25613
2020-10-06 13:15:13
CVE-2021-28965
2021-04-21 07:15:07
github
github
REXML round-trip instability
2021-04-30 17:30:37
WEBRick vulnerable to HTTP Request/Response Smuggling
2022-05-24 17:30:10
mageia
mageia
Updated ruby packages fix a security vulnerability
2020-11-14 00:20:36
Updated ruby packages fix security vulnerability
2021-12-24 00:01:45
Updated jruby packages fix security vulnerabilities
2020-11-27 23:14:57
archlinux
archlinux
[ASA-202104-1] gitlab: multiple issues
2021-04-29 00:00:00
ibm
ibm
photon
photon
Important Photon OS Security Update - PHSA-2020-0163
2020-11-19 00:00:00
Important Photon OS Security Update - PHSA-2020-3.0-0163
2020-11-19 00:00:00
gentoo
gentoo
Ruby: Multiple vulnerabilities
2024-01-24 00:00:00