Lucene search

Moderate: ruby:2.5 security update

🗓️ 24 Feb 2022 00:00:00Reported by AlmaLinuxType

almalinux🔗 errata.almalinux.org👁 86 Views

ruby 2.5 security update with command injection, FTP response, and StartTLS stripping vulnerabilitie

Reporter	Title	Published	Views	Family All 199
Tenable Nessus	FreeBSD : Ruby -- multiple vulnerabilities (7ed5779c-e4c7-11eb-91d7-08002728f74c)	16 Jul 202100:00	–	nessus
Tenable Nessus	Debian DLA-2780-1 : ruby2.3 - LTS security update	13 Oct 202100:00	–	nessus
Tenable Nessus	CentOS 8 : ruby:2.5 (CESA-2022:0672)	25 Feb 202200:00	–	nessus
Tenable Nessus	openSUSE 15 Security Update : ruby2.5 (openSUSE-SU-2021:3838-1)	2 Dec 202100:00	–	nessus
Tenable Nessus	openSUSE 15 Security Update : ruby2.5 (openSUSE-SU-2021:1535-1)	7 Dec 202100:00	–	nessus
Tenable Nessus	EulerOS Virtualization 3.0.6.0 : ruby (EulerOS-SA-2022-1093)	13 Feb 202200:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP9 : ruby (EulerOS-SA-2021-2721)	11 Nov 202100:00	–	nessus
Tenable Nessus	AlmaLinux 8 : ruby:2.5 (ALSA-2022:0672)	11 Mar 202200:00	–	nessus
Tenable Nessus	RHEL 8 : ruby:2.5 (RHSA-2022:0672)	24 Feb 202200:00	–	nessus
Tenable Nessus	Rocky Linux 8 : ruby:2.5 (RLSA-2022:0672)	6 Nov 202300:00	–	nessus

Source	Link
access	www.access.redhat.com/errata/RHSA-2022:0672
access	www.access.redhat.com/security/cve/CVE-2021-31799
access	www.access.redhat.com/security/cve/CVE-2021-31810
access	www.access.redhat.com/security/cve/CVE-2021-32066
bugzilla	www.bugzilla.redhat.com/1980126
bugzilla	www.bugzilla.redhat.com/1980128
bugzilla	www.bugzilla.redhat.com/1980132
errata	www.errata.almalinux.org/8/ALSA-2022-0672.html
errata	www.errata.almalinux.org/8/ALSA-2022-0672.html
vulners	www.vulners.com/cve/CVE-2021-31799

OS	OS Version	Architecture	Package	Package Version	Filename
almalinux	8	i686	rubygem-bigdecimal	1.3.4-109.module_el8.5.0+2627+d9c243ca	rubygem-bigdecimal-1.3.4-109.module_el8.5.0+2627+d9c243ca.i686.rpm
almalinux	8	i686	rubygem-psych	3.0.2-109.module_el8.5.0+2627+d9c243ca	rubygem-psych-3.0.2-109.module_el8.5.0+2627+d9c243ca.i686.rpm
almalinux	8	i686	rubygem-json	2.1.0-109.module_el8.5.0+2627+d9c243ca	rubygem-json-2.1.0-109.module_el8.5.0+2627+d9c243ca.i686.rpm
almalinux	8	i686	rubygem-openssl	2.1.2-109.module_el8.5.0+2627+d9c243ca	rubygem-openssl-2.1.2-109.module_el8.5.0+2627+d9c243ca.i686.rpm
almalinux	8	noarch	rubygem-abrt	0.3.0-4.module_el8.5.0+2625+ec418553	rubygem-abrt-0.3.0-4.module_el8.5.0+2625+ec418553.noarch.rpm
almalinux	8	noarch	ruby-doc	2.5.9-109.module_el8.5.0+2627+d9c243ca	ruby-doc-2.5.9-109.module_el8.5.0+2627+d9c243ca.noarch.rpm
almalinux	8	noarch	rubygem-test-unit	3.2.7-109.module_el8.5.0+2627+d9c243ca	rubygem-test-unit-3.2.7-109.module_el8.5.0+2627+d9c243ca.noarch.rpm
almalinux	8	i686	ruby-libs	2.5.9-109.module_el8.5.0+2627+d9c243ca	ruby-libs-2.5.9-109.module_el8.5.0+2627+d9c243ca.i686.rpm
almalinux	8	noarch	rubygem-rake	12.3.3-109.module_el8.5.0+2627+d9c243ca	rubygem-rake-12.3.3-109.module_el8.5.0+2627+d9c243ca.noarch.rpm
almalinux	8	noarch	rubygems-devel	2.7.6.3-109.module_el8.5.0+2627+d9c243ca	rubygems-devel-2.7.6.3-109.module_el8.5.0+2627+d9c243ca.noarch.rpm

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

24 Feb 2022 00:00Current

7.7High risk

Vulners AI Score7.7

CVSS25.8

CVSS37.4

EPSS0.00809

SSVC