(RHSA-2024:6785) Moderate: ruby:3.3 security update

2024-09-1818:10:29

access.redhat.com

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

Confidence

High

JSON

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks.

Security Fix(es):

rexml: DoS vulnerability in REXML (CVE-2024-39908)
rexml: rubygem-rexml: DoS when parsing an XML having many specific characters such as whitespace character, >] and ]> (CVE-2024-41123)
rexml: DoS vulnerability in REXML (CVE-2024-41946)
rexml: DoS vulnerability in REXML (CVE-2024-43398)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

OSVersionArchitecturePackageVersionFilename
RedHatanys390xrubygem-rbs< 3.4.0-3.module+el9.4.0+22273+463af10frubygem-rbs-3.4.0-3.module+el9.4.0+22273+463af10f.s390x.rpm
RedHatanyi686rubygem-racc-debuginfo< 1.7.3-3.module+el9.4.0+22273+463af10frubygem-racc-debuginfo-1.7.3-3.module+el9.4.0+22273+463af10f.i686.rpm
RedHatanyaarch64rubygem-json< 2.7.1-3.module+el9.4.0+22273+463af10frubygem-json-2.7.1-3.module+el9.4.0+22273+463af10f.aarch64.rpm
RedHatanyppc64leruby-debugsource< 3.3.5-3.module+el9.4.0+22273+463af10fruby-debugsource-3.3.5-3.module+el9.4.0+22273+463af10f.ppc64le.rpm
RedHatanyppc64lerubygem-psych< 5.1.2-3.module+el9.4.0+22273+463af10frubygem-psych-5.1.2-3.module+el9.4.0+22273+463af10f.ppc64le.rpm
RedHatanyx86_64rubygem-racc-debuginfo< 1.7.3-3.module+el9.4.0+22273+463af10frubygem-racc-debuginfo-1.7.3-3.module+el9.4.0+22273+463af10f.x86_64.rpm
RedHatanynoarchrubygem-test-unit< 3.6.1-3.module+el9.4.0+22273+463af10frubygem-test-unit-3.6.1-3.module+el9.4.0+22273+463af10f.noarch.rpm
RedHatanyi686rubygem-io-console-debuginfo< 0.7.1-3.module+el9.4.0+22273+463af10frubygem-io-console-debuginfo-0.7.1-3.module+el9.4.0+22273+463af10f.i686.rpm
RedHatanys390xrubygem-json-debuginfo< 2.7.1-3.module+el9.4.0+22273+463af10frubygem-json-debuginfo-2.7.1-3.module+el9.4.0+22273+463af10f.s390x.rpm
RedHatanys390xrubygem-mysql2< 0.5.5-1.module+el9.4.0+21222+faeeed2frubygem-mysql2-0.5.5-1.module+el9.4.0+21222+faeeed2f.s390x.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	any	s390x	rubygem-rbs	< 3.4.0-3.module+el9.4.0+22273+463af10f	rubygem-rbs-3.4.0-3.module+el9.4.0+22273+463af10f.s390x.rpm
RedHat	any	i686	rubygem-racc-debuginfo	< 1.7.3-3.module+el9.4.0+22273+463af10f	rubygem-racc-debuginfo-1.7.3-3.module+el9.4.0+22273+463af10f.i686.rpm
RedHat	any	aarch64	rubygem-json	< 2.7.1-3.module+el9.4.0+22273+463af10f	rubygem-json-2.7.1-3.module+el9.4.0+22273+463af10f.aarch64.rpm
RedHat	any	ppc64le	ruby-debugsource	< 3.3.5-3.module+el9.4.0+22273+463af10f	ruby-debugsource-3.3.5-3.module+el9.4.0+22273+463af10f.ppc64le.rpm
RedHat	any	ppc64le	rubygem-psych	< 5.1.2-3.module+el9.4.0+22273+463af10f	rubygem-psych-5.1.2-3.module+el9.4.0+22273+463af10f.ppc64le.rpm
RedHat	any	x86_64	rubygem-racc-debuginfo	< 1.7.3-3.module+el9.4.0+22273+463af10f	rubygem-racc-debuginfo-1.7.3-3.module+el9.4.0+22273+463af10f.x86_64.rpm
RedHat	any	noarch	rubygem-test-unit	< 3.6.1-3.module+el9.4.0+22273+463af10f	rubygem-test-unit-3.6.1-3.module+el9.4.0+22273+463af10f.noarch.rpm
RedHat	any	i686	rubygem-io-console-debuginfo	< 0.7.1-3.module+el9.4.0+22273+463af10f	rubygem-io-console-debuginfo-0.7.1-3.module+el9.4.0+22273+463af10f.i686.rpm
RedHat	any	s390x	rubygem-json-debuginfo	< 2.7.1-3.module+el9.4.0+22273+463af10f	rubygem-json-debuginfo-2.7.1-3.module+el9.4.0+22273+463af10f.s390x.rpm
RedHat	any	s390x	rubygem-mysql2	< 0.5.5-1.module+el9.4.0+21222+faeeed2f	rubygem-mysql2-0.5.5-1.module+el9.4.0+21222+faeeed2f.s390x.rpm