Red Hat Security Advisory: ruby:2.6 security update
🔗 CVE IDs covered (14)
📋 Description
CVE-2019-15845 — ruby: NUL injection vulnerability of File.fnmatch and File.fnmatch? CVE-2019-16201 — ruby: Regular expression denial of service vulnerability of WEBrick's Digest authentication CVE-2019-16254 — ruby: HTTP response splitting in WEBrick CVE-2019-16255 — ruby: Code injection via command argument of Shell#test / Shell#[] CVE-2020-10663 — rubygem-json: Unsafe object creation vulnerability in JSON CVE-2020-10933 — ruby: BasicSocket#read_nonblock method leads to information disclosure CVE-2020-25613 — ruby: Potential HTTP request smuggling in WEBrick CVE-2020-36327 — rubygem-bundler: Dependencies of gems with explicit source may be installed from a different source CVE-2021-28965 — ruby: XML round-trip vulnerability in REXML CVE-2021-31799 — rubygem-rdoc: Command injection vulnerability in RDoc CVE-2021-31810 — ruby: FTP PASV command response can cause Net::FTP to connect to arbitrary host CVE-2021-32066 — ruby: StartTLS stripping vulnerability in Net::IMAP CVE-2021-41817 — ruby: Regular expression denial of service vulnerability of Date parsing methods CVE-2021-41819 — ruby: Cookie prefix spoofing in CGI::Cookie.parse
🔗 References (18)
- selfhttps://access.redhat.com/errata/RHSA-2022:0582
- externalhttps://access.redhat.com/security/updates/classification/#important
- externalhttps://access.redhat.com/articles/6206172
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1773728
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1789407
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1789556
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1793683
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1827500
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1833291
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1883623
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1947526
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1958999
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1980126
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1980128
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1980132
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2025104
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2026757
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_0582.json