RHSA-2022:0708HighCVSS 8.8

Red Hat Security Advisory: rh-ruby26-ruby security, bug fix, and enhancement update

Published
February 28, 2022
Last Modified
June 25, 2026

🔗 CVE IDs covered (6)

📋 Description

CVE-2020-36327 — rubygem-bundler: Dependencies of gems with explicit source may be installed from a different source CVE-2021-31799 — rubygem-rdoc: Command injection vulnerability in RDoc CVE-2021-31810 — ruby: FTP PASV command response can cause Net::FTP to connect to arbitrary host CVE-2021-32066 — ruby: StartTLS stripping vulnerability in Net::IMAP CVE-2021-41817 — ruby: Regular expression denial of service vulnerability of Date parsing methods CVE-2021-41819 — ruby: Cookie prefix spoofing in CGI::Cookie.parse

🔗 References (10)