UbuntuUpdates.org

Bugs fixes in "ruby3.0"

Origin Bug number Title Date fixed
CVE CVE-2024-27282 An issue was discovered in Ruby 3.x through 3.3.0. If attacker-supplied data is provided to the Ruby regex compiler, it is possible to extract arbitr 2024-06-17
CVE CVE-2024-27281 An issue was discovered in RDoc 6.3.3 through 6.6.2, as distributed in Ruby 3.x through 3.3.0. When parsing .rdoc_options (used for configuration in 2024-06-17
CVE CVE-2024-27282 An issue was discovered in Ruby 3.x through 3.3.0. If attacker-supplied data is provided to the Ruby regex compiler, it is possible to extract arbitr 2024-06-17
CVE CVE-2024-27281 An issue was discovered in RDoc 6.3.3 through 6.6.2, as distributed in Ruby 3.x through 3.3.0. When parsing .rdoc_options (used for configuration in 2024-06-17
Launchpad 2051380 Expired certificate used for tests causes failures 2024-04-25
Launchpad 2051380 Expired certificate used for tests causes failures 2024-04-12
CVE CVE-2023-36617 A ReDoS issue was discovered in the URI component before 0.12.2 for Ruby. The URI parser mishandles invalid URLs that have specific characters. There 2023-07-12
CVE CVE-2023-28755 A ReDoS issue was discovered in the URI component through 0.12.0 in Ruby through 3.2.1. The URI parser mishandles invalid URLs that have specific cha 2023-07-12
CVE CVE-2023-36617 A ReDoS issue was discovered in the URI component before 0.12.2 for Ruby. The URI parser mishandles invalid URLs that have specific characters. There 2023-07-12
CVE CVE-2023-28755 A ReDoS issue was discovered in the URI component through 0.12.0 in Ruby through 3.2.1. The URI parser mishandles invalid URLs that have specific cha 2023-07-12
CVE CVE-2021-33621 The cgi gem before 0.1.0.2, 0.2.x before 0.2.2, and 0.3.x before 0.3.5 for Ruby allows HTTP response splitting. This is relevant to applications that 2023-01-23
CVE CVE-2021-33621 The cgi gem before 0.1.0.2, 0.2.x before 0.2.2, and 0.3.x before 0.3.5 for Ruby allows HTTP response splitting. This is relevant to applications that 2023-01-23
Launchpad 1982703 Segfaults in ruby 3.0.2 2022-12-01
Launchpad 1982703 Segfaults in ruby 3.0.2 2022-11-28
CVE CVE-2022-28739 RESERVED 2022-06-06
CVE CVE-2022-28738 A double free was found in the Regexp compiler in Ruby 3.x before 3.0.4 and 3.1.x before 3.1.2. If a victim attempts to create a Regexp from untruste 2022-06-06
CVE CVE-2022-28739 RESERVED 2022-06-06
CVE CVE-2022-28738 A double free was found in the Regexp compiler in Ruby 3.x before 3.0.4 and 3.1.x before 3.1.2. If a victim attempts to create a Regexp from untruste 2022-06-06



About   -   Send Feedback to @ubuntu_updates