High severity7.4NVD Advisory· Published Jan 9, 2025· Updated Apr 15, 2026
CVE-2025-0306
CVE-2025-0306
Description
A vulnerability was found in Ruby. The Ruby interpreter is vulnerable to the Marvin Attack. This attack allows the attacker to decrypt previously encrypted messages or forge signatures by exchanging a large number of messages with the vulnerable service.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
24- osv-coords22 versionspkg:apk/chainguard/ruby-3.2pkg:apk/chainguard/ruby-3.2-basepkg:apk/chainguard/ruby-3.2-base-devpkg:apk/chainguard/ruby-3.2-devpkg:apk/chainguard/ruby-3.2-docpkg:apk/wolfi/ruby-3.2pkg:apk/wolfi/ruby-3.2-basepkg:apk/wolfi/ruby-3.2-base-devpkg:apk/wolfi/ruby-3.2-devpkg:apk/wolfi/ruby-3.2-docpkg:deb/ubuntu/jruby@1.5.6-9+deb8u2build0.14.04.1~esm2?arch=source&distro=esm-infra-legacy/trustypkg:deb/ubuntu/jruby@1.7.22-1ubuntu1?arch=source&distro=esm-apps/xenialpkg:deb/ubuntu/jruby@9.1.17.0-1~18.04?arch=source&distro=esm-apps/bionicpkg:deb/ubuntu/jruby@9.1.17.0-3build6?arch=source&distro=focalpkg:deb/ubuntu/jruby@9.4.6.0+ds-1ubuntu3?arch=source&distro=noblepkg:deb/ubuntu/jruby@9.4.8.0+ds-1ubuntu1?arch=source&distro=oracularpkg:deb/ubuntu/ruby2.3@2.3.1-2~ubuntu16.04.16+esm8?arch=source&distro=esm-infra/xenialpkg:deb/ubuntu/ruby2.5@2.5.1-1ubuntu1.16+esm1?arch=source&distro=esm-infra/bionicpkg:deb/ubuntu/ruby2.7@2.7.0-5ubuntu1.15?arch=source&distro=focalpkg:deb/ubuntu/ruby3.0@3.0.2-7ubuntu2.8?arch=source&distro=jammypkg:deb/ubuntu/ruby3.2@3.2.3-1ubuntu0.24.04.3?arch=source&distro=noblepkg:deb/ubuntu/ruby3.3@3.3.4-2ubuntu5.1?arch=source&distro=oracular
< 0+ 21 more
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: >= 0
- (no CPE)range: >= 0
- (no CPE)range: >= 0
- (no CPE)range: >= 0
- (no CPE)range: >= 0
- (no CPE)range: >= 0
- (no CPE)range: >= 0
- (no CPE)range: >= 0
- (no CPE)range: >= 0
- (no CPE)range: >= 0
- (no CPE)range: >= 0
- (no CPE)range: >= 0
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.