VYPR

rpm package

almalinux/ruby4.0-rubygem-mysql2

pkg:rpm/almalinux/ruby4.0-rubygem-mysql2

Vulnerabilities (2)

  • CVE-2026-41316HigApr 24, 2026
    affected < 0.5.7-34.el10_2fixed 0.5.7-34.el10_2

    ERB is a templating system for Ruby. Ruby 2.7.0 (before ERB 2.2.0 was published on rubygems.org) introduced an `@_init` instance variable guard in `ERB#result` and `ERB#run` to prevent code execution when an ERB object is reconstructed via `Marshal.load` (deserialization). Howeve

  • CVE-2026-33210Mar 20, 2026
    affected < 0.5.7-34.el10_2fixed 0.5.7-34.el10_2

    Ruby JSON is a JSON implementation for Ruby. From version 2.14.0 to before versions 2.15.2.1, 2.17.1.2, and 2.19.2, a format string injection vulnerability can lead to denial of service attacks or information disclosure, when the allow_duplicate_key: false parsing option is used