rpm package
almalinux/rubygem-abrt
pkg:rpm/almalinux/rubygem-abrt
Vulnerabilities (40)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-28739 | — | < 0.4.0-1.module_el8.5.0+2595+0c654ebc | 0.4.0-1.module_el8.5.0+2595+0c654ebc | May 9, 2022 | There is a buffer over-read in Ruby before 2.6.10, 2.7.x before 2.7.6, 3.x before 3.0.4, and 3.1.x before 3.1.2. It occurs in String-to-Float conversion, including Kernel#Float and String#to_f. | ||
| CVE-2022-28738 | — | < 0.4.0-1.module_el8.5.0+2595+0c654ebc | 0.4.0-1.module_el8.5.0+2595+0c654ebc | May 9, 2022 | A double free was found in the Regexp compiler in Ruby 3.x before 3.0.4 and 3.1.x before 3.1.2. If a victim attempts to create a Regexp from untrusted user input, an attacker may be able to write to unexpected memory locations. | ||
| CVE-2021-41819 | — | < 0.3.0-4.module_el8.5.0+259+8cec6917 | 0.3.0-4.module_el8.5.0+259+8cec6917 | Jan 1, 2022 | CGI::Cookie.parse in Ruby through 2.6.8 mishandles security prefixes in cookie names. This also affects the CGI gem through 0.3.0 for Ruby. | ||
| CVE-2021-41817 | — | < 0.3.0-4.module_el8.5.0+259+8cec6917 | 0.3.0-4.module_el8.5.0+259+8cec6917 | Jan 1, 2022 | Date.parse in the date gem through 3.2.0 for Ruby allows ReDoS (regular expression Denial of Service) via a long string. The fixed versions are 3.2.1, 3.1.2, 3.0.2, and 2.0.1. | ||
| CVE-2021-43809 | — | < 0.3.0-4.module_el8.5.0+2625+ec418553 | 0.3.0-4.module_el8.5.0+2625+ec418553 | Dec 8, 2021 | `Bundler` is a package for managing application dependencies in Ruby. In `bundler` versions before 2.2.33, when working with untrusted and apparently harmless `Gemfile`'s, it is not expected that they lead to execution of external code, unless that's explicit in the ruby code ins | ||
| CVE-2021-32066 | — | < 0.4.0-1.module_el8.4.0+2399+4e3a532a | 0.4.0-1.module_el8.4.0+2399+4e3a532a | Aug 1, 2021 | An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. Net::IMAP does not raise an exception when StartTLS fails with an an unknown response, which might allow man-in-the-middle attackers to bypass the TLS protections by leveraging a network po | ||
| CVE-2021-31799 | — | < 0.4.0-1.module_el8.4.0+2399+4e3a532a | 0.4.0-1.module_el8.4.0+2399+4e3a532a | Jul 29, 2021 | In RDoc 3.11 through 6.x before 6.3.1, as distributed with Ruby through 3.0.1, it is possible to execute arbitrary code via | and tags in a filename. | ||
| CVE-2021-31810 | — | < 0.4.0-1.module_el8.4.0+2399+4e3a532a | 0.4.0-1.module_el8.4.0+2399+4e3a532a | Jul 13, 2021 | An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. A malicious FTP server can use the PASV response to trick Net::FTP into connecting back to a given IP address and port. This potentially makes curl extract information about services that a | ||
| CVE-2020-36327 | — | < 0.4.0-1.module_el8.4.0+2399+4e3a532a | 0.4.0-1.module_el8.4.0+2399+4e3a532a | Apr 29, 2021 | Bundler 1.16.0 through 2.2.9 and 2.2.11 through 2.2.16 sometimes chooses a dependency source based on the highest gem version number, which means that a rogue gem found at a public source may be chosen, even if the intended choice was a private gem that is a dependency of another | ||
| CVE-2021-28965 | — | < 0.4.0-1.module_el8.4.0+2399+4e3a532a | 0.4.0-1.module_el8.4.0+2399+4e3a532a | Apr 21, 2021 | The REXML gem before 3.2.5 in Ruby before 2.6.7, 2.7.x before 2.7.3, and 3.x before 3.0.1 does not properly address XML round-trip issues. An incorrect document can be produced after parsing and serializing. | ||
| CVE-2020-25613 | — | < 0.4.0-1.module_el8.4.0+2399+4e3a532a | 0.4.0-1.module_el8.4.0+2399+4e3a532a | Oct 6, 2020 | An issue was discovered in Ruby through 2.5.8, 2.6.x through 2.6.6, and 2.7.x through 2.7.1. WEBrick, a simple HTTP server bundled with Ruby, had not checked the transfer-encoding header value rigorously. An attacker may potentially exploit this issue to bypass a reverse proxy (w | ||
| CVE-2019-3881 | — | < 0.3.0-4.module_el8.5.0+259+8cec6917 | 0.3.0-4.module_el8.5.0+259+8cec6917 | Sep 4, 2020 | Bundler prior to 2.1.0 uses a predictable path in /tmp/, created with insecure permissions as a storage location for gems, if locations under the user's home directory are not available. If Bundler is used in a scenario where the user does not have a writable home directory, an a | ||
| CVE-2020-10933 | — | < 0.3.0-4.module_el8.5.0+2625+ec418553 | 0.3.0-4.module_el8.5.0+2625+ec418553 | May 4, 2020 | An issue was discovered in Ruby 2.5.x through 2.5.7, 2.6.x through 2.6.5, and 2.7.0. If a victim calls BasicSocket#read_nonblock(requested_size, buffer, exception: false), the method resizes the buffer to fit the requested size, but no data is copied. Thus, the buffer string prov | ||
| CVE-2020-10663 | — | < 0.3.0-4.module_el8.5.0+2625+ec418553 | 0.3.0-4.module_el8.5.0+2625+ec418553 | Apr 28, 2020 | The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through 2.6.5, has an Unsafe Object Creation Vulnerability. This is quite similar to CVE-2013-0269, but does not rely on poor garbage-collection behavior within Ruby. Specifically, | ||
| CVE-2019-15845 | — | < 0.3.0-4.module_el8.5.0+2625+ec418553 | 0.3.0-4.module_el8.5.0+2625+ec418553 | Nov 26, 2019 | Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 mishandles path checking within File.fnmatch functions. | ||
| CVE-2019-16255 | — | < 0.3.0-4.module_el8.5.0+2625+ec418553 | 0.3.0-4.module_el8.5.0+2625+ec418553 | Nov 26, 2019 | Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 allows code injection if the first argument (aka the "command" argument) to Shell#[] or Shell#test in lib/shell.rb is untrusted data. An attacker can exploit this to call an arbitrary Ruby method. | ||
| CVE-2019-16254 | — | < 0.3.0-4.module_el8.5.0+2625+ec418553 | 0.3.0-4.module_el8.5.0+2625+ec418553 | Nov 26, 2019 | Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 allows HTTP Response Splitting. If a program using WEBrick inserts untrusted input into the response header, an attacker can exploit it to insert a newline character to split a header, and inject malicious content t | ||
| CVE-2019-16201 | — | < 0.3.0-4.module_el8.5.0+2625+ec418553 | 0.3.0-4.module_el8.5.0+2625+ec418553 | Nov 26, 2019 | WEBrick::HTTPAuth::DigestAuth in Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 has a regular expression Denial of Service cause by looping/backtracking. A victim must expose a WEBrick server that uses DigestAuth to the Internet or a untrusted network. | ||
| CVE-2019-19012 | — | < 0.3.0-4.module_el8.5.0+2625+ec418553 | 0.3.0-4.module_el8.5.0+2625+ec418553 | Nov 16, 2019 | An integer overflow in the search_in_range function in regexec.c in Oniguruma 6.x before 6.9.4_rc2 leads to an out-of-bounds read, in which the offset of this read is under the control of an attacker. (This only affects the 32-bit compiled version). Remote attackers can cause a d | ||
| CVE-2019-8324 | — | < 0.3.0-4.module_el8.5.0+259+8cec6917 | 0.3.0-4.module_el8.5.0+259+8cec6917 | Jun 17, 2019 | An issue was discovered in RubyGems 2.6 and later through 3.0.2. A crafted gem with a multi-line name is not handled correctly. Therefore, an attacker could inject arbitrary code to the stub line of gemspec, which is eval-ed by code in ensure_loadable_spec during the preinstall c |
- CVE-2022-28739May 9, 2022affected < 0.4.0-1.module_el8.5.0+2595+0c654ebcfixed 0.4.0-1.module_el8.5.0+2595+0c654ebc
There is a buffer over-read in Ruby before 2.6.10, 2.7.x before 2.7.6, 3.x before 3.0.4, and 3.1.x before 3.1.2. It occurs in String-to-Float conversion, including Kernel#Float and String#to_f.
- CVE-2022-28738May 9, 2022affected < 0.4.0-1.module_el8.5.0+2595+0c654ebcfixed 0.4.0-1.module_el8.5.0+2595+0c654ebc
A double free was found in the Regexp compiler in Ruby 3.x before 3.0.4 and 3.1.x before 3.1.2. If a victim attempts to create a Regexp from untrusted user input, an attacker may be able to write to unexpected memory locations.
- CVE-2021-41819Jan 1, 2022affected < 0.3.0-4.module_el8.5.0+259+8cec6917fixed 0.3.0-4.module_el8.5.0+259+8cec6917
CGI::Cookie.parse in Ruby through 2.6.8 mishandles security prefixes in cookie names. This also affects the CGI gem through 0.3.0 for Ruby.
- CVE-2021-41817Jan 1, 2022affected < 0.3.0-4.module_el8.5.0+259+8cec6917fixed 0.3.0-4.module_el8.5.0+259+8cec6917
Date.parse in the date gem through 3.2.0 for Ruby allows ReDoS (regular expression Denial of Service) via a long string. The fixed versions are 3.2.1, 3.1.2, 3.0.2, and 2.0.1.
- CVE-2021-43809Dec 8, 2021affected < 0.3.0-4.module_el8.5.0+2625+ec418553fixed 0.3.0-4.module_el8.5.0+2625+ec418553
`Bundler` is a package for managing application dependencies in Ruby. In `bundler` versions before 2.2.33, when working with untrusted and apparently harmless `Gemfile`'s, it is not expected that they lead to execution of external code, unless that's explicit in the ruby code ins
- CVE-2021-32066Aug 1, 2021affected < 0.4.0-1.module_el8.4.0+2399+4e3a532afixed 0.4.0-1.module_el8.4.0+2399+4e3a532a
An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. Net::IMAP does not raise an exception when StartTLS fails with an an unknown response, which might allow man-in-the-middle attackers to bypass the TLS protections by leveraging a network po
- CVE-2021-31799Jul 29, 2021affected < 0.4.0-1.module_el8.4.0+2399+4e3a532afixed 0.4.0-1.module_el8.4.0+2399+4e3a532a
In RDoc 3.11 through 6.x before 6.3.1, as distributed with Ruby through 3.0.1, it is possible to execute arbitrary code via | and tags in a filename.
- CVE-2021-31810Jul 13, 2021affected < 0.4.0-1.module_el8.4.0+2399+4e3a532afixed 0.4.0-1.module_el8.4.0+2399+4e3a532a
An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. A malicious FTP server can use the PASV response to trick Net::FTP into connecting back to a given IP address and port. This potentially makes curl extract information about services that a
- CVE-2020-36327Apr 29, 2021affected < 0.4.0-1.module_el8.4.0+2399+4e3a532afixed 0.4.0-1.module_el8.4.0+2399+4e3a532a
Bundler 1.16.0 through 2.2.9 and 2.2.11 through 2.2.16 sometimes chooses a dependency source based on the highest gem version number, which means that a rogue gem found at a public source may be chosen, even if the intended choice was a private gem that is a dependency of another
- CVE-2021-28965Apr 21, 2021affected < 0.4.0-1.module_el8.4.0+2399+4e3a532afixed 0.4.0-1.module_el8.4.0+2399+4e3a532a
The REXML gem before 3.2.5 in Ruby before 2.6.7, 2.7.x before 2.7.3, and 3.x before 3.0.1 does not properly address XML round-trip issues. An incorrect document can be produced after parsing and serializing.
- CVE-2020-25613Oct 6, 2020affected < 0.4.0-1.module_el8.4.0+2399+4e3a532afixed 0.4.0-1.module_el8.4.0+2399+4e3a532a
An issue was discovered in Ruby through 2.5.8, 2.6.x through 2.6.6, and 2.7.x through 2.7.1. WEBrick, a simple HTTP server bundled with Ruby, had not checked the transfer-encoding header value rigorously. An attacker may potentially exploit this issue to bypass a reverse proxy (w
- CVE-2019-3881Sep 4, 2020affected < 0.3.0-4.module_el8.5.0+259+8cec6917fixed 0.3.0-4.module_el8.5.0+259+8cec6917
Bundler prior to 2.1.0 uses a predictable path in /tmp/, created with insecure permissions as a storage location for gems, if locations under the user's home directory are not available. If Bundler is used in a scenario where the user does not have a writable home directory, an a
- CVE-2020-10933May 4, 2020affected < 0.3.0-4.module_el8.5.0+2625+ec418553fixed 0.3.0-4.module_el8.5.0+2625+ec418553
An issue was discovered in Ruby 2.5.x through 2.5.7, 2.6.x through 2.6.5, and 2.7.0. If a victim calls BasicSocket#read_nonblock(requested_size, buffer, exception: false), the method resizes the buffer to fit the requested size, but no data is copied. Thus, the buffer string prov
- CVE-2020-10663Apr 28, 2020affected < 0.3.0-4.module_el8.5.0+2625+ec418553fixed 0.3.0-4.module_el8.5.0+2625+ec418553
The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through 2.6.5, has an Unsafe Object Creation Vulnerability. This is quite similar to CVE-2013-0269, but does not rely on poor garbage-collection behavior within Ruby. Specifically,
- CVE-2019-15845Nov 26, 2019affected < 0.3.0-4.module_el8.5.0+2625+ec418553fixed 0.3.0-4.module_el8.5.0+2625+ec418553
Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 mishandles path checking within File.fnmatch functions.
- CVE-2019-16255Nov 26, 2019affected < 0.3.0-4.module_el8.5.0+2625+ec418553fixed 0.3.0-4.module_el8.5.0+2625+ec418553
Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 allows code injection if the first argument (aka the "command" argument) to Shell#[] or Shell#test in lib/shell.rb is untrusted data. An attacker can exploit this to call an arbitrary Ruby method.
- CVE-2019-16254Nov 26, 2019affected < 0.3.0-4.module_el8.5.0+2625+ec418553fixed 0.3.0-4.module_el8.5.0+2625+ec418553
Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 allows HTTP Response Splitting. If a program using WEBrick inserts untrusted input into the response header, an attacker can exploit it to insert a newline character to split a header, and inject malicious content t
- CVE-2019-16201Nov 26, 2019affected < 0.3.0-4.module_el8.5.0+2625+ec418553fixed 0.3.0-4.module_el8.5.0+2625+ec418553
WEBrick::HTTPAuth::DigestAuth in Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 has a regular expression Denial of Service cause by looping/backtracking. A victim must expose a WEBrick server that uses DigestAuth to the Internet or a untrusted network.
- CVE-2019-19012Nov 16, 2019affected < 0.3.0-4.module_el8.5.0+2625+ec418553fixed 0.3.0-4.module_el8.5.0+2625+ec418553
An integer overflow in the search_in_range function in regexec.c in Oniguruma 6.x before 6.9.4_rc2 leads to an out-of-bounds read, in which the offset of this read is under the control of an attacker. (This only affects the 32-bit compiled version). Remote attackers can cause a d
- CVE-2019-8324Jun 17, 2019affected < 0.3.0-4.module_el8.5.0+259+8cec6917fixed 0.3.0-4.module_el8.5.0+259+8cec6917
An issue was discovered in RubyGems 2.6 and later through 3.0.2. A crafted gem with a multi-line name is not handled correctly. Therefore, an attacker could inject arbitrary code to the stub line of gemspec, which is eval-ed by code in ensure_loadable_spec during the preinstall c
Page 2 of 2