Lucene search
RedHatRHSA-2022:6585HistorySep 20, 2022 - 11:36 a.m.
(RHSA-2022:6585) Moderate: ruby security, bug fix, and enhancement update
2022-09-2011:36:12
access.redhat.com
19
0.004 Low
EPSS
Percentile
73.1%
Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks.
The following packages have been upgraded to a later upstream version: ruby (3.0.4). (BZ#2109428)
Security Fix(es):
-
Ruby: Double free in Regexp compilation (CVE-2022-28738)
-
Ruby: Buffer overrun in String-to-Float conversion (CVE-2022-28739)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 9 | ppc64le | ruby | < 3.0.4-160.el9_0 | ruby-3.0.4-160.el9_0.ppc64le.rpm |
| RedHat | 9 | aarch64 | rubygem-json | < 2.5.1-160.el9_0 | rubygem-json-2.5.1-160.el9_0.aarch64.rpm |
| RedHat | 9 | noarch | rubygem-rdoc | < 6.3.3-160.el9_0 | rubygem-rdoc-6.3.3-160.el9_0.noarch.rpm |
| RedHat | 9 | aarch64 | rubygem-psych-debuginfo | < 3.3.2-160.el9_0 | rubygem-psych-debuginfo-3.3.2-160.el9_0.aarch64.rpm |
| RedHat | 9 | noarch | rubygem-bundler | < 2.2.33-160.el9_0 | rubygem-bundler-2.2.33-160.el9_0.noarch.rpm |
| RedHat | 9 | noarch | rubygem-minitest | < 5.14.2-160.el9_0 | rubygem-minitest-5.14.2-160.el9_0.noarch.rpm |
| RedHat | 9 | aarch64 | rubygem-json-debuginfo | < 2.5.1-160.el9_0 | rubygem-json-debuginfo-2.5.1-160.el9_0.aarch64.rpm |
| RedHat | 9 | s390x | ruby-libs-debuginfo | < 3.0.4-160.el9_0 | ruby-libs-debuginfo-3.0.4-160.el9_0.s390x.rpm |
| RedHat | 9 | x86_64 | rubygem-io-console-debuginfo | < 0.5.7-160.el9_0 | rubygem-io-console-debuginfo-0.5.7-160.el9_0.x86_64.rpm |
| RedHat | 9 | ppc64le | ruby-debuginfo | < 3.0.4-160.el9_0 | ruby-debuginfo-3.0.4-160.el9_0.ppc64le.rpm |
Related
slackware
slackware
[slackware-security] ruby
2022-04-13 20:52:10
almalinux
almalinux
Moderate: ruby security, bug fix, and enhancement update
2022-09-20 00:00:00
Moderate: ruby:3.0 security, bug fix, and enhancement update
2022-09-13 00:00:00
Moderate: ruby:2.7 security, bug fix, and enhancement update
2022-09-13 00:00:00
nessus
nessus
Oracle Linux 9 : ruby (ELSA-2022-6585)
2022-09-21 00:00:00
AlmaLinux 9 : ruby (ALSA-2022:6585)
2022-11-16 00:00:00
CentOS 9 : ruby-3.0.4-160.el9
2024-02-29 00:00:00
openvas
openvas
Fedora: Security Advisory for ruby (FEDORA-2022-a7ca6ee0cf)
2022-05-08 00:00:00
Ubuntu: Security Advisory (USN-5462-1)
2022-06-07 00:00:00
Mageia: Security Advisory (MGASA-2022-0143)
2022-04-20 00:00:00
redos
redos
ROS-20220516-06
2022-05-16 00:00:00
fedora
fedora
[SECURITY] Fedora 36 Update: ruby-3.1.2-164.fc36
2022-05-07 05:07:39
[SECURITY] Fedora 35 Update: ruby-3.0.4-153.fc35
2022-05-08 01:48:39
[SECURITY] Fedora 34 Update: ruby-3.0.4-153.fc34
2022-05-08 02:03:44
oraclelinux
oraclelinux
ruby security, bug fix, and enhancement update
2022-09-21 00:00:00
ruby:3.0 security, bug fix, and enhancement update
2022-09-15 00:00:00
ruby:2.5 security update
2023-01-20 00:00:00
mageia
mageia
Updated ruby packages fix security vulnerability
2022-04-16 00:35:09
osv
osv
Moderate: ruby security, bug fix, and enhancement update
2022-09-20 11:36:12
Moderate: ruby security, bug fix, and enhancement update
2022-09-20 00:00:00
Moderate: ruby:3.0 security, bug fix, and enhancement update
2022-09-13 00:00:00
cloudfoundry
cloudfoundry
USN-5462-1: Ruby vulnerabilities | Cloud Foundry
2022-12-07 00:00:00
rocky
rocky
ruby security, bug fix, and enhancement update
2022-09-20 11:36:12
ruby:3.0 security, bug fix, and enhancement update
2022-09-13 07:36:53
ruby:2.6 security, bug fix, and enhancement update
2022-06-28 10:54:23
redhat
redhat
debiancve
debiancve
CVE-2022-28738
2022-05-09 18:15:00
CVE-2022-28739
2022-05-09 18:15:00
cve
cve
CVE-2022-28738
2022-05-09 18:15:00
CVE-2022-28739
2022-05-09 18:15:00
cvelist
cvelist
CVE-2022-28738
2022-05-09 00:00:00
CVE-2022-28739
2022-05-09 00:00:00
redhatcve
redhatcve
CVE-2022-28738
2022-04-14 21:55:08
CVE-2022-28739
2022-04-20 05:24:54
prion
prion
Double free
2022-05-09 18:15:00
Design/Logic Flaw
2022-05-09 18:15:00
ubuntucve
ubuntucve
CVE-2022-28738
2022-05-09 00:00:00
CVE-2022-28739
2022-05-09 00:00:00
hackerone
hackerone
Internet Bug Bounty: CVE-2022-28738: Double free in Regexp compilation
2022-04-25 03:55:55
alpinelinux
alpinelinux
CVE-2022-28738
2022-05-09 18:15:00
CVE-2022-28739
2022-05-09 18:15:00
veracode
veracode
Denial Of Service (DoS)
2022-04-13 07:35:07
Buffer Overflow
2022-04-13 07:35:02
freebsd
freebsd
Ruby -- Double free in Regexp compilation
2022-04-12 00:00:00
Ruby -- Buffer overrun in String-to-Float conversion
2022-04-12 00:00:00
amazon
amazon
Medium: ruby20
2022-10-03 19:29:00
Medium: ruby
2022-09-30 07:04:00
cbl_mariner
cbl_mariner
CVE-2022-28739 affecting package ruby 2.6.9-1
2022-06-15 17:03:10
ubuntu
ubuntu
Ruby vulnerability
2022-06-06 00:00:00
rubygems
rubygems
Double free in Regexp compilation
2022-04-11 21:00:00
Buffer overrun in String-to-Float conversion
2022-04-11 21:00:00
photon
photon
Critical Photon OS Security Update - PHSA-2022-0199
2022-06-17 00:00:00
Important Photon OS Security Update - PHSA-2022-3.0-0447
2022-09-07 00:00:00
Important Photon OS Security Update - PHSA-2022-4.0-0199
2022-06-17 00:00:00
gentoo
gentoo
Ruby: Multiple vulnerabilities
2024-01-24 00:00:00
apple
apple
About the security content of macOS Big Sur 11.7.1
2022-10-24 00:00:00
About the security content of macOS Monterey 12.6.1
2022-10-24 00:00:00
About the security content of macOS Ventura 13
2022-10-24 00:00:00
ics
ics
Siemens SCALANCE XCM-/XRM-300
2024-02-15 12:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - April 2023
2023-04-18 00:00:00