Vulnerability Database
Blog
FAQ
Docs
RHSA-2020:2288
See a problem?
Please try reporting it
to the source
first.
Source
https://access.redhat.com/errata/RHSA-2020:2288
Import Source
https://security.access.redhat.com/data/osv/RHSA-2020:2288.json
JSON Data
https://api.osv.dev/v1/vulns/RHSA-2020:2288
Related
CVE-2017-17742
CVE-2018-8778
Published
2024-09-13T19:58:04Z
Modified
2024-09-13T19:58:04Z
Severity
4.8 (Medium)
CVSS_V3 - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L
CVSS Calculator
Summary
Red Hat Security Advisory: ruby security update
Details
References
https://access.redhat.com/errata/RHSA-2020:2288
https://access.redhat.com/security/updates/classification/#moderate
https://bugzilla.redhat.com/show_bug.cgi?id=1561952
https://bugzilla.redhat.com/show_bug.cgi?id=1561953
https://access.redhat.com/security/data/csaf/v2/advisories/2020/rhsa-2020_2288.json
https://access.redhat.com/security/cve/CVE-2017-17742
https://www.cve.org/CVERecord?id=CVE-2017-17742
https://nvd.nist.gov/vuln/detail/CVE-2017-17742
https://www.ruby-lang.org/en/news/2018/03/28/http-response-splitting-in-webrick-cve-2017-17742/
https://access.redhat.com/security/cve/CVE-2018-8778
https://www.cve.org/CVERecord?id=CVE-2018-8778
https://nvd.nist.gov/vuln/detail/CVE-2018-8778
https://www.ruby-lang.org/en/news/2018/03/28/buffer-under-read-unpack-cve-2018-8778/
Affected packages
Red Hat:rhel_eus:7.6::computenode
/
ruby
Package
Name
ruby
Purl
pkg:rpm/redhat/ruby
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.0.0.648-37.el7_6
Red Hat:rhel_eus:7.6::computenode
/
ruby-debuginfo
Package
Name
ruby-debuginfo
Purl
pkg:rpm/redhat/ruby-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.0.0.648-37.el7_6
Red Hat:rhel_eus:7.6::computenode
/
ruby-devel
Package
Name
ruby-devel
Purl
pkg:rpm/redhat/ruby-devel
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.0.0.648-37.el7_6
Red Hat:rhel_eus:7.6::computenode
/
ruby-doc
Package
Name
ruby-doc
Purl
pkg:rpm/redhat/ruby-doc
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.0.0.648-37.el7_6
Red Hat:rhel_eus:7.6::computenode
/
ruby-irb
Package
Name
ruby-irb
Purl
pkg:rpm/redhat/ruby-irb
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.0.0.648-37.el7_6
Red Hat:rhel_eus:7.6::computenode
/
ruby-libs
Package
Name
ruby-libs
Purl
pkg:rpm/redhat/ruby-libs
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.0.0.648-37.el7_6
Red Hat:rhel_eus:7.6::computenode
/
ruby-tcltk
Package
Name
ruby-tcltk
Purl
pkg:rpm/redhat/ruby-tcltk
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.0.0.648-37.el7_6
Red Hat:rhel_eus:7.6::computenode
/
rubygem-bigdecimal
Package
Name
rubygem-bigdecimal
Purl
pkg:rpm/redhat/rubygem-bigdecimal
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:1.2.0-37.el7_6
Red Hat:rhel_eus:7.6::computenode
/
rubygem-io-console
Package
Name
rubygem-io-console
Purl
pkg:rpm/redhat/rubygem-io-console
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:0.4.2-37.el7_6
Red Hat:rhel_eus:7.6::computenode
/
rubygem-json
Package
Name
rubygem-json
Purl
pkg:rpm/redhat/rubygem-json
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:1.7.7-37.el7_6
Red Hat:rhel_eus:7.6::computenode
/
rubygem-minitest
Package
Name
rubygem-minitest
Purl
pkg:rpm/redhat/rubygem-minitest
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:4.3.2-37.el7_6
Red Hat:rhel_eus:7.6::computenode
/
rubygem-psych
Package
Name
rubygem-psych
Purl
pkg:rpm/redhat/rubygem-psych
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.0.0-37.el7_6
Red Hat:rhel_eus:7.6::computenode
/
rubygem-rake
Package
Name
rubygem-rake
Purl
pkg:rpm/redhat/rubygem-rake
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:0.9.6-37.el7_6
Red Hat:rhel_eus:7.6::computenode
/
rubygem-rdoc
Package
Name
rubygem-rdoc
Purl
pkg:rpm/redhat/rubygem-rdoc
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:4.0.0-37.el7_6
Red Hat:rhel_eus:7.6::computenode
/
rubygems
Package
Name
rubygems
Purl
pkg:rpm/redhat/rubygems
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.0.14.1-37.el7_6
Red Hat:rhel_eus:7.6::computenode
/
rubygems-devel
Package
Name
rubygems-devel
Purl
pkg:rpm/redhat/rubygems-devel
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.0.14.1-37.el7_6
Red Hat:rhel_eus:7.6::server
/
ruby
Package
Name
ruby
Purl
pkg:rpm/redhat/ruby
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.0.0.648-37.el7_6
Red Hat:rhel_eus:7.6::server
/
ruby-debuginfo
Package
Name
ruby-debuginfo
Purl
pkg:rpm/redhat/ruby-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.0.0.648-37.el7_6
Red Hat:rhel_eus:7.6::server
/
ruby-devel
Package
Name
ruby-devel
Purl
pkg:rpm/redhat/ruby-devel
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.0.0.648-37.el7_6
Red Hat:rhel_eus:7.6::server
/
ruby-doc
Package
Name
ruby-doc
Purl
pkg:rpm/redhat/ruby-doc
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.0.0.648-37.el7_6
Red Hat:rhel_eus:7.6::server
/
ruby-irb
Package
Name
ruby-irb
Purl
pkg:rpm/redhat/ruby-irb
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.0.0.648-37.el7_6
Red Hat:rhel_eus:7.6::server
/
ruby-libs
Package
Name
ruby-libs
Purl
pkg:rpm/redhat/ruby-libs
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.0.0.648-37.el7_6
Red Hat:rhel_eus:7.6::server
/
ruby-tcltk
Package
Name
ruby-tcltk
Purl
pkg:rpm/redhat/ruby-tcltk
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.0.0.648-37.el7_6
Red Hat:rhel_eus:7.6::server
/
rubygem-bigdecimal
Package
Name
rubygem-bigdecimal
Purl
pkg:rpm/redhat/rubygem-bigdecimal
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:1.2.0-37.el7_6
Red Hat:rhel_eus:7.6::server
/
rubygem-io-console
Package
Name
rubygem-io-console
Purl
pkg:rpm/redhat/rubygem-io-console
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:0.4.2-37.el7_6
Red Hat:rhel_eus:7.6::server
/
rubygem-json
Package
Name
rubygem-json
Purl
pkg:rpm/redhat/rubygem-json
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:1.7.7-37.el7_6
Red Hat:rhel_eus:7.6::server
/
rubygem-minitest
Package
Name
rubygem-minitest
Purl
pkg:rpm/redhat/rubygem-minitest
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:4.3.2-37.el7_6
Red Hat:rhel_eus:7.6::server
/
rubygem-psych
Package
Name
rubygem-psych
Purl
pkg:rpm/redhat/rubygem-psych
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.0.0-37.el7_6
Red Hat:rhel_eus:7.6::server
/
rubygem-rake
Package
Name
rubygem-rake
Purl
pkg:rpm/redhat/rubygem-rake
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:0.9.6-37.el7_6
Red Hat:rhel_eus:7.6::server
/
rubygem-rdoc
Package
Name
rubygem-rdoc
Purl
pkg:rpm/redhat/rubygem-rdoc
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:4.0.0-37.el7_6
Red Hat:rhel_eus:7.6::server
/
rubygems
Package
Name
rubygems
Purl
pkg:rpm/redhat/rubygems
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.0.14.1-37.el7_6
Red Hat:rhel_eus:7.6::server
/
rubygems-devel
Package
Name
rubygems-devel
Purl
pkg:rpm/redhat/rubygems-devel
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.0.14.1-37.el7_6
RHSA-2020:2288 - OSV