RHSA-2022:0582
- Source
- https://access.redhat.com/errata/RHSA-2022:0582
- Import Source
- https://security.access.redhat.com/data/osv/RHSA-2022:0582.json
- JSON Data
- https://api.osv.dev/v1/vulns/RHSA-2022:0582
- Related
- Published
- 2024-10-21T23:27:11Z
- Modified
- 2024-10-21T23:27:11Z
- Severity
-
- 8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- Red Hat Security Advisory: ruby:2.6 security update
- Details
- References
-
- https://access.redhat.com/errata/RHSA-2022:0582
- https://access.redhat.com/security/updates/classification/#important
- https://access.redhat.com/articles/6206172
- https://bugzilla.redhat.com/show_bug.cgi?id=1773728
- https://bugzilla.redhat.com/show_bug.cgi?id=1789407
- https://bugzilla.redhat.com/show_bug.cgi?id=1789556
- https://bugzilla.redhat.com/show_bug.cgi?id=1793683
- https://bugzilla.redhat.com/show_bug.cgi?id=1827500
- https://bugzilla.redhat.com/show_bug.cgi?id=1833291
- https://bugzilla.redhat.com/show_bug.cgi?id=1883623
- https://bugzilla.redhat.com/show_bug.cgi?id=1947526
- https://bugzilla.redhat.com/show_bug.cgi?id=1958999
- https://bugzilla.redhat.com/show_bug.cgi?id=1980126
- https://bugzilla.redhat.com/show_bug.cgi?id=1980128
- https://bugzilla.redhat.com/show_bug.cgi?id=1980132
- https://bugzilla.redhat.com/show_bug.cgi?id=2025104
- https://bugzilla.redhat.com/show_bug.cgi?id=2026757
- https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_0582.json
- https://access.redhat.com/security/cve/CVE-2019-15845
- https://www.cve.org/CVERecord?id=CVE-2019-15845
- https://nvd.nist.gov/vuln/detail/CVE-2019-15845
- https://www.ruby-lang.org/en/news/2019/10/01/nul-injection-file-fnmatch-cve-2019-15845/
- https://access.redhat.com/security/cve/CVE-2019-16201
- https://www.cve.org/CVERecord?id=CVE-2019-16201
- https://nvd.nist.gov/vuln/detail/CVE-2019-16201
- https://www.ruby-lang.org/en/news/2019/10/01/webrick-regexp-digestauth-dos-cve-2019-16201/
- https://access.redhat.com/security/cve/CVE-2019-16254
- https://www.cve.org/CVERecord?id=CVE-2019-16254
- https://nvd.nist.gov/vuln/detail/CVE-2019-16254
- https://access.redhat.com/security/cve/CVE-2019-16255
- https://www.cve.org/CVERecord?id=CVE-2019-16255
- https://nvd.nist.gov/vuln/detail/CVE-2019-16255
- https://access.redhat.com/security/cve/CVE-2020-10663
- https://www.cve.org/CVERecord?id=CVE-2020-10663
- https://nvd.nist.gov/vuln/detail/CVE-2020-10663
- https://www.ruby-lang.org/en/news/2020/03/19/json-dos-cve-2020-10663
- https://access.redhat.com/security/cve/CVE-2020-10933
- https://www.cve.org/CVERecord?id=CVE-2020-10933
- https://nvd.nist.gov/vuln/detail/CVE-2020-10933
- https://www.ruby-lang.org/en/news/2020/03/31/heap-exposure-in-socket-cve-2020-10933
- https://access.redhat.com/security/cve/CVE-2020-25613
- https://www.cve.org/CVERecord?id=CVE-2020-25613
- https://nvd.nist.gov/vuln/detail/CVE-2020-25613
- https://www.ruby-lang.org/en/news/2020/09/29/http-request-smuggling-cve-2020-25613/
- https://access.redhat.com/security/cve/CVE-2020-36327
- https://www.cve.org/CVERecord?id=CVE-2020-36327
- https://nvd.nist.gov/vuln/detail/CVE-2020-36327
- https://www.zofrex.com/blog/2021/04/29/bundler-still-vulnerable-dependency-confusion-cve-2020-36327/
- https://access.redhat.com/security/cve/CVE-2021-28965
- https://www.cve.org/CVERecord?id=CVE-2021-28965
- https://nvd.nist.gov/vuln/detail/CVE-2021-28965
- https://access.redhat.com/security/cve/CVE-2021-31799
- https://www.cve.org/CVERecord?id=CVE-2021-31799
- https://nvd.nist.gov/vuln/detail/CVE-2021-31799
- https://www.ruby-lang.org/en/news/2021/05/02/os-command-injection-in-rdoc/
- https://access.redhat.com/security/cve/CVE-2021-31810
- https://www.cve.org/CVERecord?id=CVE-2021-31810
- https://nvd.nist.gov/vuln/detail/CVE-2021-31810
- https://www.ruby-lang.org/en/news/2021/07/07/trusting-pasv-responses-in-net-ftp/
- https://access.redhat.com/security/cve/CVE-2021-32066
- https://www.cve.org/CVERecord?id=CVE-2021-32066
- https://nvd.nist.gov/vuln/detail/CVE-2021-32066
- https://www.ruby-lang.org/en/news/2021/07/07/starttls-stripping-in-net-imap/
- https://access.redhat.com/security/cve/CVE-2021-41817
- https://www.cve.org/CVERecord?id=CVE-2021-41817
- https://nvd.nist.gov/vuln/detail/CVE-2021-41817
- https://www.ruby-lang.org/en/news/2021/11/15/date-parsing-method-regexp-dos-cve-2021-41817/
- https://access.redhat.com/security/cve/CVE-2021-41819
- https://www.cve.org/CVERecord?id=CVE-2021-41819
- https://nvd.nist.gov/vuln/detail/CVE-2021-41819
Affected packages
Red Hat:rhel_eus:8.2::appstream / ruby
Package
- Name
- ruby
- Purl
- pkg:rpm/redhat/ruby
Red Hat:rhel_eus:8.2::appstream / ruby-debuginfo
Package
- Name
- ruby-debuginfo
- Purl
- pkg:rpm/redhat/ruby-debuginfo
Red Hat:rhel_eus:8.2::appstream / ruby-debugsource
Package
- Name
- ruby-debugsource
- Purl
- pkg:rpm/redhat/ruby-debugsource
Red Hat:rhel_eus:8.2::appstream / ruby-devel
Package
- Name
- ruby-devel
- Purl
- pkg:rpm/redhat/ruby-devel
Red Hat:rhel_eus:8.2::appstream / ruby-doc
Package
- Name
- ruby-doc
- Purl
- pkg:rpm/redhat/ruby-doc
Red Hat:rhel_eus:8.2::appstream / ruby-libs
Package
- Name
- ruby-libs
- Purl
- pkg:rpm/redhat/ruby-libs
Red Hat:rhel_eus:8.2::appstream / ruby-libs-debuginfo
Package
- Name
- ruby-libs-debuginfo
- Purl
- pkg:rpm/redhat/ruby-libs-debuginfo
Red Hat:rhel_eus:8.2::appstream / rubygem-abrt
Package
- Name
- rubygem-abrt
- Purl
- pkg:rpm/redhat/rubygem-abrt
Red Hat:rhel_eus:8.2::appstream / rubygem-abrt-doc
Package
- Name
- rubygem-abrt-doc
- Purl
- pkg:rpm/redhat/rubygem-abrt-doc
Red Hat:rhel_eus:8.2::appstream / rubygem-bigdecimal
Package
- Name
- rubygem-bigdecimal
- Purl
- pkg:rpm/redhat/rubygem-bigdecimal
Red Hat:rhel_eus:8.2::appstream / rubygem-bigdecimal-debuginfo
Package
- Name
- rubygem-bigdecimal-debuginfo
- Purl
- pkg:rpm/redhat/rubygem-bigdecimal-debuginfo
Red Hat:rhel_eus:8.2::appstream / rubygem-bson
Package
- Name
- rubygem-bson
- Purl
- pkg:rpm/redhat/rubygem-bson
Red Hat:rhel_eus:8.2::appstream / rubygem-bson-debuginfo
Package
- Name
- rubygem-bson-debuginfo
- Purl
- pkg:rpm/redhat/rubygem-bson-debuginfo
Red Hat:rhel_eus:8.2::appstream / rubygem-bson-debugsource
Package
- Name
- rubygem-bson-debugsource
- Purl
- pkg:rpm/redhat/rubygem-bson-debugsource
Red Hat:rhel_eus:8.2::appstream / rubygem-bson-doc
Package
- Name
- rubygem-bson-doc
- Purl
- pkg:rpm/redhat/rubygem-bson-doc
Red Hat:rhel_eus:8.2::appstream / rubygem-bundler
Package
- Name
- rubygem-bundler
- Purl
- pkg:rpm/redhat/rubygem-bundler
Red Hat:rhel_eus:8.2::appstream / rubygem-did_you_mean
Package
- Name
- rubygem-did_you_mean
- Purl
- pkg:rpm/redhat/rubygem-did_you_mean
Red Hat:rhel_eus:8.2::appstream / rubygem-io-console
Package
- Name
- rubygem-io-console
- Purl
- pkg:rpm/redhat/rubygem-io-console
Red Hat:rhel_eus:8.2::appstream / rubygem-io-console-debuginfo
Package
- Name
- rubygem-io-console-debuginfo
- Purl
- pkg:rpm/redhat/rubygem-io-console-debuginfo
Red Hat:rhel_eus:8.2::appstream / rubygem-irb
Package
- Name
- rubygem-irb
- Purl
- pkg:rpm/redhat/rubygem-irb
Red Hat:rhel_eus:8.2::appstream / rubygem-json
Package
- Name
- rubygem-json
- Purl
- pkg:rpm/redhat/rubygem-json
Red Hat:rhel_eus:8.2::appstream / rubygem-json-debuginfo
Package
- Name
- rubygem-json-debuginfo
- Purl
- pkg:rpm/redhat/rubygem-json-debuginfo
Red Hat:rhel_eus:8.2::appstream / rubygem-minitest
Package
- Name
- rubygem-minitest
- Purl
- pkg:rpm/redhat/rubygem-minitest
Red Hat:rhel_eus:8.2::appstream / rubygem-mongo
Package
- Name
- rubygem-mongo
- Purl
- pkg:rpm/redhat/rubygem-mongo
Red Hat:rhel_eus:8.2::appstream / rubygem-mongo-doc
Package
- Name
- rubygem-mongo-doc
- Purl
- pkg:rpm/redhat/rubygem-mongo-doc
Red Hat:rhel_eus:8.2::appstream / rubygem-mysql2
Package
- Name
- rubygem-mysql2
- Purl
- pkg:rpm/redhat/rubygem-mysql2
Red Hat:rhel_eus:8.2::appstream / rubygem-mysql2-debuginfo
Package
- Name
- rubygem-mysql2-debuginfo
- Purl
- pkg:rpm/redhat/rubygem-mysql2-debuginfo
Red Hat:rhel_eus:8.2::appstream / rubygem-mysql2-debugsource
Package
- Name
- rubygem-mysql2-debugsource
- Purl
- pkg:rpm/redhat/rubygem-mysql2-debugsource
Red Hat:rhel_eus:8.2::appstream / rubygem-mysql2-doc
Package
- Name
- rubygem-mysql2-doc
- Purl
- pkg:rpm/redhat/rubygem-mysql2-doc
Red Hat:rhel_eus:8.2::appstream / rubygem-net-telnet
Package
- Name
- rubygem-net-telnet
- Purl
- pkg:rpm/redhat/rubygem-net-telnet
Red Hat:rhel_eus:8.2::appstream / rubygem-openssl
Package
- Name
- rubygem-openssl
- Purl
- pkg:rpm/redhat/rubygem-openssl
Red Hat:rhel_eus:8.2::appstream / rubygem-openssl-debuginfo
Package
- Name
- rubygem-openssl-debuginfo
- Purl
- pkg:rpm/redhat/rubygem-openssl-debuginfo
Red Hat:rhel_eus:8.2::appstream / rubygem-pg
Package
- Name
- rubygem-pg
- Purl
- pkg:rpm/redhat/rubygem-pg
Red Hat:rhel_eus:8.2::appstream / rubygem-pg-debuginfo
Package
- Name
- rubygem-pg-debuginfo
- Purl
- pkg:rpm/redhat/rubygem-pg-debuginfo
Red Hat:rhel_eus:8.2::appstream / rubygem-pg-debugsource
Package
- Name
- rubygem-pg-debugsource
- Purl
- pkg:rpm/redhat/rubygem-pg-debugsource
Red Hat:rhel_eus:8.2::appstream / rubygem-pg-doc
Package
- Name
- rubygem-pg-doc
- Purl
- pkg:rpm/redhat/rubygem-pg-doc
Red Hat:rhel_eus:8.2::appstream / rubygem-power_assert
Package
- Name
- rubygem-power_assert
- Purl
- pkg:rpm/redhat/rubygem-power_assert
Red Hat:rhel_eus:8.2::appstream / rubygem-psych
Package
- Name
- rubygem-psych
- Purl
- pkg:rpm/redhat/rubygem-psych
Red Hat:rhel_eus:8.2::appstream / rubygem-psych-debuginfo
Package
- Name
- rubygem-psych-debuginfo
- Purl
- pkg:rpm/redhat/rubygem-psych-debuginfo
Red Hat:rhel_eus:8.2::appstream / rubygem-rake
Package
- Name
- rubygem-rake
- Purl
- pkg:rpm/redhat/rubygem-rake
Red Hat:rhel_eus:8.2::appstream / rubygem-rdoc
Package
- Name
- rubygem-rdoc
- Purl
- pkg:rpm/redhat/rubygem-rdoc
Red Hat:rhel_eus:8.2::appstream / rubygem-test-unit
Package
- Name
- rubygem-test-unit
- Purl
- pkg:rpm/redhat/rubygem-test-unit
Red Hat:rhel_eus:8.2::appstream / rubygem-xmlrpc
Package
- Name
- rubygem-xmlrpc
- Purl
- pkg:rpm/redhat/rubygem-xmlrpc
Red Hat:rhel_eus:8.2::appstream / rubygems
Package
- Name
- rubygems
- Purl
- pkg:rpm/redhat/rubygems