ruby2.7

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description An object-oriented language for quick and easy programming, version 2.7
Version 2.7.6-1 [community]

Resolved

Group Affected Fixed Severity Status Ticket
AVG-2556 2.7.4-2 2.7.5-1 Medium Fixed
AVG-2139 2.7.3-1 2.7.4-1 High Fixed
Issue Group Severity Remote Type Description
CVE-2021-41819 AVG-2556 Medium Yes Content spoofing
A security issue has been found in Ruby before versions 3.0.3, 2.7.5 and 2.6.9. A cookie prefix spoofing vulnerability was discovered in CGI::Cookie.parse...
CVE-2021-41817 AVG-2556 Low Yes Denial of service
A security issue has been found in Ruby before versions 3.0.3, 2.7.5 and 2.6.9. In the Ruby "date" gem before versions 3.2.1, 3.1.2, 3.0.2, and 2.0.1, there...
CVE-2021-32066 AVG-2139 High Yes Silent downgrade
A security issue has been discovered in Ruby before versions 3.0.2, 2.7.4 and 2.6.8. Net::IMAP does not raise an exception when StartTLS fails with an...
CVE-2021-31810 AVG-2139 Medium Yes Information disclosure
A security issue has been discovered in Ruby before versions 3.0.2, 2.7.4 and 2.6.8. A malicious FTP server can use the PASV response to trick Net::FTP into...

Advisories

Date Advisory Group Severity Type
14 Jul 2021 ASA-202107-24 AVG-2139 High multiple issues