ruby2.7
Link | package | bugs open | bugs closed | Wiki | GitHub | web search |
Description | An object-oriented language for quick and easy programming, version 2.7 |
Version | 2.7.8-1 [extra] |
Resolved
Group | Affected | Fixed | Severity | Status | Ticket |
---|---|---|---|---|---|
AVG-2556 | 2.7.4-2 | 2.7.5-1 | Medium | Fixed | |
AVG-2139 | 2.7.3-1 | 2.7.4-1 | High | Fixed |
Issue | Group | Severity | Remote | Type | Description |
---|---|---|---|---|---|
CVE-2021-41819 | AVG-2556 | Medium | Yes | Content spoofing | A security issue has been found in Ruby before versions 3.0.3, 2.7.5 and 2.6.9. A cookie prefix spoofing vulnerability was discovered in CGI::Cookie.parse... |
CVE-2021-41817 | AVG-2556 | Low | Yes | Denial of service | A security issue has been found in Ruby before versions 3.0.3, 2.7.5 and 2.6.9. In the Ruby "date" gem before versions 3.2.1, 3.1.2, 3.0.2, and 2.0.1, there... |
CVE-2021-32066 | AVG-2139 | High | Yes | Silent downgrade | A security issue has been discovered in Ruby before versions 3.0.2, 2.7.4 and 2.6.8. Net::IMAP does not raise an exception when StartTLS fails with an... |
CVE-2021-31810 | AVG-2139 | Medium | Yes | Information disclosure | A security issue has been discovered in Ruby before versions 3.0.2, 2.7.4 and 2.6.8. A malicious FTP server can use the PASV response to trick Net::FTP into... |
Advisories
Date | Advisory | Group | Severity | Type |
---|---|---|---|---|
14 Jul 2021 | ASA-202107-24 | AVG-2139 | High | multiple issues |