ruby2.7

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description An object-oriented language for quick and easy programming, version 2.7
Version 2.7.4-2 [community]

Open

Group Affected Fixed Severity Status Ticket
AVG-2556 2.7.4-2 Medium Vulnerable
Issue Group Severity Remote Type Description
CVE-2021-41819 AVG-2556 Medium Yes Content spoofing
A security issue has been found in Ruby before versions 3.0.3, 2.7.5 and 2.6.9. A cookie prefix spoofing vulnerability was discovered in CGI::Cookie.parse...
CVE-2021-41817 AVG-2556 Low Yes Denial of service
A security issue has been found in Ruby before versions 3.0.3, 2.7.5 and 2.6.9. In the Ruby "date" gem before versions 3.2.1, 3.1.2, 3.0.2, and 2.0.1, there...

Resolved

Group Affected Fixed Severity Status Ticket
AVG-2139 2.7.3-1 2.7.4-1 High Fixed
Issue Group Severity Remote Type Description
CVE-2021-32066 AVG-2139 High Yes Silent downgrade
A security issue has been discovered in Ruby before versions 3.0.2, 2.7.4 and 2.6.8. Net::IMAP does not raise an exception when StartTLS fails with an...
CVE-2021-31810 AVG-2139 Medium Yes Information disclosure
A security issue has been discovered in Ruby before versions 3.0.2, 2.7.4 and 2.6.8. A malicious FTP server can use the PASV response to trick Net::FTP into...

Advisories

Date Advisory Group Severity Type
14 Jul 2021 ASA-202107-24 AVG-2139 High multiple issues