VDB
MGASA-2017-0371
MGASA-2017-0371
PUBLISHED
CVSS 6.900000095367432 MEDIUM
Updated ruby packages fix security vulnerabilities
Risk Scores
CVSS v4.0
6.900000095367432
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Mageia:6 | ruby-json | 0, 0 |
| Mageia:5 | ruby-json | 0, 0 |
| Mageia:6 | ruby | 0, 0 |
| Mageia:5 | ruby | 0, 0 |
Timeline
- Oct 18, 2017 CVE Published
- Apr 16, 2026 CVE Updated
References
- https://advisories.mageia.org/MGASA-2017-0371.html advisory
- https://bugs.mageia.org/show_bug.cgi?id=21678 report
- https://www.ruby-lang.org/en/news/2017/09/14/sprintf-buffer-underrun-cve-2017-0898/ url
- https://www.ruby-lang.org/en/news/2017/09/14/webrick-basic-auth-escape-sequence-injection-cve-2017-10784/ url
- https://www.ruby-lang.org/en/news/2017/09/14/openssl-asn1-buffer-underrun-cve-2017-14033/ url
- https://www.ruby-lang.org/en/news/2017/09/14/json-heap-exposure-cve-2017-14064/ url
- https://www.ruby-lang.org/en/news/2017/09/14/ruby-2-2-8-released/ url
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/UFJE2REXNRTPGIHSNPRSAWTVCLFMRJZT/ url
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/65IMHHGWAQTSEIF7HZMQVPVRGFTO7YA3/ url