VDB
RHSA-2017%3A3485
RHSA-2017%3A3485
PUBLISHED
CVSS 7.5 HIGH
Red Hat Security Advisory: rh-ruby24-ruby security, bug fix, and enhancement update
Risk Scores
CVSS 3.0
7.5
CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat:rhel_software_collections:3::el7 | rh-ruby24-ruby-debuginfo | 0, 0 |
| Red Hat:rhel_software_collections:3::el6 | rh-ruby24-rubygem-minitest | 0, 0 |
| Red Hat:rhel_software_collections:3::el6 | rh-ruby24-ruby-doc | 0, 0 |
| Red Hat:rhel_software_collections:3::el7 | rh-ruby24-rubygem-rdoc | 0, 0 |
| Red Hat:rhel_software_collections:3::el6 | rh-ruby24-rubygem-xmlrpc | 0, 0 |
| Red Hat:rhel_software_collections:3::el7 | rh-ruby24-ruby-irb | 0, 0 |
| Red Hat:rhel_software_collections:3::el7 | rh-ruby24-rubygem-net-telnet | 0, 0 |
| Red Hat:rhel_software_collections:3::el6 | rh-ruby24-rubygem-json | 0, 0 |
| Red Hat:rhel_software_collections:3::el7 | rh-ruby24-ruby-devel | 0, 0 |
| Red Hat:rhel_software_collections:3::el6 | rh-ruby24-rubygem-psych | 0, 0 |
| Red Hat:rhel_software_collections:3::el7 | rh-ruby24-rubygem-power_assert | 0, 0 |
| Red Hat:rhel_software_collections:3::el6 | rh-ruby24-rubygem-bigdecimal | 0, 0 |
| Red Hat:rhel_software_collections:3::el6 | rh-ruby24-rubygem-net-telnet | 0, 0 |
| Red Hat:rhel_software_collections:3::el7 | rh-ruby24-rubygem-json | 0, 0 |
| Red Hat:rhel_software_collections:3::el7 | rh-ruby24-rubygem-xmlrpc | 0, 0 |
| Red Hat:rhel_software_collections:3::el7 | rh-ruby24-rubygem-did_you_mean | 0, 0 |
| Red Hat:rhel_software_collections:3::el7 | rh-ruby24-rubygem-openssl | 0, 0 |
| Red Hat:rhel_software_collections:3::el7 | rh-ruby24-rubygem-minitest | 0, 0 |
| Red Hat:rhel_software_collections:3::el6 | rh-ruby24-rubygem-did_you_mean | 0, 0 |
| Red Hat:rhel_software_collections:3::el7 | rh-ruby24-rubygems-devel | 0, 0 |
…and 22 more
Timeline
- Dec 19, 2017 CVE Published
- Apr 30, 2026 Distribution Patch
- Apr 30, 2026 Distribution Patch
- Apr 30, 2026 Security Advisory
- Apr 30, 2026 Security Advisory
- Apr 30, 2026 Security Advisory
- Apr 30, 2026 Security Advisory
- Apr 30, 2026 Security Advisory
- Apr 30, 2026 Security Advisory
- Apr 30, 2026 Security Advisory
- Apr 30, 2026 Security Advisory
- Apr 30, 2026 Security Advisory
References
- https://access.redhat.com/errata/RHSA-2017:3485 advisory
- https://access.redhat.com/security/updates/classification/#moderate article
- https://bugzilla.redhat.com/show_bug.cgi?id=1487552 report
- https://bugzilla.redhat.com/show_bug.cgi?id=1487587 report
- https://bugzilla.redhat.com/show_bug.cgi?id=1487588 report
- https://bugzilla.redhat.com/show_bug.cgi?id=1487589 report
- https://bugzilla.redhat.com/show_bug.cgi?id=1487590 report
- https://bugzilla.redhat.com/show_bug.cgi?id=1492012 report
- https://bugzilla.redhat.com/show_bug.cgi?id=1492015 report
- https://bugzilla.redhat.com/show_bug.cgi?id=1500488 report
- https://bugzilla.redhat.com/show_bug.cgi?id=1506785 report
- https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_3485.json advisory
- https://access.redhat.com/security/cve/CVE-2017-0898 report
- https://www.cve.org/CVERecord?id=CVE-2017-0898 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2017-0898 advisory
- https://www.ruby-lang.org/en/news/2017/09/14/sprintf-buffer-underrun-cve-2017-0898/ article
- https://access.redhat.com/security/cve/CVE-2017-0899 report
- https://www.cve.org/CVERecord?id=CVE-2017-0899 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2017-0899 advisory
- http://blog.rubygems.org/2017/08/27/2.6.13-released.html article
…and 21 more