VDB
RHSA-2019%3A2565
RHSA-2019%3A2565
PUBLISHED
CVSS 7.5 HIGH
Red Hat Security Advisory: ruby security update
Risk Scores
CVSS 3.0
7.5
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat:rhel_eus:7.5::server | rubygems | 0, 0 |
| Red Hat:rhel_eus:7.5::server | ruby-irb | 0, 0 |
| Red Hat:rhel_eus:7.5::server | ruby | 0, 0 |
| Red Hat:rhel_eus:7.5::computenode | ruby-devel | 0, 0 |
| Red Hat:rhel_eus:7.5::computenode | ruby-irb | 0, 0 |
| Red Hat:rhel_eus:7.5::server | rubygem-rake | 0, 0 |
| Red Hat:rhel_eus:7.5::server | ruby-devel | 0, 0 |
| Red Hat:rhel_eus:7.5::computenode | ruby | 0, 0 |
| Red Hat:rhel_eus:7.5::computenode | rubygem-json | 0, 0 |
| Red Hat:rhel_eus:7.5::computenode | ruby-doc | 0, 0 |
| Red Hat:rhel_eus:7.5::computenode | rubygem-psych | 0, 0 |
| Red Hat:rhel_eus:7.5::computenode | rubygems-devel | 0, 0 |
| Red Hat:rhel_eus:7.5::computenode | rubygem-minitest | 0, 0 |
| Red Hat:rhel_eus:7.5::computenode | rubygem-io-console | 0, 0 |
| Red Hat:rhel_eus:7.5::server | ruby-tcltk | 0, 0 |
| Red Hat:rhel_eus:7.5::computenode | ruby-tcltk | 0, 0 |
| Red Hat:rhel_eus:7.5::computenode | rubygem-bigdecimal | 0, 0 |
| Red Hat:rhel_eus:7.5::computenode | ruby-debuginfo | 0, 0 |
| Red Hat:rhel_eus:7.5::server | rubygem-minitest | 0, 0 |
| Red Hat:rhel_eus:7.5::server | rubygem-io-console | 0, 0 |
…and 12 more
Timeline
- Aug 27, 2019 CVE Published
- Nov 21, 2025 CVE Updated
- Apr 30, 2026 Distribution Patch
- Apr 30, 2026 Distribution Patch
- Apr 30, 2026 Security Advisory
- Apr 30, 2026 Security Advisory
References
- https://access.redhat.com/errata/RHSA-2019:2565 advisory
- https://access.redhat.com/security/updates/classification/#important article
- https://bugzilla.redhat.com/show_bug.cgi?id=1643086 report
- https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_2565.json advisory
- https://access.redhat.com/security/cve/CVE-2018-16395 report
- https://www.cve.org/CVERecord?id=CVE-2018-16395 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2018-16395 advisory
- https://www.ruby-lang.org/en/news/2018/10/17/openssl-x509-name-equality-check-does-not-work-correctly-cve-2018-16395/ article