VDB
WID-SEC-W-2022-0262
WID-SEC-W-2022-0262
PUBLISHED
CVSS 8.699999809265137 HIGH
Ruby ist eine interpretierte, objektorientierte Skriptsprache.
Risk Scores
CVSS v4.0
8.699999809265137
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| HCL BigFix <10.0.10.0 | ||
| Open Source Ruby <2.1.4.1 | ||
| Open Source Ruby 2.1.4.1 | ||
| HCL BigFix 10.0.10.0 | ||
| Open Source Ruby 2.0.9.1 | ||
| SUSE Linux | ||
| Ubuntu Linux | ||
| Open Source Ruby <v1.4.3 | ||
| Gentoo Linux | ||
| Debian Linux | ||
| Open Source Ruby <2.2.3.1 | ||
| Amazon Linux 2 | ||
| Oracle Linux | ||
| Open Source Ruby <2.0.9.1 | ||
| Open Source Ruby v1.4.3 | ||
| Open Source Ruby 2.2.3.1 | ||
| Red Hat Enterprise Linux | ||
| SUSE openSUSE |
Timeline
- Jun 9, 2022 CVE Published
- May 18, 2025 CVE Updated
- Apr 3, 2026 Distribution Patch
- Apr 3, 2026 Distribution Patch
- Apr 3, 2026 Distribution Patch
- Apr 3, 2026 Distribution Patch
- Apr 3, 2026 Distribution Patch
- Apr 3, 2026 Distribution Patch
References
- https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-0262.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-0262 advisory
- https://discuss.rubyonrails.org/t/cve-2022-32209-possible-xss-vulnerability-in-rails-sanitizer/80800 url
- https://lists.suse.com/pipermail/sle-security-updates/2022-June/011366.html url
- https://hackerone.com/reports/1530898 url
- https://lists.suse.com/pipermail/sle-security-updates/2022-July/011630.html url
- https://lists.suse.com/pipermail/sle-security-updates/2022-August/011964.html url
- https://lists.suse.com/pipermail/sle-security-updates/2022-August/011985.html url
- https://lists.debian.org/debian-lts-announce/2022/09/msg00004.html url
- https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0100982 url
- https://access.redhat.com/errata/RHSA-2022:7343 url
- https://linux.oracle.com/errata/ELSA-2022-7343.html url
- https://access.redhat.com/errata/RHSA-2022:8506 url
- https://lists.debian.org/debian-lts-announce/2022/12/msg00012.html url
- https://alas.aws.amazon.com/AL2/ALAS-2022-1895.html url
- https://access.redhat.com/errata/RHSA-2023:0632 url
- https://ubuntu.com/security/notices/USN-5896-1 url
- https://access.redhat.com/errata/RHSA-2023:1486 url
- https://lists.debian.org/debian-lts-announce/2023/09/msg00012.html url
- https://lists.debian.org/debian-security-announce/2023/msg00226.html url
…and 5 more