Information on source package ruby2.7

Available versions

ReleaseVersion
bullseye2.7.4-1+deb11u1

Open issues

BugbullseyeDescription
CVE-2023-28756vulnerableA ReDoS issue was discovered in the Time component through 0.2.1 in Ru ...
CVE-2023-28755vulnerableA ReDoS issue was discovered in the URI component through 0.12.0 in Ru ...
CVE-2022-28739vulnerable (no DSA, postponed)There is a buffer over-read in Ruby before 2.6.10, 2.7.x before 2.7.6, ...
CVE-2021-33621vulnerable (no DSA)The cgi gem before 0.1.0.2, 0.2.x before 0.2.2, and 0.3.x before 0.3.5 ...

Resolved issues

BugDescription
CVE-2023-36617A ReDoS issue was discovered in the URI component before 0.12.2 for Ru ...
CVE-2022-28738A double free was found in the Regexp compiler in Ruby 3.x before 3.0. ...
CVE-2021-41819CGI::Cookie.parse in Ruby through 2.6.8 mishandles security prefixes i ...
CVE-2021-41817Date.parse in the date gem through 3.2.0 for Ruby allows ReDoS (regula ...
CVE-2021-41816CGI.escape_html in Ruby before 2.7.5 and 3.x before 3.0.3 has an integ ...
CVE-2021-32066An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, an ...
CVE-2021-31810An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, an ...
CVE-2021-31799In RDoc 3.11 through 6.x before 6.3.1, as distributed with Ruby throug ...
CVE-2021-28966In Ruby through 3.0 on Windows, a remote attacker can submit a crafted ...
CVE-2021-28965The REXML gem before 3.2.5 in Ruby before 2.6.7, 2.7.x before 2.7.3, a ...
CVE-2020-25613An issue was discovered in Ruby through 2.5.8, 2.6.x through 2.6.6, an ...
CVE-2020-10933An issue was discovered in Ruby 2.5.x through 2.5.7, 2.6.x through 2.6 ...
CVE-2020-10663The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9 ...

Security announcements

DSA / DLADescription
DSA-5067-1ruby2.7 - security update

Search for package or bug name: Reporting problems