Information on source package rubygems

Available versions

ReleaseVersion
bullseye3.2.5-2
sid3.2.5-2

Open issues

BugbullseyesidDescription
CVE-2020-36327vulnerablevulnerableBundler 1.16.0 through 2.2.9 and 2.2.11 through 2.2.16 sometimes choos ...

Resolved issues

BugDescription
CVE-2019-8325An issue was discovered in RubyGems 2.6 and later through 3.0.2. Since ...
CVE-2019-8324An issue was discovered in RubyGems 2.6 and later through 3.0.2. A cra ...
CVE-2019-8323An issue was discovered in RubyGems 2.6 and later through 3.0.2. Gem:: ...
CVE-2019-8322An issue was discovered in RubyGems 2.6 and later through 3.0.2. The g ...
CVE-2019-8321An issue was discovered in RubyGems 2.6 and later through 3.0.2. Since ...
CVE-2019-8320A Directory Traversal issue was discovered in RubyGems 2.7.6 and later ...
CVE-2018-1000079RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: ...
CVE-2018-1000078RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: ...
CVE-2018-1000077RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: ...
CVE-2018-1000076RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: ...
CVE-2018-1000075RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: ...
CVE-2018-1000074RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: ...
CVE-2018-1000073RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: ...
CVE-2017-0903RubyGems versions between 2.0.0 and 2.6.13 are vulnerable to a possibl ...
CVE-2017-0902RubyGems version 2.6.12 and earlier is vulnerable to a DNS hijacking v ...
CVE-2017-0901RubyGems version 2.6.12 and earlier fails to validate specification na ...
CVE-2017-0900RubyGems version 2.6.12 and earlier is vulnerable to maliciously craft ...
CVE-2017-0899RubyGems version 2.6.12 and earlier is vulnerable to maliciously craft ...
CVE-2015-4020RubyGems 2.0.x before 2.0.17, 2.2.x before 2.2.5, and 2.4.x before 2.4 ...
CVE-2015-3900RubyGems 2.0.x before 2.0.16, 2.2.x before 2.2.4, and 2.4.x before 2.4 ...
CVE-2013-4363Algorithmic complexity vulnerability in Gem::Version::ANCHORED_VERSION ...
CVE-2013-4287Algorithmic complexity vulnerability in Gem::Version::VERSION_PATTERN ...
CVE-2012-2126RubyGems before 1.8.23 does not verify an SSL certificate, which allow ...
CVE-2012-2125RubyGems before 1.8.23 can redirect HTTPS connections to HTTP, which m ...

Security announcements

DSA / DLADescription
DLA-1336-1rubygems - security update
DLA-1112-1rubygems - security update

Search for package or bug name: Reporting problems