CVE-2021-41816

Debian Bug report logs - #1002995 ruby30: CVE-2021-41816 CVE-2021-41817 CVE-2021-41819 Package: src:ruby30; Maintainer for src:ruby30 is Debian Ruby Team <pkg-ruby-extras-maintainers@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sun, 2 Jan 2022 14:18:01 UTC Severity: grave ...

Synopsis Moderate: rh-ruby27-ruby security, bug fix, and enhancement update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for rh-ruby27-ruby is now available for Red Hat Software CollectionsRed Hat Product Sec ...

Synopsis Moderate: rh-ruby30-ruby security, bug fix, and enhancement update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for rh-ruby30-ruby is now available for Red Hat Software CollectionsRed Hat Product Sec ...

Several vulnerabilities have been discovered in the interpreter for the Ruby language and the Rubygems included, which may result in information disclosure or denial of service For the stable distribution (bullseye), these problems have been fixed in version 274-1+deb11u1 We recommend that you upgrade your ruby27 packages For the detailed sec ...

CGIescape_html in Ruby before 275 and 3x before 303 has an integer overflow and resultant buffer overflow via a long string on platforms (such as Windows) where size_t and long have different numbers of bytes This also affects the CGI gem before 031 for Ruby (CVE-2021-41816) A flaw was found in ruby, where the date object was found to be ...

A security issue has been found in Ruby before versions 303 and 275 A buffer overrun vulnerability was discovered in the cgi gem before versions 031, 021 and 011 when you pass a very large string (> 700 MB) to CGIescape_html on a platform where long type takes 4 bytes, typically, Windows ...