Bugs fixes in "ruby2.7"
| Origin | Bug number | Title | Date fixed |
|---|---|---|---|
| CVE | CVE-2025-27221 | In the URI gem before 1.0.3 for Ruby, the URI handling methods (URI.join, URI#merge, URI#+) have an inadvertent leakage of authentication credentials | 2025-04-07 |
| CVE | CVE-2025-27220 | In the CGI gem before 0.4.2 for Ruby, a Regular Expression Denial of Service (ReDoS) vulnerability exists in the Util#escapeElement method. | 2025-04-07 |
| CVE | CVE-2025-27219 | In the CGI gem before 0.4.2 for Ruby, the CGI::Cookie.parse method in the CGI library contains a potential Denial of Service (DoS) vulnerability. The | 2025-04-07 |
| CVE | CVE-2025-27221 | In the URI gem before 1.0.3 for Ruby, the URI handling methods (URI.join, URI#merge, URI#+) have an inadvertent leakage of authentication credentials | 2025-04-07 |
| CVE | CVE-2025-27220 | In the CGI gem before 0.4.2 for Ruby, a Regular Expression Denial of Service (ReDoS) vulnerability exists in the Util#escapeElement method. | 2025-04-07 |
| CVE | CVE-2025-27219 | In the CGI gem before 0.4.2 for Ruby, the CGI::Cookie.parse method in the CGI library contains a potential Denial of Service (DoS) vulnerability. The | 2025-04-07 |
| Launchpad | 2097527 | ruby2.7 2.7.0-5ubuntu1.16 regression: REXML parse error with \ | 2025-02-13 |
| Launchpad | 2097527 | ruby2.7 2.7.0-5ubuntu1.16 regression: REXML parse error with \ | 2025-02-13 |
| CVE | CVE-2024-43398 | REXML is an XML toolkit for Ruby. The REXML gem before 3.3.6 has a DoS vulnerability when it parses an XML that has many deep elements that have same | 2025-02-06 |
| CVE | CVE-2024-43398 | REXML is an XML toolkit for Ruby. The REXML gem before 3.3.6 has a DoS vulnerability when it parses an XML that has many deep elements that have same | 2025-02-06 |
| CVE | CVE-2024-41123 | REXML is an XML toolkit for Ruby. The REXML gem before 3.3.2 has some DoS vulnerabilities when it parses an XML that has many specific characters suc | 2024-11-21 |
| CVE | CVE-2024-39908 | REXML is an XML toolkit for Ruby. The REXML gem before 3.3.1 has some DoS vulnerabilities when it parses an XML that has many specific characters suc | 2024-11-21 |
| CVE | CVE-2024-49761 | REXML is an XML toolkit for Ruby. The REXML gem before 3.3.9 has a ReDoS vulnerability when it parses an XML that has many digits between &# and x... | 2024-11-21 |
| CVE | CVE-2024-41946 | REXML is an XML toolkit for Ruby. The REXML gem 3.3.2 has a DoS vulnerability when it parses an XML that has many entity expansions with SAX2 or pull | 2024-11-21 |
| CVE | CVE-2024-35176 | REXML is an XML toolkit for Ruby. The REXML gem before 3.2.6 has a denial of service vulnerability when it parses an XML that has many `<`s in an att | 2024-11-21 |
| CVE | CVE-2024-41123 | REXML is an XML toolkit for Ruby. The REXML gem before 3.3.2 has some DoS vulnerabilities when it parses an XML that has many specific characters suc | 2024-11-21 |
| CVE | CVE-2024-39908 | REXML is an XML toolkit for Ruby. The REXML gem before 3.3.1 has some DoS vulnerabilities when it parses an XML that has many specific characters suc | 2024-11-21 |
| CVE | CVE-2024-49761 | REXML is an XML toolkit for Ruby. The REXML gem before 3.3.9 has a ReDoS vulnerability when it parses an XML that has many digits between &# and x... | 2024-11-21 |
| CVE | CVE-2024-41946 | REXML is an XML toolkit for Ruby. The REXML gem 3.3.2 has a DoS vulnerability when it parses an XML that has many entity expansions with SAX2 or pull | 2024-11-21 |
| CVE | CVE-2024-35176 | REXML is an XML toolkit for Ruby. The REXML gem before 3.2.6 has a denial of service vulnerability when it parses an XML that has many `<`s in an att | 2024-11-21 |
About
-
Send Feedback to @ubuntu_updates
