RHSA-2018:0583
Advisory lineage Upstream: 13 Downstream: 0
Published: 13 Sept 2024, 14:43
Last modified:19 May 2026, 10:01
Vulnerability Summary
Overall Risk (default)
medium
32/100 CVSS Score
8.1 HIGH
3.0 (osv_red_hat)
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
13 Sept 2024, 14:43
Published
Vulnerability first disclosed
19 May 2026, 10:01
Last Modified
Vulnerability information updated
Description
Red Hat Security Advisory: rh-ruby22-ruby security, bug fix, and enhancement update
CVSS Metrics
- v3.0•HIGH•Score: 8.1CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Systems
- redhat•rh-ruby22-ruby
< 0:2.2.9-19.el6 | < 0:2.2.9-19.el7
- redhat•rh-ruby22-ruby-debuginfo
< 0:2.2.9-19.el6 | < 0:2.2.9-19.el7
- redhat•rh-ruby22-ruby-devel
< 0:2.2.9-19.el6 | < 0:2.2.9-19.el7
- redhat•rh-ruby22-ruby-doc
< 0:2.2.9-19.el6 | < 0:2.2.9-19.el7
- redhat•rh-ruby22-ruby-irb
< 0:2.2.9-19.el6 | < 0:2.2.9-19.el7
- redhat•rh-ruby22-ruby-libs
< 0:2.2.9-19.el6 | < 0:2.2.9-19.el7
- redhat•rh-ruby22-ruby-tcltk
< 0:2.2.9-19.el6 | < 0:2.2.9-19.el7
- redhat•rh-ruby22-rubygem-bigdecimal
< 0:1.2.6-19.el6 | < 0:1.2.6-19.el7
- redhat•rh-ruby22-rubygem-io-console
< 0:0.4.3-19.el6 | < 0:0.4.3-19.el7
- redhat•rh-ruby22-rubygem-json
< 0:1.8.1.1-19.el6 | < 0:1.8.1.1-19.el7
- redhat•rh-ruby22-rubygem-minitest
< 0:5.4.3-19.el6 | < 0:5.4.3-19.el7
- redhat•rh-ruby22-rubygem-power_assert
< 0:0.2.2-19.el6 | < 0:0.2.2-19.el7
- redhat•rh-ruby22-rubygem-psych
< 0:2.0.8.1-19.el6 | < 0:2.0.8.1-19.el7
- redhat•rh-ruby22-rubygem-rake
< 0:10.4.2-19.el6 | < 0:10.4.2-19.el7
- redhat•rh-ruby22-rubygem-rdoc
< 0:4.2.0-19.el6 | < 0:4.2.0-19.el7
- redhat•rh-ruby22-rubygem-test-unit
< 0:3.0.8-19.el6 | < 0:3.0.8-19.el7
- redhat•rh-ruby22-rubygems
< 0:2.4.5.4-19.el6 | < 0:2.4.5.4-19.el7
- redhat•rh-ruby22-rubygems-devel
< 0:2.4.5.4-19.el6 | < 0:2.4.5.4-19.el7
References (62)
- https://access.redhat.com/errata/RHSA-2018:0583
- https://access.redhat.com/security/updates/classification/#important
- https://bugzilla.redhat.com/show_bug.cgi?id=1248935
- https://bugzilla.redhat.com/show_bug.cgi?id=1487552
- https://bugzilla.redhat.com/show_bug.cgi?id=1487587
- https://bugzilla.redhat.com/show_bug.cgi?id=1487588
- https://bugzilla.redhat.com/show_bug.cgi?id=1487589
- https://bugzilla.redhat.com/show_bug.cgi?id=1487590
- https://bugzilla.redhat.com/show_bug.cgi?id=1491866
- https://bugzilla.redhat.com/show_bug.cgi?id=1492012
- https://bugzilla.redhat.com/show_bug.cgi?id=1492015
- https://bugzilla.redhat.com/show_bug.cgi?id=1500488
- https://bugzilla.redhat.com/show_bug.cgi?id=1526189
- https://bugzilla.redhat.com/show_bug.cgi?id=1528218
- https://bugzilla.redhat.com/show_bug.cgi?id=1549646
- https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_0583.json
- https://access.redhat.com/security/cve/CVE-2009-5147
- https://www.cve.org/CVERecord?id=CVE-2009-5147
- https://nvd.nist.gov/vuln/detail/CVE-2009-5147
- https://access.redhat.com/security/cve/CVE-2015-7551
- https://www.cve.org/CVERecord?id=CVE-2015-7551
- https://nvd.nist.gov/vuln/detail/CVE-2015-7551
- https://access.redhat.com/security/cve/CVE-2017-0898
- https://www.cve.org/CVERecord?id=CVE-2017-0898
- https://nvd.nist.gov/vuln/detail/CVE-2017-0898
- https://www.ruby-lang.org/en/news/2017/09/14/sprintf-buffer-underrun-cve-2017-0898/
- https://access.redhat.com/security/cve/CVE-2017-0899
- https://www.cve.org/CVERecord?id=CVE-2017-0899
- https://nvd.nist.gov/vuln/detail/CVE-2017-0899
- http://blog.rubygems.org/2017/08/27/2.6.13-released.html
- https://access.redhat.com/security/cve/CVE-2017-0900
- https://www.cve.org/CVERecord?id=CVE-2017-0900
- https://nvd.nist.gov/vuln/detail/CVE-2017-0900
- https://access.redhat.com/security/cve/CVE-2017-0901
- https://www.cve.org/CVERecord?id=CVE-2017-0901
- https://nvd.nist.gov/vuln/detail/CVE-2017-0901
- https://access.redhat.com/security/cve/CVE-2017-0902
- https://www.cve.org/CVERecord?id=CVE-2017-0902
- https://nvd.nist.gov/vuln/detail/CVE-2017-0902
- https://access.redhat.com/security/cve/CVE-2017-0903
- https://www.cve.org/CVERecord?id=CVE-2017-0903
- https://nvd.nist.gov/vuln/detail/CVE-2017-0903
- http://blog.rubygems.org/2017/10/09/2.6.14-released.html
- https://access.redhat.com/security/cve/CVE-2017-10784
- https://www.cve.org/CVERecord?id=CVE-2017-10784
- https://nvd.nist.gov/vuln/detail/CVE-2017-10784
- https://www.ruby-lang.org/en/news/2017/09/14/webrick-basic-auth-escape-sequence-injection-cve-2017-10784/
- https://access.redhat.com/security/cve/CVE-2017-14033
- https://www.cve.org/CVERecord?id=CVE-2017-14033
- https://nvd.nist.gov/vuln/detail/CVE-2017-14033
- https://www.ruby-lang.org/en/news/2017/09/14/openssl-asn1-buffer-underrun-cve-2017-14033/
- https://access.redhat.com/security/cve/CVE-2017-14064
- https://www.cve.org/CVERecord?id=CVE-2017-14064
- https://nvd.nist.gov/vuln/detail/CVE-2017-14064
- https://www.ruby-lang.org/en/news/2017/09/14/json-heap-exposure-cve-2017-14064/
- https://access.redhat.com/security/cve/CVE-2017-17405
- https://www.cve.org/CVERecord?id=CVE-2017-17405
- https://nvd.nist.gov/vuln/detail/CVE-2017-17405
- https://www.ruby-lang.org/en/news/2017/12/14/net-ftp-command-injection-cve-2017-17405/
- https://access.redhat.com/security/cve/CVE-2017-17790
- https://www.cve.org/CVERecord?id=CVE-2017-17790
- https://nvd.nist.gov/vuln/detail/CVE-2017-17790