VulnerableCode Package Details - pkg:alpm/archlinux/ruby@3.0.1-1

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:alpm/archlinux/ruby@3.0.1-1

Essentials
History (3)

purl	pkg:alpm/archlinux/ruby@3.0.1-1

Next non-vulnerable version	3.0.2-1
Latest non-vulnerable version	3.0.4-1
Risk	4.0

Vulnerabilities affecting this package (2)

Vulnerability	Summary	Fixed by
VCID-t9y5-hd9b-bkc4 Aliases: CVE-2021-31810 GHSA-wr95-679j-87v9	Multiple vulnerabilities have been discovered in Ruby, the worst of which could lead to execution of arbitrary code.	3.0.2-1 Affected by 0 other vulnerabilities.
VCID-xkby-43zv-x3f7 Aliases: CVE-2021-32066 GHSA-gx49-h5r3-q3xj	Multiple vulnerabilities have been discovered in Ruby, the worst of which could lead to execution of arbitrary code.	3.0.2-1 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-bdar-wgfe-qqgf	REXML round-trip instability The REXML gem before 3.2.5 in Ruby before 2.6.7, 2.7.x before 2.7.3, and 3.x before 3.0.1 does not properly address XML round-trip issues. An incorrect document can be produced after parsing and serializing.	CVE-2021-28965 GHSA-8cr8-4vfw-mr7h

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-01T18:25:29.775052+00:00	Arch Linux Importer	Affected by	VCID-t9y5-hd9b-bkc4	https://security.archlinux.org/AVG-2138	38.0.0
2026-04-01T18:25:29.749923+00:00	Arch Linux Importer	Affected by	VCID-xkby-43zv-x3f7	https://security.archlinux.org/AVG-2138	38.0.0
2026-04-01T18:24:17.062438+00:00	Arch Linux Importer	Fixing	VCID-bdar-wgfe-qqgf	https://security.archlinux.org/AVG-1789	38.0.0