VulnerableCode Package Details - pkg:rpm/redhat/rh-ruby27-ruby@2.7.8-132?arch=el7

Search for packages

Vulnerability	Summary	Fixed by
VCID-9g2w-sc9w-eyce Aliases: CVE-2021-33621 GHSA-vc47-6rqg-c7f5	Multiple vulnerabilities have been discovered in Ruby, the worst of which could lead to execution of arbitrary code.	There are no reported fixed by versions.
VCID-9x9w-2k98-wydm Aliases: CVE-2023-28756 GHSA-fg7x-g82r-94qc	Ruby Time component ReDoS issue A ReDoS issue was discovered in the Time component through 0.2.1 in Ruby through 3.2.1. The Time parser mishandles invalid URLs that have specific characters. It causes an increase in execution time for parsing strings to Time objects. The fixed versions are 0.1.1 and 0.2.2.	There are no reported fixed by versions.
VCID-uxdx-abx7-fkdy Aliases: CVE-2023-28755 GHSA-hv5j-3h9f-99c2	Ruby URI component ReDoS issue A ReDoS issue was discovered in the URI component through 0.12.0 in Ruby through 3.2.1. The URI parser mishandles invalid URLs that have specific characters. It causes an increase in execution time for parsing strings to URI objects. The fixed versions are 0.12.1, 0.11.1, 0.10.2 and 0.10.0.1.	There are no reported fixed by versions.

Vulnerability

Summary

Fixed by

VCID-9g2w-sc9w-eyce
Aliases:
CVE-2021-33621
GHSA-vc47-6rqg-c7f5

Multiple vulnerabilities have been discovered in Ruby, the worst of which could lead to execution of arbitrary code.

There are no reported fixed by versions.

VCID-9x9w-2k98-wydm
Aliases:
CVE-2023-28756
GHSA-fg7x-g82r-94qc

Ruby Time component ReDoS issue A ReDoS issue was discovered in the Time component through 0.2.1 in Ruby through 3.2.1. The Time parser mishandles invalid URLs that have specific characters. It causes an increase in execution time for parsing strings to Time objects. The fixed versions are 0.1.1 and 0.2.2.

There are no reported fixed by versions.

VCID-uxdx-abx7-fkdy
Aliases:
CVE-2023-28755
GHSA-hv5j-3h9f-99c2

Ruby URI component ReDoS issue A ReDoS issue was discovered in the URI component through 0.12.0 in Ruby through 3.2.1. The URI parser mishandles invalid URLs that have specific characters. It causes an increase in execution time for parsing strings to URI objects. The fixed versions are 0.12.1, 0.11.1, 0.10.2 and 0.10.0.1.

There are no reported fixed by versions.

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Vulnerability

Summary

Aliases

This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-01T13:56:17.680623+00:00	RedHat Importer	Affected by	VCID-9g2w-sc9w-eyce	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33621.json	38.0.0
2026-04-01T13:54:41.899057+00:00	RedHat Importer	Affected by	VCID-9x9w-2k98-wydm	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28756.json	38.0.0
2026-04-01T13:54:41.841353+00:00	RedHat Importer	Affected by	VCID-uxdx-abx7-fkdy	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28755.json	38.0.0