VulnerableCode Package Details - pkg:rpm/redhat/rh-ruby30-ruby@3.0.4-149?arch=el7

Search for packages

Vulnerability	Summary	Fixed by
VCID-1vp9-6q85-5ffv Aliases: CVE-2021-41819 GHSA-4vf4-qmvg-mh7h	Reliance on Cookies without Validation and Integrity Checking in a Security Decision CGI::Cookie.parse in Ruby mishandles security prefixes in cookie names. This also affects the CGI gem for Ruby.	There are no reported fixed by versions.
VCID-2sv2-6snv-2bd3 Aliases: CVE-2022-28739 GHSA-mvgc-rxvg-hqc6	Multiple vulnerabilities have been discovered in Ruby, the worst of which could lead to execution of arbitrary code.	There are no reported fixed by versions.
VCID-gfjn-m9zp-57c5 Aliases: CVE-2021-41816 GHSA-5cqm-crxm-6qpv GMS-2021-17	Duplicate This advisory duplicates another.	There are no reported fixed by versions.
VCID-mkq9-21q7-6kg6 Aliases: CVE-2021-41817 GHSA-qg54-694p-wgpp	Regular expression denial of service vulnerability (ReDoS) in date Date includes a ReDoS vulnerability.	There are no reported fixed by versions.
VCID-qwh3-25yu-qfga Aliases: CVE-2022-28738 GHSA-8pqg-8p79-j5j8	Multiple vulnerabilities have been discovered in Ruby, the worst of which could lead to execution of arbitrary code.	There are no reported fixed by versions.

Vulnerability

Summary

Fixed by

VCID-1vp9-6q85-5ffv
Aliases:
CVE-2021-41819
GHSA-4vf4-qmvg-mh7h

Reliance on Cookies without Validation and Integrity Checking in a Security Decision CGI::Cookie.parse in Ruby mishandles security prefixes in cookie names. This also affects the CGI gem for Ruby.