VulnerableCode Package Details - pkg:ruby/ruby@2.7

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:ruby/ruby@2.7

Essentials
History (10)

purl	pkg:ruby/ruby@2.7

Next non-vulnerable version	None.
Latest non-vulnerable version	None.
Risk	4.0

Vulnerabilities affecting this package (10)

Vulnerability	Summary	Fixed by
VCID-2sv2-6snv-2bd3 Aliases: CVE-2022-28739 GHSA-mvgc-rxvg-hqc6	Multiple vulnerabilities have been discovered in Ruby, the worst of which could lead to execution of arbitrary code.	There are no reported fixed by versions.
VCID-3d14-jf3q-xqbf Aliases: CVE-2020-10933 GHSA-g5hm-28jr-53fh	ruby: BasicSocket#read_nonblock method leads to information disclosure	There are no reported fixed by versions.
VCID-5fqj-uwnz-93af Aliases: CVE-2019-15845	Multiple vulnerabilities have been found in Ruby, the worst of which could lead to the remote execution of arbitrary code.	There are no reported fixed by versions.
VCID-d6tn-s1q2-a3hc Aliases: CVE-2020-10663 GHSA-jphg-qwrw-7w9g	Unsafe object creation in json RubyGem The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through 2.6.5, has an Unsafe Object Creation Vulnerability. This is quite similar to CVE-2013-0269/GHSA-x457-cw4h-hq5f, but does not rely on poor garbage-collection behavior within Ruby. Specifically, use of JSON parsing methods can lead to creation of a malicious object within the interpreter, with adverse effects that are application-dependent.	There are no reported fixed by versions.
VCID-f6d8-e8tp-c3am Aliases: CVE-2019-16255 GHSA-ph7w-p94x-9vvw	Multiple vulnerabilities have been found in Ruby, the worst of which could lead to the remote execution of arbitrary code.	There are no reported fixed by versions.
VCID-kp26-vpgn-k7az Aliases: CVE-2019-16201	Multiple vulnerabilities have been found in Ruby, the worst of which could lead to the remote execution of arbitrary code.	There are no reported fixed by versions.
VCID-qwh3-25yu-qfga Aliases: CVE-2022-28738 GHSA-8pqg-8p79-j5j8	Multiple vulnerabilities have been discovered in Ruby, the worst of which could lead to execution of arbitrary code.	There are no reported fixed by versions.
VCID-t9y5-hd9b-bkc4 Aliases: CVE-2021-31810 GHSA-wr95-679j-87v9	Multiple vulnerabilities have been discovered in Ruby, the worst of which could lead to execution of arbitrary code.	There are no reported fixed by versions.
VCID-xkby-43zv-x3f7 Aliases: CVE-2021-32066 GHSA-gx49-h5r3-q3xj	Multiple vulnerabilities have been discovered in Ruby, the worst of which could lead to execution of arbitrary code.	There are no reported fixed by versions.
VCID-y56y-5am7-wkhr Aliases: CVE-2019-16254 GHSA-w9fp-2996-hhwx	Multiple vulnerabilities have been found in Ruby, the worst of which could lead to the remote execution of arbitrary code.	There are no reported fixed by versions.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-01T15:18:13.710832+00:00	Ruby Importer	Affected by	VCID-d6tn-s1q2-a3hc	https://github.com/rubysec/ruby-advisory-db/blob/master/rubies/ruby/CVE-2020-10663.yml	38.0.0
2026-04-01T15:18:13.125123+00:00	Ruby Importer	Affected by	VCID-xkby-43zv-x3f7	https://github.com/rubysec/ruby-advisory-db/blob/master/rubies/ruby/CVE-2021-32066.yml	38.0.0
2026-04-01T15:18:12.919317+00:00	Ruby Importer	Affected by	VCID-f6d8-e8tp-c3am	https://github.com/rubysec/ruby-advisory-db/blob/master/rubies/ruby/CVE-2019-16255.yml	38.0.0
2026-04-01T15:18:12.697978+00:00	Ruby Importer	Affected by	VCID-2sv2-6snv-2bd3	https://github.com/rubysec/ruby-advisory-db/blob/master/rubies/ruby/CVE-2022-28739.yml	38.0.0
2026-04-01T15:18:12.289120+00:00	Ruby Importer	Affected by	VCID-t9y5-hd9b-bkc4	https://github.com/rubysec/ruby-advisory-db/blob/master/rubies/ruby/CVE-2021-31810.yml	38.0.0
2026-04-01T15:18:12.057176+00:00	Ruby Importer	Affected by	VCID-3d14-jf3q-xqbf	https://github.com/rubysec/ruby-advisory-db/blob/master/rubies/ruby/CVE-2020-10933.yml	38.0.0
2026-04-01T15:18:11.818165+00:00	Ruby Importer	Affected by	VCID-qwh3-25yu-qfga	https://github.com/rubysec/ruby-advisory-db/blob/master/rubies/ruby/CVE-2022-28738.yml	38.0.0
2026-04-01T15:18:11.712113+00:00	Ruby Importer	Affected by	VCID-y56y-5am7-wkhr	https://github.com/rubysec/ruby-advisory-db/blob/master/rubies/ruby/CVE-2019-16254.yml	38.0.0
2026-04-01T15:18:11.521321+00:00	Ruby Importer	Affected by	VCID-kp26-vpgn-k7az	https://github.com/rubysec/ruby-advisory-db/blob/master/rubies/ruby/CVE-2019-16201.yml	38.0.0
2026-04-01T15:18:10.783204+00:00	Ruby Importer	Affected by	VCID-5fqj-uwnz-93af	https://github.com/rubysec/ruby-advisory-db/blob/master/rubies/ruby/CVE-2019-15845.yml	38.0.0