virus logo FortiClient Vulnerability

Security Vulnerabilities fixed in ruby RHSA-2021:3020

description-logoDescription

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fix(es): rubygem-bundler: Dependencies of gems with explicit source may be installed from a different source (CVE-2020-36327) rubygem-rdoc: Command injection vulnerability in RDoc (CVE-2021-31799) ruby: FTP PASV command response can cause Net::FTP to connect to arbitrary host (CVE-2021-31810) ruby: StartTLS stripping vulnerability in Net::IMAP (CVE-2021-32066) rubygem-bundler: Dependencies of gems with explicit source may be installed from a different source (CVE-2020-36327) rubygem-rdoc: Command injection vulnerability in RDoc (CVE-2021-31799) ruby: FTP PASV command response can cause Net::FTP to connect to arbitrary host (CVE-2021-31810) ruby: StartTLS stripping vulnerability in Net::IMAP (CVE-2021-32066) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. SolutionFor details on how to apply this update, which includes the changes described in this advisory, refer to:https://access.redhat.com/articles/11258

affected-products-logoAffected Applications

ruby

CVE References

CVE-2021-31799 CVE-2021-32066 CVE-2021-31810 CVE-2020-36327

Other References

https://access.redhat.com/errata/RHSA-2021:3020
ID 68748
Created Aug 07, 2021
Description
Updated		 Dec 20, 2023
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon
Coverage FortiClient
OS Linux
Vendor RedHat
Patch auto
Application ruby