There is an escape sequence injection vulnerability in the Basic authentication of WEBrick bundled by Ruby. This vulnerability has been assigned the CVE identifier CVE-2017-10784.
Posted by usa on 14 Sep 2017
There is a buffer underrun vulnerability in the sprintf method of Kernel module.
This vulnerability has been assigned the CVE identifier CVE-2017-0898.
Posted by usa on 14 Sep 2017
Ruby 2.2.8 has been released. This release includes several security fixes. Please check the topics below for details.
Posted by usa on 14 Sep 2017
There is a buffer underrun vulnerability in OpenSSL bundled by Ruby. This vulnerability has been assigned the CVE identifier CVE-2017-14033.
Posted by usa on 14 Sep 2017
There is a heap exposure vulnerability in JSON bundled by Ruby. This vulnerability has been assigned the CVE identifier CVE-2017-14064.
Posted by usa on 14 Sep 2017
We are pleased to announce the release of Ruby 2.4.2. This release contains some security fixes.
Posted by nagachika on 14 Sep 2017