Site icon API Security Blog

ALSA-2022:5779: ruby:2.5 security update (Moderate)

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks.
Security Fix(es):
* ruby: Regular expression denial of service vulnerability of Date parsing methods (CVE-2021-41817)
* ruby: Cookie prefix spoofing in CGI::Cookie.parse (CVE-2021-41819)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Read More

Exit mobile version