|Category:||Debian Local Security Checks|
|Title:||Debian: Security Advisory for ruby2.5 (DSA-4721-1)|
|Summary:||The remote host is missing an update for the 'ruby2.5'; package(s) announced via the DSA-4721-1 advisory.|
The remote host is missing an update for the 'ruby2.5'
package(s) announced via the DSA-4721-1 advisory.
Several vulnerabilities have been discovered in the interpreter for the
Jeremy Evans reported an unsafe object creation vulnerability in the
json gem bundled with Ruby. When parsing certain JSON documents, the
json gem can be coerced into creating arbitrary objects in the
Samuel Williams reported a flaw in the socket library which may lead
to exposure of possibly sensitive data from the interpreter.
'ruby2.5' package(s) on Debian Linux.
For the stable distribution (buster), these problems have been fixed in
We recommend that you upgrade your ruby2.5 packages.
Common Vulnerability Exposure (CVE) ID: CVE-2020-10663|
Common Vulnerability Exposure (CVE) ID: CVE-2020-10933
|Copyright||Copyright (C) 2020 Greenbone Networks GmbH|
|This is only one of 85075 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.