pkg:Bitnami/ruby-min

All known vulnerabilities

• CRITICAL9.8CVE-2022-28738A double free was found in the Regexp compiler in Ruby 3.x before 3.0.4 and 3.1.x before 3.1.2.
  >= 3.0.0, < 3.0.4, >= 3.1.0, < 3.1.2
• HIGH8.8CVE-2021-33621ruby2.7 - security update
  >= 2.7.0, < 2.7.7, >= 3.0.0, < 3.0.5, >= 3.1.0, < 3.1.3
• HIGH8.1CVE-2026-46727An issue was discovered in Ruby 4 before 4.0.5.
  >= 4.0.0, < 4.0.5
• HIGH7.5Ruby Time component ReDoS issue
  from 0, < 2.7.8
• HIGH7.5jruby - security update
  from 0, < 2.5.9, >= 2.6.0, < 2.6.7, >= 2.7.0, < 2.7.2
• HIGH7.5There is a buffer over-read in Ruby before 2.6.10, 2.7.x before 2.7.6, 3.x before 3.0.4, and 3.1.x before 3.1.2.
  from 0, < 2.6.10, >= 2.7.0, < 2.7.6, >= 3.0.0, < 3.0.4, >= 3.1.0, < 3.1.2
• HIGH7.5Cookie Prefix Spoofing in CGI::Cookie.parse
  from 0, < 2.6.9, >= 2.7.0, < 2.7.5, >= 3.0.0, < 3.0.3
• HIGH7.5ruby2.3 - security update
  >= 2.6.0, < 2.6.9, >= 2.7.0, < 2.7.5, >= 3.0.0, < 3.0.3
• HIGH7.5Tempfile on Windows path traversal vulnerability
  from 0, < 2.7.3, >= 3.0.0, < 3.0.1
• HIGH7.5ruby2.5 - security update
  from 0, < 2.6.7, >= 2.7.0, < 2.7.3, >= 3.0.0, < 3.0.1
• HIGH7.4An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1.
  >= 2.6.0, < 2.6.8, >= 2.7.0, < 2.7.4, >= 3.0.0, < 3.0.2
• MEDIUM6.6An issue was discovered in Ruby 3.x through 3.3.0.
  from 0, < 3.1.6, >= 3.2.0, < 3.2.6, >= 3.3.0, < 3.3.7
• MEDIUM6.5HTTP Response Splitting in Puma
  from 0, < 2.3.1, >= 2.4.0, < 2.4.8, >= 2.5.0, < 2.5.7, >= 2.6.0, < 2.6.5
• MEDIUM5.8An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1.
  from 0, < 2.6.8, >= 2.7.0, < 2.7.4, >= 3.0.0, < 3.0.2
• MEDIUM5.3An issue was discovered in Ruby 2.5.x through 2.5.7, 2.6.x through 2.6.5, and 2.7.0.
  >= 2.5.0, < 2.5.8, >= 2.6.0, < 2.6.6, >= 2.7.0, < 2.7.1