It was discovered that Ruby incorrectly handled certain IO stream methods. A remote attacker could use this issue to cause Ruby to crash, resulting in a denial of service, or possibly obtain sensitive information. This issue only affected Ubuntu 18.04 LTS. (CVE-2024-27280) It was discovered that the Ruby regex compiler incorrectly handled certain memory operations. A remote attacker could possibly use this issue to obtain sensitive memory contents. This issue only affected Ubuntu 18.04 LTS. (CVE-2024-27282) It was discovered that Ruby incorrectly handled parsing of certain XML characters through the REXML gem. An attacker could use this issue to cause Ruby to crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS. (CVE-2024-35176) It was discovered that Ruby incorrectly handled decompressed domain names within a DNS packet. An attacker could use this issue to cause Ruby to crash, resulting in a denial of service. (CVE-2025-24294)
Continue reading...
Continue reading...
