Description
rubygem-bundler: Insecure permissions on directory in /tmp/ allows for execution of malicious code.
ruby: NUL injection vulnerability of File.fnmatch and File.fnmatch?.
ruby: Regular expression denial of service vulnerability of WEBrick's Digest authentication.
ruby: Code injection via command argument of Shell#test / Shell#[].
rubygem-json: Unsafe object creation vulnerability in JSON.
ruby: BasicSocket#read_nonblock method leads to information disclosure.
ruby: Potential HTTP request smuggling in WEBrick.
ruby: XML round-trip vulnerability in REXML.
ruby: HTTP response splitting in WEBrick.
Resolv::DNS: ruby:2.6/ruby: timeouts if multiple IPv6 name servers are given and address contains leading zero [rhel-8] (BZ#1954968).