Description
rubygem-bundler: Dependencies of gems with explicit source may be installed from a different source.
ruby: NUL injection vulnerability of File.fnmatch and File.fnmatch?.
ruby: Regular expression denial of service vulnerability of WEBrick's Digest authentication.
ruby: Code injection via command argument of Shell#test / Shell#[].
rubygem-json: Unsafe object creation vulnerability in JSON.
ruby: BasicSocket#read_nonblock method leads to information disclosure.
ruby: Potential HTTP request smuggling in WEBrick.
ruby: XML round-trip vulnerability in REXML.
rubygem-rdoc: Command injection vulnerability in RDoc.
ruby: FTP PASV command response can cause Net::FTP to connect to arbitrary host.
ruby: StartTLS stripping vulnerability in Net::IMAP.
ruby: Regular expression denial of service vulnerability of Date parsing methods.
ruby: Cookie prefix spoofing in CGI::Cookie.parse.
ruby: HTTP response splitting in WEBrick.