Vulnerability Database
Blog
FAQ
Docs
arrow_forward
search
RHSA-2022:0543
See a problem?
Please try reporting it
to the source
first.
Source
https://access.redhat.com/errata/RHSA-2022:0543
Import Source
https://security.access.redhat.com/data/osv/RHSA-2022:0543.json
JSON Data
https://api.test.osv.dev/v1/vulns/RHSA-2022:0543
Upstream
CVE-2020-36327
CVE-2021-31799
CVE-2021-31810
CVE-2021-32066
CVE-2021-41817
CVE-2021-41819
Published
2024-09-13T20:32:52Z
Modified
2025-09-11T11:48:13Z
Severity
8.8 (High)
CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVSS Calculator
Summary
Red Hat Security Advisory: ruby:2.6 security update
Details
References
https://access.redhat.com/errata/RHSA-2022:0543
https://access.redhat.com/security/updates/classification/#important
https://access.redhat.com/articles/6206172
https://bugzilla.redhat.com/show_bug.cgi?id=1958999
https://bugzilla.redhat.com/show_bug.cgi?id=1980126
https://bugzilla.redhat.com/show_bug.cgi?id=1980128
https://bugzilla.redhat.com/show_bug.cgi?id=1980132
https://bugzilla.redhat.com/show_bug.cgi?id=2025104
https://bugzilla.redhat.com/show_bug.cgi?id=2026757
https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_0543.json
https://access.redhat.com/security/cve/CVE-2020-36327
https://www.cve.org/CVERecord?id=CVE-2020-36327
https://nvd.nist.gov/vuln/detail/CVE-2020-36327
https://www.zofrex.com/blog/2021/04/29/bundler-still-vulnerable-dependency-confusion-cve-2020-36327/
https://access.redhat.com/security/cve/CVE-2021-31799
https://www.cve.org/CVERecord?id=CVE-2021-31799
https://nvd.nist.gov/vuln/detail/CVE-2021-31799
https://www.ruby-lang.org/en/news/2021/05/02/os-command-injection-in-rdoc/
https://access.redhat.com/security/cve/CVE-2021-31810
https://www.cve.org/CVERecord?id=CVE-2021-31810
https://nvd.nist.gov/vuln/detail/CVE-2021-31810
https://www.ruby-lang.org/en/news/2021/07/07/trusting-pasv-responses-in-net-ftp/
https://access.redhat.com/security/cve/CVE-2021-32066
https://www.cve.org/CVERecord?id=CVE-2021-32066
https://nvd.nist.gov/vuln/detail/CVE-2021-32066
https://www.ruby-lang.org/en/news/2021/07/07/starttls-stripping-in-net-imap/
https://access.redhat.com/security/cve/CVE-2021-41817
https://www.cve.org/CVERecord?id=CVE-2021-41817
https://nvd.nist.gov/vuln/detail/CVE-2021-41817
https://www.ruby-lang.org/en/news/2021/11/15/date-parsing-method-regexp-dos-cve-2021-41817/
https://access.redhat.com/security/cve/CVE-2021-41819
https://www.cve.org/CVERecord?id=CVE-2021-41819
https://nvd.nist.gov/vuln/detail/CVE-2021-41819
Affected packages
Red Hat:enterprise_linux:8::appstream
/
rubygem-bundler-1.17.2
Package
Name
rubygem-bundler-1.17.2
Purl
pkg:rpm/redhat/rubygem-bundler
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
108.module+el8.5.0+13719+08a8ba32.noarch.rpm-ruby:2
Red Hat:enterprise_linux:8::appstream
/
ruby-2.6.9
Package
Name
ruby-2.6.9
Purl
pkg:rpm/redhat/ruby
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
108.module+el8.5.0+13719+08a8ba32.x86_64.rpm-ruby:2
Red Hat:enterprise_linux:8::appstream
/
ruby-debuginfo-2.6.9
Package
Name
ruby-debuginfo-2.6.9
Purl
pkg:rpm/redhat/ruby-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
108.module+el8.5.0+13719+08a8ba32.x86_64.rpm-ruby:2
Red Hat:enterprise_linux:8::appstream
/
ruby-debugsource-2.6.9
Package
Name
ruby-debugsource-2.6.9
Purl
pkg:rpm/redhat/ruby-debugsource
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
108.module+el8.5.0+13719+08a8ba32.x86_64.rpm-ruby:2
Red Hat:enterprise_linux:8::appstream
/
ruby-devel-2.6.9
Package
Name
ruby-devel-2.6.9
Purl
pkg:rpm/redhat/ruby-devel
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
108.module+el8.5.0+13719+08a8ba32.x86_64.rpm-ruby:2
Red Hat:enterprise_linux:8::appstream
/
ruby-doc-2.6.9
Package
Name
ruby-doc-2.6.9
Purl
pkg:rpm/redhat/ruby-doc
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
108.module+el8.5.0+13719+08a8ba32.noarch.rpm-ruby:2
Red Hat:enterprise_linux:8::appstream
/
ruby-libs-2.6.9
Package
Name
ruby-libs-2.6.9
Purl
pkg:rpm/redhat/ruby-libs
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
108.module+el8.5.0+13719+08a8ba32.x86_64.rpm-ruby:2
Red Hat:enterprise_linux:8::appstream
/
ruby-libs-debuginfo-2.6.9
Package
Name
ruby-libs-debuginfo-2.6.9
Purl
pkg:rpm/redhat/ruby-libs-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
108.module+el8.5.0+13719+08a8ba32.x86_64.rpm-ruby:2
Red Hat:enterprise_linux:8::appstream
/
rubygem-abrt-0.3.0
Package
Name
rubygem-abrt-0.3.0
Purl
pkg:rpm/redhat/rubygem-abrt
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
4.module+el8.1.0+3653+beb38eb0.src.rpm-ruby:2
Red Hat:enterprise_linux:8::appstream
/
rubygem-abrt-doc-0.3.0
Package
Name
rubygem-abrt-doc-0.3.0
Purl
pkg:rpm/redhat/rubygem-abrt-doc
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
4.module+el8.1.0+3653+beb38eb0.noarch.rpm-ruby:2
Red Hat:enterprise_linux:8::appstream
/
rubygem-bigdecimal-1.4.1
Package
Name
rubygem-bigdecimal-1.4.1
Purl
pkg:rpm/redhat/rubygem-bigdecimal
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
108.module+el8.5.0+13719+08a8ba32.x86_64.rpm-ruby:2
Red Hat:enterprise_linux:8::appstream
/
rubygem-bigdecimal-debuginfo-1.4.1
Package
Name
rubygem-bigdecimal-debuginfo-1.4.1
Purl
pkg:rpm/redhat/rubygem-bigdecimal-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
108.module+el8.5.0+13719+08a8ba32.x86_64.rpm-ruby:2
Red Hat:enterprise_linux:8::appstream
/
rubygem-bson-4.5.0
Package
Name
rubygem-bson-4.5.0
Purl
pkg:rpm/redhat/rubygem-bson
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
1.module+el8.1.0+3653+beb38eb0.x86_64.rpm-ruby:2
Red Hat:enterprise_linux:8::appstream
/
rubygem-bson-debuginfo-4.5.0
Package
Name
rubygem-bson-debuginfo-4.5.0
Purl
pkg:rpm/redhat/rubygem-bson-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
1.module+el8.1.0+3653+beb38eb0.x86_64.rpm-ruby:2
Red Hat:enterprise_linux:8::appstream
/
rubygem-bson-debugsource-4.5.0
Package
Name
rubygem-bson-debugsource-4.5.0
Purl
pkg:rpm/redhat/rubygem-bson-debugsource
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
1.module+el8.1.0+3653+beb38eb0.x86_64.rpm-ruby:2
Red Hat:enterprise_linux:8::appstream
/
rubygem-bson-doc-4.5.0
Package
Name
rubygem-bson-doc-4.5.0
Purl
pkg:rpm/redhat/rubygem-bson-doc
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
1.module+el8.1.0+3653+beb38eb0.noarch.rpm-ruby:2
Red Hat:enterprise_linux:8::appstream
/
rubygem-did_you_mean-1.3.0
Package
Name
rubygem-did_you_mean-1.3.0
Purl
pkg:rpm/redhat/rubygem-did_you_mean
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
108.module+el8.5.0+13719+08a8ba32.noarch.rpm-ruby:2
Red Hat:enterprise_linux:8::appstream
/
rubygem-io-console-0.4.7
Package
Name
rubygem-io-console-0.4.7
Purl
pkg:rpm/redhat/rubygem-io-console
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
108.module+el8.5.0+13719+08a8ba32.x86_64.rpm-ruby:2
Red Hat:enterprise_linux:8::appstream
/
rubygem-io-console-debuginfo-0.4.7
Package
Name
rubygem-io-console-debuginfo-0.4.7
Purl
pkg:rpm/redhat/rubygem-io-console-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
108.module+el8.5.0+13719+08a8ba32.x86_64.rpm-ruby:2
Red Hat:enterprise_linux:8::appstream
/
rubygem-irb-1.0.0
Package
Name
rubygem-irb-1.0.0
Purl
pkg:rpm/redhat/rubygem-irb
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
108.module+el8.5.0+13719+08a8ba32.noarch.rpm-ruby:2
Red Hat:enterprise_linux:8::appstream
/
rubygem-json-2.1.0
Package
Name
rubygem-json-2.1.0
Purl
pkg:rpm/redhat/rubygem-json
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
108.module+el8.5.0+13719+08a8ba32.x86_64.rpm-ruby:2
Red Hat:enterprise_linux:8::appstream
/
rubygem-json-debuginfo-2.1.0
Package
Name
rubygem-json-debuginfo-2.1.0
Purl
pkg:rpm/redhat/rubygem-json-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
108.module+el8.5.0+13719+08a8ba32.x86_64.rpm-ruby:2
Red Hat:enterprise_linux:8::appstream
/
rubygem-minitest-5.11.3
Package
Name
rubygem-minitest-5.11.3
Purl
pkg:rpm/redhat/rubygem-minitest
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
108.module+el8.5.0+13719+08a8ba32.noarch.rpm-ruby:2
Red Hat:enterprise_linux:8::appstream
/
rubygem-mongo-2.8.0
Package
Name
rubygem-mongo-2.8.0
Purl
pkg:rpm/redhat/rubygem-mongo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
1.module+el8.1.0+3653+beb38eb0.src.rpm-ruby:2
Red Hat:enterprise_linux:8::appstream
/
rubygem-mongo-doc-2.8.0
Package
Name
rubygem-mongo-doc-2.8.0
Purl
pkg:rpm/redhat/rubygem-mongo-doc
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
1.module+el8.1.0+3653+beb38eb0.noarch.rpm-ruby:2
Red Hat:enterprise_linux:8::appstream
/
rubygem-mysql2-0.5.2
Package
Name
rubygem-mysql2-0.5.2
Purl
pkg:rpm/redhat/rubygem-mysql2
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
1.module+el8.1.0+3653+beb38eb0.x86_64.rpm-ruby:2
Red Hat:enterprise_linux:8::appstream
/
rubygem-mysql2-debuginfo-0.5.2
Package
Name
rubygem-mysql2-debuginfo-0.5.2
Purl
pkg:rpm/redhat/rubygem-mysql2-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
1.module+el8.1.0+3653+beb38eb0.x86_64.rpm-ruby:2
Red Hat:enterprise_linux:8::appstream
/
rubygem-mysql2-debugsource-0.5.2
Package
Name
rubygem-mysql2-debugsource-0.5.2
Purl
pkg:rpm/redhat/rubygem-mysql2-debugsource
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
1.module+el8.1.0+3653+beb38eb0.x86_64.rpm-ruby:2
Red Hat:enterprise_linux:8::appstream
/
rubygem-mysql2-doc-0.5.2
Package
Name
rubygem-mysql2-doc-0.5.2
Purl
pkg:rpm/redhat/rubygem-mysql2-doc
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
1.module+el8.1.0+3653+beb38eb0.noarch.rpm-ruby:2
Red Hat:enterprise_linux:8::appstream
/
rubygem-net-telnet-0.2.0
Package
Name
rubygem-net-telnet-0.2.0
Purl
pkg:rpm/redhat/rubygem-net-telnet
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
108.module+el8.5.0+13719+08a8ba32.noarch.rpm-ruby:2
Red Hat:enterprise_linux:8::appstream
/
rubygem-openssl-2.1.2
Package
Name
rubygem-openssl-2.1.2
Purl
pkg:rpm/redhat/rubygem-openssl
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
108.module+el8.5.0+13719+08a8ba32.x86_64.rpm-ruby:2
Red Hat:enterprise_linux:8::appstream
/
rubygem-openssl-debuginfo-2.1.2
Package
Name
rubygem-openssl-debuginfo-2.1.2
Purl
pkg:rpm/redhat/rubygem-openssl-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
108.module+el8.5.0+13719+08a8ba32.x86_64.rpm-ruby:2
Red Hat:enterprise_linux:8::appstream
/
rubygem-pg-1.1.4
Package
Name
rubygem-pg-1.1.4
Purl
pkg:rpm/redhat/rubygem-pg
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
1.module+el8.1.0+3653+beb38eb0.x86_64.rpm-ruby:2
Red Hat:enterprise_linux:8::appstream
/
rubygem-pg-debuginfo-1.1.4
Package
Name
rubygem-pg-debuginfo-1.1.4
Purl
pkg:rpm/redhat/rubygem-pg-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
1.module+el8.1.0+3653+beb38eb0.x86_64.rpm-ruby:2
Red Hat:enterprise_linux:8::appstream
/
rubygem-pg-debugsource-1.1.4
Package
Name
rubygem-pg-debugsource-1.1.4
Purl
pkg:rpm/redhat/rubygem-pg-debugsource
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
1.module+el8.1.0+3653+beb38eb0.x86_64.rpm-ruby:2
Red Hat:enterprise_linux:8::appstream
/
rubygem-pg-doc-1.1.4
Package
Name
rubygem-pg-doc-1.1.4
Purl
pkg:rpm/redhat/rubygem-pg-doc
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
1.module+el8.1.0+3653+beb38eb0.noarch.rpm-ruby:2
Red Hat:enterprise_linux:8::appstream
/
rubygem-power_assert-1.1.3
Package
Name
rubygem-power_assert-1.1.3
Purl
pkg:rpm/redhat/rubygem-power_assert
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
108.module+el8.5.0+13719+08a8ba32.noarch.rpm-ruby:2
Red Hat:enterprise_linux:8::appstream
/
rubygem-psych-3.1.0
Package
Name
rubygem-psych-3.1.0
Purl
pkg:rpm/redhat/rubygem-psych
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
108.module+el8.5.0+13719+08a8ba32.x86_64.rpm-ruby:2
Red Hat:enterprise_linux:8::appstream
/
rubygem-psych-debuginfo-3.1.0
Package
Name
rubygem-psych-debuginfo-3.1.0
Purl
pkg:rpm/redhat/rubygem-psych-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
108.module+el8.5.0+13719+08a8ba32.x86_64.rpm-ruby:2
Red Hat:enterprise_linux:8::appstream
/
rubygem-rake-12.3.3
Package
Name
rubygem-rake-12.3.3
Purl
pkg:rpm/redhat/rubygem-rake
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
108.module+el8.5.0+13719+08a8ba32.noarch.rpm-ruby:2
Red Hat:enterprise_linux:8::appstream
/
rubygem-rdoc-6.1.2.1
Package
Name
rubygem-rdoc-6.1.2.1
Purl
pkg:rpm/redhat/rubygem-rdoc
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
108.module+el8.5.0+13719+08a8ba32.noarch.rpm-ruby:2
Red Hat:enterprise_linux:8::appstream
/
rubygem-test-unit-3.2.9
Package
Name
rubygem-test-unit-3.2.9
Purl
pkg:rpm/redhat/rubygem-test-unit
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
108.module+el8.5.0+13719+08a8ba32.noarch.rpm-ruby:2
Red Hat:enterprise_linux:8::appstream
/
rubygem-xmlrpc-0.3.0
Package
Name
rubygem-xmlrpc-0.3.0
Purl
pkg:rpm/redhat/rubygem-xmlrpc
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
108.module+el8.5.0+13719+08a8ba32.noarch.rpm-ruby:2
Red Hat:enterprise_linux:8::appstream
/
rubygems-3.0.3.1
Package
Name
rubygems-3.0.3.1
Purl
pkg:rpm/redhat/rubygems
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
108.module+el8.5.0+13719+08a8ba32.noarch.rpm-ruby:2
Red Hat:enterprise_linux:8::appstream
/
rubygems-devel-3.0.3.1
Package
Name
rubygems-devel-3.0.3.1
Purl
pkg:rpm/redhat/rubygems-devel
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
108.module+el8.5.0+13719+08a8ba32.noarch.rpm-ruby:2
RHSA-2022:0543 - OSV