It was discovered that Ruby incorrectly handled certain files. An attacker could possibly use this issue to pass path matching what can lead to an unauthorized access. (CVE-2019-15845)
It was discovered that Ruby incorrectly handled certain regular expressions. An attacker could use this issue to cause a denial of service. (CVE-2019-16201)
It was discovered that Ruby incorrectly handled certain HTTP headers. An attacker could possibly use this issue to execute arbitrary code. (CVE-2019-16254)
It was discovered that Ruby incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. (CVE-2019-16255)
{ "availability": "No subscription required", "binaries": [ { "libruby2.3-dbgsym": "2.3.1-2~ubuntu16.04.14", "ruby2.3-tcltk": "2.3.1-2~ubuntu16.04.14", "ruby2.3-dev-dbgsym": "2.3.1-2~ubuntu16.04.14", "libruby2.3-dbg": "2.3.1-2~ubuntu16.04.14", "ruby2.3-dev": "2.3.1-2~ubuntu16.04.14", "ruby2.3-dbgsym": "2.3.1-2~ubuntu16.04.14", "libruby2.3": "2.3.1-2~ubuntu16.04.14", "ruby2.3-tcltk-dbgsym": "2.3.1-2~ubuntu16.04.14", "ruby2.3": "2.3.1-2~ubuntu16.04.14", "ruby2.3-doc": "2.3.1-2~ubuntu16.04.14" } ] }