It was discovered that Ruby RDoc incorrectly parsed certain YAML files. If a user or automated system were tricked into parsing a specially crafted .rdoc_options file, a remote attacker could possibly use this issue to execute arbitrary code. (CVE-2024-27281)
It was discovered that the Ruby regex compiler incorrectly handled certain memory operations. A remote attacker could possibly use this issue to obtain sensitive memory contents. (CVE-2024-27282)
{ "availability": "No subscription required", "binaries": [ { "ruby2.7-doc": "2.7.0-5ubuntu1.13", "ruby2.7-dbgsym": "2.7.0-5ubuntu1.13", "ruby2.7": "2.7.0-5ubuntu1.13", "libruby2.7": "2.7.0-5ubuntu1.13", "libruby2.7-dbgsym": "2.7.0-5ubuntu1.13", "ruby2.7-dev": "2.7.0-5ubuntu1.13" } ] }
{ "availability": "No subscription required", "binaries": [ { "ruby3.2-dbgsym": "3.2.3-1ubuntu0.24.04.1", "ruby3.2-doc": "3.2.3-1ubuntu0.24.04.1", "libruby3.2": "3.2.3-1ubuntu0.24.04.1", "ruby3.2-dev": "3.2.3-1ubuntu0.24.04.1", "ruby3.2": "3.2.3-1ubuntu0.24.04.1", "libruby3.2-dbgsym": "3.2.3-1ubuntu0.24.04.1" } ] }