{"id":"CLSA-2025-1759222758","summary":"ruby: Fix of 4 CVEs","details":"- CVE-2016-2337: Fix type confusion in _cancel_eval Ruby's TclTkIp class method\n  to prevent arbitrary code execution\n- CVE-2017-9224: Fix stack out-of-bounds read in match_at() during regular\n  expression searching\n- CVE-2017-9227: Fix stack out-of-bounds read in mbc_enc_len() and invalid\n  pointer dereference in  forward_search_range()\n- CVE-2017-9228: Fix heap out-of-bounds write in bitset_set_range() and\n  parse_char_class() by initializing critical local variable","modified":"2026-05-27T11:18:23.889886501Z","published":"2025-09-30T08:59:21Z","upstream":["CVE-2016-2337","CVE-2017-9224","CVE-2017-9227","CVE-2017-9228"],"references":[{"type":"ADVISORY","url":"https://errata.tuxcare.com/els_os/centos7els/CLSA-2025-1759222758.html"}],"affected":[{"package":{"name":"ruby","ecosystem":"TuxCare:CentOS:7","purl":"pkg:rpm/tuxcare/ruby?distro=centos-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.0.0.648-39.el7_9.tuxcare.els11"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos7els/CLSA-2025-1759222758.json"}},{"package":{"name":"ruby-devel","ecosystem":"TuxCare:CentOS:7","purl":"pkg:rpm/tuxcare/ruby-devel?distro=centos-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.0.0.648-39.el7_9.tuxcare.els11"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos7els/CLSA-2025-1759222758.json"}},{"package":{"name":"ruby-doc","ecosystem":"TuxCare:CentOS:7","purl":"pkg:rpm/tuxcare/ruby-doc?distro=centos-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.0.0.648-39.el7_9.tuxcare.els11"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos7els/CLSA-2025-1759222758.json"}},{"package":{"name":"ruby-irb","ecosystem":"TuxCare:CentOS:7","purl":"pkg:rpm/tuxcare/ruby-irb?distro=centos-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.0.0.648-39.el7_9.tuxcare.els11"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos7els/CLSA-2025-1759222758.json"}},{"package":{"name":"ruby-libs","ecosystem":"TuxCare:CentOS:7","purl":"pkg:rpm/tuxcare/ruby-libs?distro=centos-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.0.0.648-39.el7_9.tuxcare.els11"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos7els/CLSA-2025-1759222758.json"}},{"package":{"name":"ruby-tcltk","ecosystem":"TuxCare:CentOS:7","purl":"pkg:rpm/tuxcare/ruby-tcltk?distro=centos-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.0.0.648-39.el7_9.tuxcare.els11"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos7els/CLSA-2025-1759222758.json"}},{"package":{"name":"rubygem-bigdecimal","ecosystem":"TuxCare:CentOS:7","purl":"pkg:rpm/tuxcare/rubygem-bigdecimal?distro=centos-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.2.0-39.el7_9.tuxcare.els11"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos7els/CLSA-2025-1759222758.json"}},{"package":{"name":"rubygem-io-console","ecosystem":"TuxCare:CentOS:7","purl":"pkg:rpm/tuxcare/rubygem-io-console?distro=centos-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.4.2-39.el7_9.tuxcare.els11"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos7els/CLSA-2025-1759222758.json"}},{"package":{"name":"rubygem-json","ecosystem":"TuxCare:CentOS:7","purl":"pkg:rpm/tuxcare/rubygem-json?distro=centos-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.7.7-39.el7_9.tuxcare.els11"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos7els/CLSA-2025-1759222758.json"}},{"package":{"name":"rubygem-minitest","ecosystem":"TuxCare:CentOS:7","purl":"pkg:rpm/tuxcare/rubygem-minitest?distro=centos-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.3.2-39.el7_9.tuxcare.els11"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos7els/CLSA-2025-1759222758.json"}},{"package":{"name":"rubygem-psych","ecosystem":"TuxCare:CentOS:7","purl":"pkg:rpm/tuxcare/rubygem-psych?distro=centos-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.0.0-39.el7_9.tuxcare.els11"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos7els/CLSA-2025-1759222758.json"}},{"package":{"name":"rubygem-rake","ecosystem":"TuxCare:CentOS:7","purl":"pkg:rpm/tuxcare/rubygem-rake?distro=centos-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.9.6-39.el7_9.tuxcare.els11"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos7els/CLSA-2025-1759222758.json"}},{"package":{"name":"rubygem-rdoc","ecosystem":"TuxCare:CentOS:7","purl":"pkg:rpm/tuxcare/rubygem-rdoc?distro=centos-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.0.0-39.el7_9.tuxcare.els11"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos7els/CLSA-2025-1759222758.json"}},{"package":{"name":"rubygems","ecosystem":"TuxCare:CentOS:7","purl":"pkg:rpm/tuxcare/rubygems?distro=centos-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.0.14.1-39.el7_9.tuxcare.els11"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos7els/CLSA-2025-1759222758.json"}},{"package":{"name":"rubygems-devel","ecosystem":"TuxCare:CentOS:7","purl":"pkg:rpm/tuxcare/rubygems-devel?distro=centos-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.0.14.1-39.el7_9.tuxcare.els11"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos7els/CLSA-2025-1759222758.json"}}],"schema_version":"1.7.5"}