{"id":"MGASA-2022-0143","summary":"Updated ruby packages fix security vulnerability","details":"Double free in Regexp compilation (CVE-2022-28738).\nA buffer overrun was found in String-to-Float conversion (CVE-2022-28739).\n","modified":"2026-02-01T20:49:35.786956Z","published":"2022-04-15T21:35:09Z","related":["CVE-2022-28738","CVE-2022-28739"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2022-0143.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=30278"},{"type":"REPORT","url":"http://www.ruby-lang.org/en/news/2022/04/12/buffer-overrun-in-string-to-float-cve-2022-28739/"}],"affected":[{"package":{"name":"ruby","ecosystem":"Mageia:8","purl":"pkg:rpm/mageia/ruby?arch=source&distro=mageia-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.7.6-33.4.mga8"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2022-0143.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}