Type | URI |
---|---|
MISC | https://hackerone.com/reports/1248108 |
MISC | https://security-tracker.debian.org/tracker/CVE-2022-28739 |
CONFIRM | https://www.ruby-lang.org/en/news/2022/04/12/buffer-overrun-in-string-to-float-cve-2022-28739/ |
Third Party Advisory | https://security.netapp.com/advisory/ntap-20220624-0002/ |
Third Party Advisory | https://support.apple.com/kb/HT213493 |
Third Party Advisory | https://support.apple.com/kb/HT213494 |
Third Party Advisory | https://support.apple.com/kb/HT213488 |
Mailing List | http://seclists.org/fulldisclosure/2022/Oct/41 |
MISC | http://seclists.org/fulldisclosure/2022/Oct/28 |
MISC | http://seclists.org/fulldisclosure/2022/Oct/29 |
MISC | http://seclists.org/fulldisclosure/2022/Oct/42 |
MISC | http://seclists.org/fulldisclosure/2022/Oct/30 |
MISC | https://lists.debian.org/debian-lts-announce/2023/06/msg00012.html |
cve@mitre.org | https://security.gentoo.org/glsa/202401-27 |
CPE URI | Source package | Min version | Max version |
---|---|---|---|
cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:* |
ruby | >= 3.1.0 | < 3.1.2 |
cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:* |
ruby | >= 3.0.0 | < 3.0.4 |
cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:* |
ruby | >= 2.7.0 | < 2.7.6 |
cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:* |
ruby | >= None | < 2.6.10 |
Source package | Branch | Version | Maintainer | Status |
---|---|---|---|---|
ruby | 3.13-main | 2.7.6-r0 | Natanael Copa <ncopa@alpinelinux.org> | fixed |
ruby | 3.12-main | 2.7.6-r0 | Natanael Copa <ncopa@alpinelinux.org> | fixed |