RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 series: 2.4.3 and earlier, Ruby 2.5 series: 2.5.0 and earlier, prior to trunk revision 62422 contains a infinite loop caused by negative size vulnerability in ruby gem package tar header that can result in a negative size could cause an infinite loop.. This vulnerability appears to have been fixed in 2.7.6.
The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Rubygems | Rubygems | * | 2.2.9 (including) |
| Jruby | Ubuntu | artful | * |
| Jruby | Ubuntu | bionic | * |
| Jruby | Ubuntu | cosmic | * |
| Jruby | Ubuntu | trusty | * |
| Jruby | Ubuntu | trusty/esm | * |
| Jruby | Ubuntu | xenial | * |
| Ruby1.9.1 | Ubuntu | trusty | * |
| Ruby2.0 | Ubuntu | trusty | * |
| Ruby2.3 | Ubuntu | artful | * |
| Ruby2.3 | Ubuntu | xenial | * |
| Ruby2.5 | Ubuntu | bionic | * |
| Ruby2.5 | Ubuntu | cosmic | * |
| Ruby2.5 | Ubuntu | disco | * |
| Ruby2.5 | Ubuntu | eoan | * |
| Red Hat Enterprise Linux 7 | RedHat | ruby-0:2.0.0.648-36.el7 | * |
| Red Hat Enterprise Linux 7.4 Advanced Update Support | RedHat | ruby-0:2.0.0.648-35.el7_4 | * |
| Red Hat Enterprise Linux 7.4 Telco Extended Update Support | RedHat | ruby-0:2.0.0.648-35.el7_4 | * |
| Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions | RedHat | ruby-0:2.0.0.648-35.el7_4 | * |
| Red Hat Enterprise Linux 7.5 Extended Update Support | RedHat | ruby-0:2.0.0.648-35.el7_5 | * |
| Red Hat Enterprise Linux 7.6 Extended Update Support | RedHat | ruby-0:2.0.0.648-36.el7_6 | * |
| Red Hat Software Collections for Red Hat Enterprise Linux 6 | RedHat | rh-ruby23-ruby-0:2.3.8-69.el6 | * |
| Red Hat Software Collections for Red Hat Enterprise Linux 6 | RedHat | rh-ruby24-ruby-0:2.4.5-91.el6 | * |
| Red Hat Software Collections for Red Hat Enterprise Linux 7 | RedHat | rh-ruby23-ruby-0:2.3.8-69.el7 | * |
| Red Hat Software Collections for Red Hat Enterprise Linux 7 | RedHat | rh-ruby24-ruby-0:2.4.5-91.el7 | * |
| Red Hat Software Collections for Red Hat Enterprise Linux 7 | RedHat | rh-ruby25-ruby-0:2.5.3-6.el7 | * |
| Red Hat Software Collections for Red Hat Enterprise Linux 7.4 EUS | RedHat | rh-ruby23-ruby-0:2.3.8-69.el7 | * |
| Red Hat Software Collections for Red Hat Enterprise Linux 7.4 EUS | RedHat | rh-ruby24-ruby-0:2.4.5-91.el7 | * |
| Red Hat Software Collections for Red Hat Enterprise Linux 7.4 EUS | RedHat | rh-ruby25-ruby-0:2.5.3-6.el7 | * |
| Red Hat Software Collections for Red Hat Enterprise Linux 7.5 EUS | RedHat | rh-ruby23-ruby-0:2.3.8-69.el7 | * |
| Red Hat Software Collections for Red Hat Enterprise Linux 7.5 EUS | RedHat | rh-ruby24-ruby-0:2.4.5-91.el7 | * |
| Red Hat Software Collections for Red Hat Enterprise Linux 7.5 EUS | RedHat | rh-ruby25-ruby-0:2.5.3-6.el7 | * |
| Red Hat Software Collections for Red Hat Enterprise Linux 7.6 EUS | RedHat | rh-ruby23-ruby-0:2.3.8-69.el7 | * |
| Red Hat Software Collections for Red Hat Enterprise Linux 7.6 EUS | RedHat | rh-ruby24-ruby-0:2.4.5-91.el7 | * |
| Red Hat Software Collections for Red Hat Enterprise Linux 7.6 EUS | RedHat | rh-ruby25-ruby-0:2.5.3-6.el7 | * |