Zowongolera zowongolera chilankhulo cha pulogalamu ya Ruby 3.1.2, 3.0.4, 2.7.6, 2.6.10 zidapangidwa, momwe ziwopsezo ziwiri zidachotsedwa:
- CVE-2022-28738 ndi kachidindo kopanda mawu kawiri kawiri kamene kamapezeka pamene chingwe chopangidwa chimadutsa popanga chinthu cha Regexp. Kusatetezeka kungagwiritsidwe ntchito pogwiritsa ntchito deta yakunja yosadalirika mu chinthu cha Regexp.
- CVE-2022-28739 - Buffer kusefukira mu zingwe-to-float conversion code. Chiwopsezochi chitha kugwiritsidwa ntchito kuti mupeze zomwe zili m'makumbukidwe mukakonza deta yosadalirika yakunja m'njira monga Kernel#Float ndi String#to_f.
Source: opennet.ru