Alerts This Week
Warning Icon 1 1,154
Alerts This Week
Warning Icon 1 1,154

Ubuntu 22.04: RubyGems Potential ReDoS Vulnerability USN-7747-2

ubuntu
Calendar Grey September 15, 2025
Dist Ubuntu Esm H88
Ubuntu Security Notice USN-7747-1 highlights a RubyGems issue that could lead to resource consumption and ReDoS.
RubyGems could be made to consume resources if it received specially crafted input.

Summary

RubyGems could be made to consume resources if it received specially

crafted input.

Software Description:

- rubygems: package management framework for Ruby libraries/applications

Details:

It was discovered that RubyGems incorrectly handled certain regular

expressions. An attacker could possibly use this issue to cause RubyGems to

consume resources, leading to a regular expression denial of service

(ReDoS).

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 22.04 LTS
  ruby-bundler                    2.3.5-2ubuntu1.2

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-7747-1

CVE-2023-36617

Severity
important
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-7747-1

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here