SUSE-SU-2026:1066-1
Vulnerability from csaf_suse - Published: 2026-03-26 10:38 - Updated: 2026-03-26 10:38Summary
Security update for ruby2.5
Severity
Important
Notes
Title of the patch: Security update for ruby2.5
Description of the patch: This update for ruby2.5 fixes the following issues:
- CVE-2024-49761: ReDoS vulnerability in REXML gem (bsc#1232440 bsc#1232441).
- CVE-2025-58767: denial of service when parsing XML containing multiple XML declarations (bsc#1250016).
- CVE-2026-27820: insufficient checks in `zstream_buffer_ungets` can lead to a buffer overflow (bsc#1259239).
Patchnames: SUSE-2026-1066,SUSE-SLE-Module-Basesystem-15-SP7-2026-1066
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.9 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
8.8 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
References
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for ruby2.5",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for ruby2.5 fixes the following issues:\n\n- CVE-2024-49761: ReDoS vulnerability in REXML gem (bsc#1232440 bsc#1232441).\n- CVE-2025-58767: denial of service when parsing XML containing multiple XML declarations (bsc#1250016).\n- CVE-2026-27820: insufficient checks in `zstream_buffer_ungets` can lead to a buffer overflow (bsc#1259239).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2026-1066,SUSE-SLE-Module-Basesystem-15-SP7-2026-1066",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_1066-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:1066-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20261066-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:1066-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024943.html"
},
{
"category": "self",
"summary": "SUSE Bug 1232440",
"url": "https://bugzilla.suse.com/1232440"
},
{
"category": "self",
"summary": "SUSE Bug 1232441",
"url": "https://bugzilla.suse.com/1232441"
},
{
"category": "self",
"summary": "SUSE Bug 1250016",
"url": "https://bugzilla.suse.com/1250016"
},
{
"category": "self",
"summary": "SUSE Bug 1259239",
"url": "https://bugzilla.suse.com/1259239"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49761 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49761/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-58767 page",
"url": "https://www.suse.com/security/cve/CVE-2025-58767/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-27820 page",
"url": "https://www.suse.com/security/cve/CVE-2026-27820/"
}
],
"title": "Security update for ruby2.5",
"tracking": {
"current_release_date": "2026-03-26T10:38:44Z",
"generator": {
"date": "2026-03-26T10:38:44Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:1066-1",
"initial_release_date": "2026-03-26T10:38:44Z",
"revision_history": [
{
"date": "2026-03-26T10:38:44Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libruby2_5-2_5-2.5.9-150700.24.6.1.aarch64",
"product": {
"name": "libruby2_5-2_5-2.5.9-150700.24.6.1.aarch64",
"product_id": "libruby2_5-2_5-2.5.9-150700.24.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "ruby2.5-2.5.9-150700.24.6.1.aarch64",
"product": {
"name": "ruby2.5-2.5.9-150700.24.6.1.aarch64",
"product_id": "ruby2.5-2.5.9-150700.24.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "ruby2.5-devel-2.5.9-150700.24.6.1.aarch64",
"product": {
"name": "ruby2.5-devel-2.5.9-150700.24.6.1.aarch64",
"product_id": "ruby2.5-devel-2.5.9-150700.24.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "ruby2.5-devel-extra-2.5.9-150700.24.6.1.aarch64",
"product": {
"name": "ruby2.5-devel-extra-2.5.9-150700.24.6.1.aarch64",
"product_id": "ruby2.5-devel-extra-2.5.9-150700.24.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "ruby2.5-doc-2.5.9-150700.24.6.1.aarch64",
"product": {
"name": "ruby2.5-doc-2.5.9-150700.24.6.1.aarch64",
"product_id": "ruby2.5-doc-2.5.9-150700.24.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "ruby2.5-stdlib-2.5.9-150700.24.6.1.aarch64",
"product": {
"name": "ruby2.5-stdlib-2.5.9-150700.24.6.1.aarch64",
"product_id": "ruby2.5-stdlib-2.5.9-150700.24.6.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libruby2_5-2_5-2.5.9-150700.24.6.1.i586",
"product": {
"name": "libruby2_5-2_5-2.5.9-150700.24.6.1.i586",
"product_id": "libruby2_5-2_5-2.5.9-150700.24.6.1.i586"
}
},
{
"category": "product_version",
"name": "ruby2.5-2.5.9-150700.24.6.1.i586",
"product": {
"name": "ruby2.5-2.5.9-150700.24.6.1.i586",
"product_id": "ruby2.5-2.5.9-150700.24.6.1.i586"
}
},
{
"category": "product_version",
"name": "ruby2.5-devel-2.5.9-150700.24.6.1.i586",
"product": {
"name": "ruby2.5-devel-2.5.9-150700.24.6.1.i586",
"product_id": "ruby2.5-devel-2.5.9-150700.24.6.1.i586"
}
},
{
"category": "product_version",
"name": "ruby2.5-devel-extra-2.5.9-150700.24.6.1.i586",
"product": {
"name": "ruby2.5-devel-extra-2.5.9-150700.24.6.1.i586",
"product_id": "ruby2.5-devel-extra-2.5.9-150700.24.6.1.i586"
}
},
{
"category": "product_version",
"name": "ruby2.5-doc-2.5.9-150700.24.6.1.i586",
"product": {
"name": "ruby2.5-doc-2.5.9-150700.24.6.1.i586",
"product_id": "ruby2.5-doc-2.5.9-150700.24.6.1.i586"
}
},
{
"category": "product_version",
"name": "ruby2.5-stdlib-2.5.9-150700.24.6.1.i586",
"product": {
"name": "ruby2.5-stdlib-2.5.9-150700.24.6.1.i586",
"product_id": "ruby2.5-stdlib-2.5.9-150700.24.6.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "ruby2.5-doc-ri-2.5.9-150700.24.6.1.noarch",
"product": {
"name": "ruby2.5-doc-ri-2.5.9-150700.24.6.1.noarch",
"product_id": "ruby2.5-doc-ri-2.5.9-150700.24.6.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "libruby2_5-2_5-2.5.9-150700.24.6.1.ppc64le",
"product": {
"name": "libruby2_5-2_5-2.5.9-150700.24.6.1.ppc64le",
"product_id": "libruby2_5-2_5-2.5.9-150700.24.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "ruby2.5-2.5.9-150700.24.6.1.ppc64le",
"product": {
"name": "ruby2.5-2.5.9-150700.24.6.1.ppc64le",
"product_id": "ruby2.5-2.5.9-150700.24.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "ruby2.5-devel-2.5.9-150700.24.6.1.ppc64le",
"product": {
"name": "ruby2.5-devel-2.5.9-150700.24.6.1.ppc64le",
"product_id": "ruby2.5-devel-2.5.9-150700.24.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "ruby2.5-devel-extra-2.5.9-150700.24.6.1.ppc64le",
"product": {
"name": "ruby2.5-devel-extra-2.5.9-150700.24.6.1.ppc64le",
"product_id": "ruby2.5-devel-extra-2.5.9-150700.24.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "ruby2.5-doc-2.5.9-150700.24.6.1.ppc64le",
"product": {
"name": "ruby2.5-doc-2.5.9-150700.24.6.1.ppc64le",
"product_id": "ruby2.5-doc-2.5.9-150700.24.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "ruby2.5-stdlib-2.5.9-150700.24.6.1.ppc64le",
"product": {
"name": "ruby2.5-stdlib-2.5.9-150700.24.6.1.ppc64le",
"product_id": "ruby2.5-stdlib-2.5.9-150700.24.6.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libruby2_5-2_5-2.5.9-150700.24.6.1.s390x",
"product": {
"name": "libruby2_5-2_5-2.5.9-150700.24.6.1.s390x",
"product_id": "libruby2_5-2_5-2.5.9-150700.24.6.1.s390x"
}
},
{
"category": "product_version",
"name": "ruby2.5-2.5.9-150700.24.6.1.s390x",
"product": {
"name": "ruby2.5-2.5.9-150700.24.6.1.s390x",
"product_id": "ruby2.5-2.5.9-150700.24.6.1.s390x"
}
},
{
"category": "product_version",
"name": "ruby2.5-devel-2.5.9-150700.24.6.1.s390x",
"product": {
"name": "ruby2.5-devel-2.5.9-150700.24.6.1.s390x",
"product_id": "ruby2.5-devel-2.5.9-150700.24.6.1.s390x"
}
},
{
"category": "product_version",
"name": "ruby2.5-devel-extra-2.5.9-150700.24.6.1.s390x",
"product": {
"name": "ruby2.5-devel-extra-2.5.9-150700.24.6.1.s390x",
"product_id": "ruby2.5-devel-extra-2.5.9-150700.24.6.1.s390x"
}
},
{
"category": "product_version",
"name": "ruby2.5-doc-2.5.9-150700.24.6.1.s390x",
"product": {
"name": "ruby2.5-doc-2.5.9-150700.24.6.1.s390x",
"product_id": "ruby2.5-doc-2.5.9-150700.24.6.1.s390x"
}
},
{
"category": "product_version",
"name": "ruby2.5-stdlib-2.5.9-150700.24.6.1.s390x",
"product": {
"name": "ruby2.5-stdlib-2.5.9-150700.24.6.1.s390x",
"product_id": "ruby2.5-stdlib-2.5.9-150700.24.6.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libruby2_5-2_5-2.5.9-150700.24.6.1.x86_64",
"product": {
"name": "libruby2_5-2_5-2.5.9-150700.24.6.1.x86_64",
"product_id": "libruby2_5-2_5-2.5.9-150700.24.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "ruby2.5-2.5.9-150700.24.6.1.x86_64",
"product": {
"name": "ruby2.5-2.5.9-150700.24.6.1.x86_64",
"product_id": "ruby2.5-2.5.9-150700.24.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "ruby2.5-devel-2.5.9-150700.24.6.1.x86_64",
"product": {
"name": "ruby2.5-devel-2.5.9-150700.24.6.1.x86_64",
"product_id": "ruby2.5-devel-2.5.9-150700.24.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "ruby2.5-devel-extra-2.5.9-150700.24.6.1.x86_64",
"product": {
"name": "ruby2.5-devel-extra-2.5.9-150700.24.6.1.x86_64",
"product_id": "ruby2.5-devel-extra-2.5.9-150700.24.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "ruby2.5-doc-2.5.9-150700.24.6.1.x86_64",
"product": {
"name": "ruby2.5-doc-2.5.9-150700.24.6.1.x86_64",
"product_id": "ruby2.5-doc-2.5.9-150700.24.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "ruby2.5-stdlib-2.5.9-150700.24.6.1.x86_64",
"product": {
"name": "ruby2.5-stdlib-2.5.9-150700.24.6.1.x86_64",
"product_id": "ruby2.5-stdlib-2.5.9-150700.24.6.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-basesystem:15:sp7"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libruby2_5-2_5-2.5.9-150700.24.6.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libruby2_5-2_5-2.5.9-150700.24.6.1.aarch64"
},
"product_reference": "libruby2_5-2_5-2.5.9-150700.24.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libruby2_5-2_5-2.5.9-150700.24.6.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libruby2_5-2_5-2.5.9-150700.24.6.1.ppc64le"
},
"product_reference": "libruby2_5-2_5-2.5.9-150700.24.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libruby2_5-2_5-2.5.9-150700.24.6.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libruby2_5-2_5-2.5.9-150700.24.6.1.s390x"
},
"product_reference": "libruby2_5-2_5-2.5.9-150700.24.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libruby2_5-2_5-2.5.9-150700.24.6.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libruby2_5-2_5-2.5.9-150700.24.6.1.x86_64"
},
"product_reference": "libruby2_5-2_5-2.5.9-150700.24.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby2.5-2.5.9-150700.24.6.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-2.5.9-150700.24.6.1.aarch64"
},
"product_reference": "ruby2.5-2.5.9-150700.24.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby2.5-2.5.9-150700.24.6.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-2.5.9-150700.24.6.1.ppc64le"
},
"product_reference": "ruby2.5-2.5.9-150700.24.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby2.5-2.5.9-150700.24.6.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-2.5.9-150700.24.6.1.s390x"
},
"product_reference": "ruby2.5-2.5.9-150700.24.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby2.5-2.5.9-150700.24.6.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-2.5.9-150700.24.6.1.x86_64"
},
"product_reference": "ruby2.5-2.5.9-150700.24.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby2.5-devel-2.5.9-150700.24.6.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-devel-2.5.9-150700.24.6.1.aarch64"
},
"product_reference": "ruby2.5-devel-2.5.9-150700.24.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby2.5-devel-2.5.9-150700.24.6.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-devel-2.5.9-150700.24.6.1.ppc64le"
},
"product_reference": "ruby2.5-devel-2.5.9-150700.24.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby2.5-devel-2.5.9-150700.24.6.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-devel-2.5.9-150700.24.6.1.s390x"
},
"product_reference": "ruby2.5-devel-2.5.9-150700.24.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby2.5-devel-2.5.9-150700.24.6.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-devel-2.5.9-150700.24.6.1.x86_64"
},
"product_reference": "ruby2.5-devel-2.5.9-150700.24.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby2.5-devel-extra-2.5.9-150700.24.6.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-devel-extra-2.5.9-150700.24.6.1.aarch64"
},
"product_reference": "ruby2.5-devel-extra-2.5.9-150700.24.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby2.5-devel-extra-2.5.9-150700.24.6.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-devel-extra-2.5.9-150700.24.6.1.ppc64le"
},
"product_reference": "ruby2.5-devel-extra-2.5.9-150700.24.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby2.5-devel-extra-2.5.9-150700.24.6.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-devel-extra-2.5.9-150700.24.6.1.s390x"
},
"product_reference": "ruby2.5-devel-extra-2.5.9-150700.24.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby2.5-devel-extra-2.5.9-150700.24.6.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-devel-extra-2.5.9-150700.24.6.1.x86_64"
},
"product_reference": "ruby2.5-devel-extra-2.5.9-150700.24.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby2.5-stdlib-2.5.9-150700.24.6.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-stdlib-2.5.9-150700.24.6.1.aarch64"
},
"product_reference": "ruby2.5-stdlib-2.5.9-150700.24.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby2.5-stdlib-2.5.9-150700.24.6.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-stdlib-2.5.9-150700.24.6.1.ppc64le"
},
"product_reference": "ruby2.5-stdlib-2.5.9-150700.24.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby2.5-stdlib-2.5.9-150700.24.6.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-stdlib-2.5.9-150700.24.6.1.s390x"
},
"product_reference": "ruby2.5-stdlib-2.5.9-150700.24.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby2.5-stdlib-2.5.9-150700.24.6.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-stdlib-2.5.9-150700.24.6.1.x86_64"
},
"product_reference": "ruby2.5-stdlib-2.5.9-150700.24.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-49761",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49761"
}
],
"notes": [
{
"category": "general",
"text": "REXML is an XML toolkit for Ruby. The REXML gem before 3.3.9 has a ReDoS vulnerability when it parses an XML that has many digits between \u0026# and x...; in a hex numeric character reference (\u0026#x...;). This does not happen with Ruby 3.2 or later. Ruby 3.1 is the only affected maintained Ruby. The REXML gem 3.3.9 or later include the patch to fix the vulnerability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libruby2_5-2_5-2.5.9-150700.24.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libruby2_5-2_5-2.5.9-150700.24.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libruby2_5-2_5-2.5.9-150700.24.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libruby2_5-2_5-2.5.9-150700.24.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-2.5.9-150700.24.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-2.5.9-150700.24.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-2.5.9-150700.24.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-2.5.9-150700.24.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-devel-2.5.9-150700.24.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-devel-2.5.9-150700.24.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-devel-2.5.9-150700.24.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-devel-2.5.9-150700.24.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-devel-extra-2.5.9-150700.24.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-devel-extra-2.5.9-150700.24.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-devel-extra-2.5.9-150700.24.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-devel-extra-2.5.9-150700.24.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-stdlib-2.5.9-150700.24.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-stdlib-2.5.9-150700.24.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-stdlib-2.5.9-150700.24.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-stdlib-2.5.9-150700.24.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49761",
"url": "https://www.suse.com/security/cve/CVE-2024-49761"
},
{
"category": "external",
"summary": "SUSE Bug 1232440 for CVE-2024-49761",
"url": "https://bugzilla.suse.com/1232440"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libruby2_5-2_5-2.5.9-150700.24.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libruby2_5-2_5-2.5.9-150700.24.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libruby2_5-2_5-2.5.9-150700.24.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libruby2_5-2_5-2.5.9-150700.24.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-2.5.9-150700.24.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-2.5.9-150700.24.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-2.5.9-150700.24.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-2.5.9-150700.24.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-devel-2.5.9-150700.24.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-devel-2.5.9-150700.24.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-devel-2.5.9-150700.24.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-devel-2.5.9-150700.24.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-devel-extra-2.5.9-150700.24.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-devel-extra-2.5.9-150700.24.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-devel-extra-2.5.9-150700.24.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-devel-extra-2.5.9-150700.24.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-stdlib-2.5.9-150700.24.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-stdlib-2.5.9-150700.24.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-stdlib-2.5.9-150700.24.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-stdlib-2.5.9-150700.24.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libruby2_5-2_5-2.5.9-150700.24.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libruby2_5-2_5-2.5.9-150700.24.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libruby2_5-2_5-2.5.9-150700.24.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libruby2_5-2_5-2.5.9-150700.24.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-2.5.9-150700.24.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-2.5.9-150700.24.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-2.5.9-150700.24.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-2.5.9-150700.24.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-devel-2.5.9-150700.24.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-devel-2.5.9-150700.24.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-devel-2.5.9-150700.24.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-devel-2.5.9-150700.24.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-devel-extra-2.5.9-150700.24.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-devel-extra-2.5.9-150700.24.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-devel-extra-2.5.9-150700.24.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-devel-extra-2.5.9-150700.24.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-stdlib-2.5.9-150700.24.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-stdlib-2.5.9-150700.24.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-stdlib-2.5.9-150700.24.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-stdlib-2.5.9-150700.24.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-26T10:38:44Z",
"details": "moderate"
}
],
"title": "CVE-2024-49761"
},
{
"cve": "CVE-2025-58767",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-58767"
}
],
"notes": [
{
"category": "general",
"text": "REXML is an XML toolkit for Ruby. The REXML gems from 3.3.3 to 3.4.1 has a DoS vulnerability when parsing XML containing multiple XML declarations. If you need to parse untrusted XMLs, you may be impacted to these vulnerabilities. The REXML gem 3.4.2 or later include the patches to fix these vulnerabilities.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libruby2_5-2_5-2.5.9-150700.24.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libruby2_5-2_5-2.5.9-150700.24.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libruby2_5-2_5-2.5.9-150700.24.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libruby2_5-2_5-2.5.9-150700.24.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-2.5.9-150700.24.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-2.5.9-150700.24.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-2.5.9-150700.24.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-2.5.9-150700.24.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-devel-2.5.9-150700.24.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-devel-2.5.9-150700.24.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-devel-2.5.9-150700.24.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-devel-2.5.9-150700.24.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-devel-extra-2.5.9-150700.24.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-devel-extra-2.5.9-150700.24.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-devel-extra-2.5.9-150700.24.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-devel-extra-2.5.9-150700.24.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-stdlib-2.5.9-150700.24.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-stdlib-2.5.9-150700.24.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-stdlib-2.5.9-150700.24.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-stdlib-2.5.9-150700.24.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-58767",
"url": "https://www.suse.com/security/cve/CVE-2025-58767"
},
{
"category": "external",
"summary": "SUSE Bug 1250016 for CVE-2025-58767",
"url": "https://bugzilla.suse.com/1250016"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libruby2_5-2_5-2.5.9-150700.24.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libruby2_5-2_5-2.5.9-150700.24.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libruby2_5-2_5-2.5.9-150700.24.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libruby2_5-2_5-2.5.9-150700.24.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-2.5.9-150700.24.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-2.5.9-150700.24.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-2.5.9-150700.24.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-2.5.9-150700.24.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-devel-2.5.9-150700.24.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-devel-2.5.9-150700.24.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-devel-2.5.9-150700.24.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-devel-2.5.9-150700.24.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-devel-extra-2.5.9-150700.24.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-devel-extra-2.5.9-150700.24.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-devel-extra-2.5.9-150700.24.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-devel-extra-2.5.9-150700.24.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-stdlib-2.5.9-150700.24.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-stdlib-2.5.9-150700.24.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-stdlib-2.5.9-150700.24.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-stdlib-2.5.9-150700.24.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.9,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libruby2_5-2_5-2.5.9-150700.24.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libruby2_5-2_5-2.5.9-150700.24.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libruby2_5-2_5-2.5.9-150700.24.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libruby2_5-2_5-2.5.9-150700.24.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-2.5.9-150700.24.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-2.5.9-150700.24.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-2.5.9-150700.24.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-2.5.9-150700.24.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-devel-2.5.9-150700.24.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-devel-2.5.9-150700.24.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-devel-2.5.9-150700.24.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-devel-2.5.9-150700.24.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-devel-extra-2.5.9-150700.24.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-devel-extra-2.5.9-150700.24.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-devel-extra-2.5.9-150700.24.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-devel-extra-2.5.9-150700.24.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-stdlib-2.5.9-150700.24.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-stdlib-2.5.9-150700.24.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-stdlib-2.5.9-150700.24.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-stdlib-2.5.9-150700.24.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-26T10:38:44Z",
"details": "low"
}
],
"title": "CVE-2025-58767"
},
{
"cve": "CVE-2026-27820",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-27820"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libruby2_5-2_5-2.5.9-150700.24.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libruby2_5-2_5-2.5.9-150700.24.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libruby2_5-2_5-2.5.9-150700.24.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libruby2_5-2_5-2.5.9-150700.24.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-2.5.9-150700.24.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-2.5.9-150700.24.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-2.5.9-150700.24.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-2.5.9-150700.24.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-devel-2.5.9-150700.24.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-devel-2.5.9-150700.24.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-devel-2.5.9-150700.24.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-devel-2.5.9-150700.24.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-devel-extra-2.5.9-150700.24.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-devel-extra-2.5.9-150700.24.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-devel-extra-2.5.9-150700.24.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-devel-extra-2.5.9-150700.24.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-stdlib-2.5.9-150700.24.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-stdlib-2.5.9-150700.24.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-stdlib-2.5.9-150700.24.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-stdlib-2.5.9-150700.24.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-27820",
"url": "https://www.suse.com/security/cve/CVE-2026-27820"
},
{
"category": "external",
"summary": "SUSE Bug 1259239 for CVE-2026-27820",
"url": "https://bugzilla.suse.com/1259239"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libruby2_5-2_5-2.5.9-150700.24.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libruby2_5-2_5-2.5.9-150700.24.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libruby2_5-2_5-2.5.9-150700.24.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libruby2_5-2_5-2.5.9-150700.24.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-2.5.9-150700.24.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-2.5.9-150700.24.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-2.5.9-150700.24.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-2.5.9-150700.24.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-devel-2.5.9-150700.24.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-devel-2.5.9-150700.24.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-devel-2.5.9-150700.24.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-devel-2.5.9-150700.24.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-devel-extra-2.5.9-150700.24.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-devel-extra-2.5.9-150700.24.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-devel-extra-2.5.9-150700.24.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-devel-extra-2.5.9-150700.24.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-stdlib-2.5.9-150700.24.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-stdlib-2.5.9-150700.24.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-stdlib-2.5.9-150700.24.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-stdlib-2.5.9-150700.24.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libruby2_5-2_5-2.5.9-150700.24.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libruby2_5-2_5-2.5.9-150700.24.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libruby2_5-2_5-2.5.9-150700.24.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libruby2_5-2_5-2.5.9-150700.24.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-2.5.9-150700.24.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-2.5.9-150700.24.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-2.5.9-150700.24.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-2.5.9-150700.24.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-devel-2.5.9-150700.24.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-devel-2.5.9-150700.24.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-devel-2.5.9-150700.24.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-devel-2.5.9-150700.24.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-devel-extra-2.5.9-150700.24.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-devel-extra-2.5.9-150700.24.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-devel-extra-2.5.9-150700.24.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-devel-extra-2.5.9-150700.24.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-stdlib-2.5.9-150700.24.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-stdlib-2.5.9-150700.24.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-stdlib-2.5.9-150700.24.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ruby2.5-stdlib-2.5.9-150700.24.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-26T10:38:44Z",
"details": "important"
}
],
"title": "CVE-2026-27820"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…