{ "document":{ "aggregate_severity":{ "namespace":"https://nvd.nist.gov/vuln-metrics/cvss", "text":"Low" }, "category":"csaf_vex", "csaf_version":"2.0", "distribution":{ "tlp":{ "label":"WHITE", "url":"https:/www.first.org/tlp/" } }, "lang":"en", "notes":[ { "text":"rubygem-actionmailer security update", "category":"general", "title":"Synopsis" }, { "text":"An update for rubygem-actionmailer is now available for openEuler-22.03-LTS-SP4,openEuler-22.03-LTS-SP3,openEuler-20.03-LTS-SP4,openEuler-22.03-LTS-SP1,openEuler-24.03-LTS", "category":"general", "title":"Summary" }, { "text":"Email on Rails. Compose, deliver, and test emails using the familiar controller/view pattern. First-class support for multipart email and attachments.\n\nSecurity Fix(es):\n\nAction Mailer is a framework for designing email service layers. Starting in version 3.0.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1, there is a possible ReDoS vulnerability in the block_format helper in Action Mailer. Carefully crafted text can cause the block_format helper to take an unexpected amount of time, possibly resulting in a DoS vulnerability. All users running an affected release should either upgrade to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, or 7.2.1.1 or apply the relevant patch immediately. As a workaround, users can avoid calling the `block_format` helper or upgrade to Ruby 3.2. Ruby 3.2 has mitigations for this problem, so Rails applications using Ruby 3.2 or newer are unaffected. Rails 8.0.0.beta1 requires Ruby 3.2 or greater so is unaffected.(CVE-2024-47889)", "category":"general", "title":"Description" }, { "text":"An update for rubygem-actionmailer is now available for openEuler-22.03-LTS-SP4,openEuler-22.03-LTS-SP3,openEuler-20.03-LTS-SP4,openEuler-22.03-LTS-SP1,openEuler-24.03-LTS.\n\nopenEuler Security has rated this update as having a security impact of low. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.", "category":"general", "title":"Topic" }, { "text":"Low", "category":"general", "title":"Severity" }, { "text":"rubygem-actionmailer", "category":"general", "title":"Affected Component" } ], "publisher":{ "issuing_authority":"openEuler security committee", "name":"openEuler", "namespace":"https://www.openeuler.org", "contact_details":"openeuler-security@openeuler.org", "category":"vendor" }, "references":[ { "summary":"openEuler-SA-2024-2383", "category":"self", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-2383" }, { "summary":"CVE-2024-47889", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-47889&packageName=rubygem-actionmailer" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-47889" }, { "summary":"openEuler-SA-2024-2383 vex file", "category":"self", "url":"https://repo.openeuler.org/security/data/csaf/advisories/2024/csaf-openeuler-sa-2024-2383.json" } ], "title":"An update for rubygem-actionmailer is now available for openEuler-22.03-LTS-SP4,openEuler-22.03-LTS-SP3,openEuler-20.03-LTS-SP4,openEuler-22.03-LTS-SP1,openEuler-24.03-LTS", "tracking":{ "initial_release_date":"2024-11-15T20:13:34+08:00", "revision_history":[ { "date":"2024-11-15T20:13:34+08:00", "summary":"Initial", "number":"1.0.0" } ], "generator":{ "date":"2024-11-15T20:13:34+08:00", "engine":{ "name":"openEuler CSAF Tool V1.0" } }, "current_release_date":"2024-11-15T20:13:34+08:00", "id":"openEuler-SA-2024-2383", "version":"1.0.0", "status":"final" } }, "product_tree":{ "branches":[ { "name":"openEuler", "category":"vendor", "branches":[ { "name":"openEuler", "branches":[ { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4" }, "product_id":"openEuler-22.03-LTS-SP4", "name":"openEuler-22.03-LTS-SP4" }, "name":"openEuler-22.03-LTS-SP4", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"openEuler-22.03-LTS-SP3", "name":"openEuler-22.03-LTS-SP3" }, "name":"openEuler-22.03-LTS-SP3", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4" }, "product_id":"openEuler-20.03-LTS-SP4", "name":"openEuler-20.03-LTS-SP4" }, "name":"openEuler-20.03-LTS-SP4", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP1" }, "product_id":"openEuler-22.03-LTS-SP1", "name":"openEuler-22.03-LTS-SP1" }, "name":"openEuler-22.03-LTS-SP1", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS" }, "product_id":"openEuler-24.03-LTS", "name":"openEuler-24.03-LTS" }, "name":"openEuler-24.03-LTS", "category":"product_version" } ], "category":"product_name" }, { "name":"noarch", "branches":[ { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4" }, "product_id":"rubygem-actionmailer-6.1.4.1-2.oe2203sp4.noarch.rpm", "name":"rubygem-actionmailer-6.1.4.1-2.oe2203sp4.noarch.rpm" }, "name":"rubygem-actionmailer-6.1.4.1-2.oe2203sp4.noarch.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4" }, "product_id":"rubygem-actionmailer-doc-6.1.4.1-2.oe2203sp4.noarch.rpm", "name":"rubygem-actionmailer-doc-6.1.4.1-2.oe2203sp4.noarch.rpm" }, "name":"rubygem-actionmailer-doc-6.1.4.1-2.oe2203sp4.noarch.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"rubygem-actionmailer-6.1.4.1-2.oe2203sp3.noarch.rpm", "name":"rubygem-actionmailer-6.1.4.1-2.oe2203sp3.noarch.rpm" }, "name":"rubygem-actionmailer-6.1.4.1-2.oe2203sp3.noarch.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"rubygem-actionmailer-doc-6.1.4.1-2.oe2203sp3.noarch.rpm", "name":"rubygem-actionmailer-doc-6.1.4.1-2.oe2203sp3.noarch.rpm" }, "name":"rubygem-actionmailer-doc-6.1.4.1-2.oe2203sp3.noarch.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4" }, "product_id":"rubygem-actionmailer-5.2.4.4-2.oe2003sp4.noarch.rpm", "name":"rubygem-actionmailer-5.2.4.4-2.oe2003sp4.noarch.rpm" }, "name":"rubygem-actionmailer-5.2.4.4-2.oe2003sp4.noarch.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4" }, "product_id":"rubygem-actionmailer-doc-5.2.4.4-2.oe2003sp4.noarch.rpm", "name":"rubygem-actionmailer-doc-5.2.4.4-2.oe2003sp4.noarch.rpm" }, "name":"rubygem-actionmailer-doc-5.2.4.4-2.oe2003sp4.noarch.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP1" }, "product_id":"rubygem-actionmailer-6.1.4.1-2.oe2203sp1.noarch.rpm", "name":"rubygem-actionmailer-6.1.4.1-2.oe2203sp1.noarch.rpm" }, "name":"rubygem-actionmailer-6.1.4.1-2.oe2203sp1.noarch.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP1" }, "product_id":"rubygem-actionmailer-doc-6.1.4.1-2.oe2203sp1.noarch.rpm", "name":"rubygem-actionmailer-doc-6.1.4.1-2.oe2203sp1.noarch.rpm" }, "name":"rubygem-actionmailer-doc-6.1.4.1-2.oe2203sp1.noarch.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS" }, "product_id":"rubygem-actionmailer-7.0.7-2.oe2403.noarch.rpm", "name":"rubygem-actionmailer-7.0.7-2.oe2403.noarch.rpm" }, "name":"rubygem-actionmailer-7.0.7-2.oe2403.noarch.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS" }, "product_id":"rubygem-actionmailer-doc-7.0.7-2.oe2403.noarch.rpm", "name":"rubygem-actionmailer-doc-7.0.7-2.oe2403.noarch.rpm" }, "name":"rubygem-actionmailer-doc-7.0.7-2.oe2403.noarch.rpm", "category":"product_version" } ], "category":"architecture" }, { "name":"src", "branches":[ { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4" }, "product_id":"rubygem-actionmailer-6.1.4.1-2.oe2203sp4.src.rpm", "name":"rubygem-actionmailer-6.1.4.1-2.oe2203sp4.src.rpm" }, "name":"rubygem-actionmailer-6.1.4.1-2.oe2203sp4.src.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"rubygem-actionmailer-6.1.4.1-2.oe2203sp3.src.rpm", "name":"rubygem-actionmailer-6.1.4.1-2.oe2203sp3.src.rpm" }, "name":"rubygem-actionmailer-6.1.4.1-2.oe2203sp3.src.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4" }, "product_id":"rubygem-actionmailer-5.2.4.4-2.oe2003sp4.src.rpm", "name":"rubygem-actionmailer-5.2.4.4-2.oe2003sp4.src.rpm" }, "name":"rubygem-actionmailer-5.2.4.4-2.oe2003sp4.src.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP1" }, "product_id":"rubygem-actionmailer-6.1.4.1-2.oe2203sp1.src.rpm", "name":"rubygem-actionmailer-6.1.4.1-2.oe2203sp1.src.rpm" }, "name":"rubygem-actionmailer-6.1.4.1-2.oe2203sp1.src.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS" }, "product_id":"rubygem-actionmailer-7.0.7-2.oe2403.src.rpm", "name":"rubygem-actionmailer-7.0.7-2.oe2403.src.rpm" }, "name":"rubygem-actionmailer-7.0.7-2.oe2403.src.rpm", "category":"product_version" } ], "category":"architecture" } ] } ], "relationships":[ { "relates_to_product_reference":"openEuler-22.03-LTS-SP4", "product_reference":"rubygem-actionmailer-6.1.4.1-2.oe2203sp4.noarch.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP4:rubygem-actionmailer-6.1.4.1-2.oe2203sp4.noarch", "name":"rubygem-actionmailer-6.1.4.1-2.oe2203sp4.noarch as a component of openEuler-22.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP4", "product_reference":"rubygem-actionmailer-doc-6.1.4.1-2.oe2203sp4.noarch.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP4:rubygem-actionmailer-doc-6.1.4.1-2.oe2203sp4.noarch", "name":"rubygem-actionmailer-doc-6.1.4.1-2.oe2203sp4.noarch as a component of openEuler-22.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"rubygem-actionmailer-6.1.4.1-2.oe2203sp3.noarch.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:rubygem-actionmailer-6.1.4.1-2.oe2203sp3.noarch", "name":"rubygem-actionmailer-6.1.4.1-2.oe2203sp3.noarch as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"rubygem-actionmailer-doc-6.1.4.1-2.oe2203sp3.noarch.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:rubygem-actionmailer-doc-6.1.4.1-2.oe2203sp3.noarch", "name":"rubygem-actionmailer-doc-6.1.4.1-2.oe2203sp3.noarch as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-20.03-LTS-SP4", "product_reference":"rubygem-actionmailer-5.2.4.4-2.oe2003sp4.noarch.rpm", "full_product_name":{ "product_id":"openEuler-20.03-LTS-SP4:rubygem-actionmailer-5.2.4.4-2.oe2003sp4.noarch", "name":"rubygem-actionmailer-5.2.4.4-2.oe2003sp4.noarch as a component of openEuler-20.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-20.03-LTS-SP4", "product_reference":"rubygem-actionmailer-doc-5.2.4.4-2.oe2003sp4.noarch.rpm", "full_product_name":{ "product_id":"openEuler-20.03-LTS-SP4:rubygem-actionmailer-doc-5.2.4.4-2.oe2003sp4.noarch", "name":"rubygem-actionmailer-doc-5.2.4.4-2.oe2003sp4.noarch as a component of openEuler-20.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP1", "product_reference":"rubygem-actionmailer-6.1.4.1-2.oe2203sp1.noarch.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP1:rubygem-actionmailer-6.1.4.1-2.oe2203sp1.noarch", "name":"rubygem-actionmailer-6.1.4.1-2.oe2203sp1.noarch as a component of openEuler-22.03-LTS-SP1" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP1", "product_reference":"rubygem-actionmailer-doc-6.1.4.1-2.oe2203sp1.noarch.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP1:rubygem-actionmailer-doc-6.1.4.1-2.oe2203sp1.noarch", "name":"rubygem-actionmailer-doc-6.1.4.1-2.oe2203sp1.noarch as a component of openEuler-22.03-LTS-SP1" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS", "product_reference":"rubygem-actionmailer-7.0.7-2.oe2403.noarch.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS:rubygem-actionmailer-7.0.7-2.oe2403.noarch", "name":"rubygem-actionmailer-7.0.7-2.oe2403.noarch as a component of openEuler-24.03-LTS" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS", "product_reference":"rubygem-actionmailer-doc-7.0.7-2.oe2403.noarch.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS:rubygem-actionmailer-doc-7.0.7-2.oe2403.noarch", "name":"rubygem-actionmailer-doc-7.0.7-2.oe2403.noarch as a component of openEuler-24.03-LTS" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP4", "product_reference":"rubygem-actionmailer-6.1.4.1-2.oe2203sp4.src.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP4:rubygem-actionmailer-6.1.4.1-2.oe2203sp4.src", "name":"rubygem-actionmailer-6.1.4.1-2.oe2203sp4.src as a component of openEuler-22.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"rubygem-actionmailer-6.1.4.1-2.oe2203sp3.src.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:rubygem-actionmailer-6.1.4.1-2.oe2203sp3.src", "name":"rubygem-actionmailer-6.1.4.1-2.oe2203sp3.src as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-20.03-LTS-SP4", "product_reference":"rubygem-actionmailer-5.2.4.4-2.oe2003sp4.src.rpm", "full_product_name":{ "product_id":"openEuler-20.03-LTS-SP4:rubygem-actionmailer-5.2.4.4-2.oe2003sp4.src", "name":"rubygem-actionmailer-5.2.4.4-2.oe2003sp4.src as a component of openEuler-20.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP1", "product_reference":"rubygem-actionmailer-6.1.4.1-2.oe2203sp1.src.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP1:rubygem-actionmailer-6.1.4.1-2.oe2203sp1.src", "name":"rubygem-actionmailer-6.1.4.1-2.oe2203sp1.src as a component of openEuler-22.03-LTS-SP1" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS", "product_reference":"rubygem-actionmailer-7.0.7-2.oe2403.src.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS:rubygem-actionmailer-7.0.7-2.oe2403.src", "name":"rubygem-actionmailer-7.0.7-2.oe2403.src as a component of openEuler-24.03-LTS" }, "category":"default_component_of" } ] }, "vulnerabilities":[ { "cve":"CVE-2024-47889", "notes":[ { "text":"Action Mailer is a framework for designing email service layers. Starting in version 3.0.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1, there is a possible ReDoS vulnerability in the block_format helper in Action Mailer. Carefully crafted text can cause the block_format helper to take an unexpected amount of time, possibly resulting in a DoS vulnerability. All users running an affected release should either upgrade to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, or 7.2.1.1 or apply the relevant patch immediately. As a workaround, users can avoid calling the `block_format` helper or upgrade to Ruby 3.2. Ruby 3.2 has mitigations for this problem, so Rails applications using Ruby 3.2 or newer are unaffected. Rails 8.0.0.beta1 requires Ruby 3.2 or greater so is unaffected.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP4:rubygem-actionmailer-6.1.4.1-2.oe2203sp4.noarch", "openEuler-22.03-LTS-SP4:rubygem-actionmailer-doc-6.1.4.1-2.oe2203sp4.noarch", "openEuler-22.03-LTS-SP3:rubygem-actionmailer-6.1.4.1-2.oe2203sp3.noarch", "openEuler-22.03-LTS-SP3:rubygem-actionmailer-doc-6.1.4.1-2.oe2203sp3.noarch", "openEuler-20.03-LTS-SP4:rubygem-actionmailer-5.2.4.4-2.oe2003sp4.noarch", "openEuler-20.03-LTS-SP4:rubygem-actionmailer-doc-5.2.4.4-2.oe2003sp4.noarch", "openEuler-22.03-LTS-SP1:rubygem-actionmailer-6.1.4.1-2.oe2203sp1.noarch", "openEuler-22.03-LTS-SP1:rubygem-actionmailer-doc-6.1.4.1-2.oe2203sp1.noarch", "openEuler-24.03-LTS:rubygem-actionmailer-7.0.7-2.oe2403.noarch", "openEuler-24.03-LTS:rubygem-actionmailer-doc-7.0.7-2.oe2403.noarch", "openEuler-22.03-LTS-SP4:rubygem-actionmailer-6.1.4.1-2.oe2203sp4.src", "openEuler-22.03-LTS-SP3:rubygem-actionmailer-6.1.4.1-2.oe2203sp3.src", "openEuler-20.03-LTS-SP4:rubygem-actionmailer-5.2.4.4-2.oe2003sp4.src", "openEuler-22.03-LTS-SP1:rubygem-actionmailer-6.1.4.1-2.oe2203sp1.src", "openEuler-24.03-LTS:rubygem-actionmailer-7.0.7-2.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP4:rubygem-actionmailer-6.1.4.1-2.oe2203sp4.noarch", "openEuler-22.03-LTS-SP4:rubygem-actionmailer-doc-6.1.4.1-2.oe2203sp4.noarch", "openEuler-22.03-LTS-SP3:rubygem-actionmailer-6.1.4.1-2.oe2203sp3.noarch", "openEuler-22.03-LTS-SP3:rubygem-actionmailer-doc-6.1.4.1-2.oe2203sp3.noarch", "openEuler-20.03-LTS-SP4:rubygem-actionmailer-5.2.4.4-2.oe2003sp4.noarch", "openEuler-20.03-LTS-SP4:rubygem-actionmailer-doc-5.2.4.4-2.oe2003sp4.noarch", "openEuler-22.03-LTS-SP1:rubygem-actionmailer-6.1.4.1-2.oe2203sp1.noarch", "openEuler-22.03-LTS-SP1:rubygem-actionmailer-doc-6.1.4.1-2.oe2203sp1.noarch", "openEuler-24.03-LTS:rubygem-actionmailer-7.0.7-2.oe2403.noarch", "openEuler-24.03-LTS:rubygem-actionmailer-doc-7.0.7-2.oe2403.noarch", "openEuler-22.03-LTS-SP4:rubygem-actionmailer-6.1.4.1-2.oe2203sp4.src", "openEuler-22.03-LTS-SP3:rubygem-actionmailer-6.1.4.1-2.oe2203sp3.src", "openEuler-20.03-LTS-SP4:rubygem-actionmailer-5.2.4.4-2.oe2003sp4.src", "openEuler-22.03-LTS-SP1:rubygem-actionmailer-6.1.4.1-2.oe2203sp1.src", "openEuler-24.03-LTS:rubygem-actionmailer-7.0.7-2.oe2403.src" ], "details":"rubygem-actionmailer security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-2383" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"LOW", "baseScore":3.7, "vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP4:rubygem-actionmailer-6.1.4.1-2.oe2203sp4.noarch", "openEuler-22.03-LTS-SP4:rubygem-actionmailer-doc-6.1.4.1-2.oe2203sp4.noarch", "openEuler-22.03-LTS-SP3:rubygem-actionmailer-6.1.4.1-2.oe2203sp3.noarch", "openEuler-22.03-LTS-SP3:rubygem-actionmailer-doc-6.1.4.1-2.oe2203sp3.noarch", "openEuler-20.03-LTS-SP4:rubygem-actionmailer-5.2.4.4-2.oe2003sp4.noarch", "openEuler-20.03-LTS-SP4:rubygem-actionmailer-doc-5.2.4.4-2.oe2003sp4.noarch", "openEuler-22.03-LTS-SP1:rubygem-actionmailer-6.1.4.1-2.oe2203sp1.noarch", "openEuler-22.03-LTS-SP1:rubygem-actionmailer-doc-6.1.4.1-2.oe2203sp1.noarch", "openEuler-24.03-LTS:rubygem-actionmailer-7.0.7-2.oe2403.noarch", "openEuler-24.03-LTS:rubygem-actionmailer-doc-7.0.7-2.oe2403.noarch", "openEuler-22.03-LTS-SP4:rubygem-actionmailer-6.1.4.1-2.oe2203sp4.src", "openEuler-22.03-LTS-SP3:rubygem-actionmailer-6.1.4.1-2.oe2203sp3.src", "openEuler-20.03-LTS-SP4:rubygem-actionmailer-5.2.4.4-2.oe2003sp4.src", "openEuler-22.03-LTS-SP1:rubygem-actionmailer-6.1.4.1-2.oe2203sp1.src", "openEuler-24.03-LTS:rubygem-actionmailer-7.0.7-2.oe2403.src" ] } ], "threats":[ { "details":"Low", "category":"impact" } ], "title":"CVE-2024-47889" } ] }