ruby:2.5/rubygem-mongo/.../rubygem-mongo vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the ruby:2.5/rubygem-mongo package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Vulnerability	Vulnerable Version
H Inefficient Regular Expression Complexity	<0:2.5.1-2.module_el8.5.0+2625+ec418553
M CVE-2024-35176	<0:2.5.1-2.module_el8.5.0+2625+ec418553
M CVE-2024-27282	<0:2.5.1-2.module_el8.5.0+2625+ec418553
M CVE-2024-27281	<0:2.5.1-2.module_el8.5.0+2625+ec418553
M CVE-2024-27280	<0:2.5.1-2.module_el8.5.0+2625+ec418553
M Inefficient Regular Expression Complexity	<0:2.5.1-2.module_el8.5.0+2625+ec418553
M Inefficient Regular Expression Complexity	<0:2.5.1-2.module_el8.5.0+2625+ec418553
M Inefficient Regular Expression Complexity	<0:2.5.1-2.module_el8.5.0+2625+ec418553
M Out-of-bounds Read	<0:2.5.1-2.module_el8.5.0+2625+ec418553
M Arbitrary Code Injection	<0:2.5.1-2.module_el8.5.0+2625+ec418553
M CVE-2021-28965	<0:2.5.1-2.module_el8.5.0+259+8cec6917
M HTTP Request Smuggling	<0:2.5.1-2.module_el8.5.0+259+8cec6917
M Use of Uninitialized Resource	<0:2.5.1-2.module_el8.5.0+259+8cec6917
M Improper Input Validation	<0:2.5.1-2.module_el8.5.0+259+8cec6917
M Arbitrary Code Injection	<0:2.5.1-2.module_el8.5.0+259+8cec6917
M Arbitrary Code Injection	<0:2.5.1-2.module_el8.5.0+259+8cec6917
M Improper Authentication	<0:2.5.1-2.module_el8.5.0+259+8cec6917
M CVE-2019-15845	<0:2.5.1-2.module_el8.5.0+259+8cec6917
H CVE-2020-36327	<0:2.5.1-2.module_el8.5.0+259+8cec6917
M Reliance on Cookies without Validation and Integrity Checking	<0:2.5.1-2.module_el8.5.0+2625+ec418553
M Inefficient Regular Expression Complexity	<0:2.5.1-2.module_el8.5.0+2625+ec418553