Red Hat Security Advisory: Red Hat Hardened Images RPMs Security Update
Red Hat has issued a security advisory for its Hardened Images RPMs, specifically updating multiple ruby3.3 packages to address three vulnerabilities identified as CVE-2026-47240, CVE-2026-47241, and CVE-2026-47242. These vulnerabilities relate to issues categorized under CWE-93 and CWE-88. The advisory provides updated RPM packages for various ruby3.3 components across multiple architectures. No known exploits are reported in the wild at this time.
AI Analysis
Technical Summary
This Red Hat security advisory (RHSA-2026:40380) addresses multiple vulnerabilities in ruby3.3 packages included in Red Hat Hardened Images RPMs. The update includes new versions of ruby3.3 and associated rubygem3.3 packages for aarch64 and x86_64 architectures. The vulnerabilities fixed are identified as CVE-2026-47240, CVE-2026-47241, and CVE-2026-47242, which correspond to weaknesses classified under CWE-93 (Improper Neutralization of CRLF Sequences in HTTP Headers) and CWE-88 (Argument Injection or Modification). The advisory does not provide CVSS scores or detailed exploit information but indicates a medium severity level. No known exploits in the wild have been reported. The advisory references updated RPMs with version suffix 3.3.10-23.4.hum1 and related gem packages.
Potential Impact
The vulnerabilities affect ruby3.3 packages used in Red Hat Hardened Images, potentially allowing improper input handling or injection attacks as indicated by the CWE classifications. The medium severity suggests a moderate impact on confidentiality, integrity, or availability if exploited. However, no active exploitation has been reported, and the advisory does not detail specific attack vectors or impacts beyond the vulnerability classifications.
Mitigation Recommendations
Red Hat has released updated ruby3.3 RPM packages that address these vulnerabilities. Users of Red Hat Hardened Images should apply the provided updates (ruby3.3-3.3.10-23.4.hum1 and associated rubygem3.3 packages) to remediate these issues. Detailed update instructions and packages are available via Red Hat's official advisory and image repository at https://images.redhat.com/. There is no indication that additional mitigations are required beyond applying the official updates.
Red Hat Security Advisory: Red Hat Hardened Images RPMs Security Update
Description
Red Hat has issued a security advisory for its Hardened Images RPMs, specifically updating multiple ruby3.3 packages to address three vulnerabilities identified as CVE-2026-47240, CVE-2026-47241, and CVE-2026-47242. These vulnerabilities relate to issues categorized under CWE-93 and CWE-88. The advisory provides updated RPM packages for various ruby3.3 components across multiple architectures. No known exploits are reported in the wild at this time.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This Red Hat security advisory (RHSA-2026:40380) addresses multiple vulnerabilities in ruby3.3 packages included in Red Hat Hardened Images RPMs. The update includes new versions of ruby3.3 and associated rubygem3.3 packages for aarch64 and x86_64 architectures. The vulnerabilities fixed are identified as CVE-2026-47240, CVE-2026-47241, and CVE-2026-47242, which correspond to weaknesses classified under CWE-93 (Improper Neutralization of CRLF Sequences in HTTP Headers) and CWE-88 (Argument Injection or Modification). The advisory does not provide CVSS scores or detailed exploit information but indicates a medium severity level. No known exploits in the wild have been reported. The advisory references updated RPMs with version suffix 3.3.10-23.4.hum1 and related gem packages.
Potential Impact
The vulnerabilities affect ruby3.3 packages used in Red Hat Hardened Images, potentially allowing improper input handling or injection attacks as indicated by the CWE classifications. The medium severity suggests a moderate impact on confidentiality, integrity, or availability if exploited. However, no active exploitation has been reported, and the advisory does not detail specific attack vectors or impacts beyond the vulnerability classifications.
Mitigation Recommendations
Red Hat has released updated ruby3.3 RPM packages that address these vulnerabilities. Users of Red Hat Hardened Images should apply the provided updates (ruby3.3-3.3.10-23.4.hum1 and associated rubygem3.3 packages) to remediate these issues. Detailed update instructions and packages are available via Red Hat's official advisory and image repository at https://images.redhat.com/. There is no indication that additional mitigations are required beyond applying the official updates.
Technical Details
- Gcve Source
- db.gcve.eu
- Csaf Category
- csaf_security_advisory
- Csaf Version
- 2.0
- Publisher
- Red Hat Product Security
- Advisory Id
- RHSA-2026:40380
- Cve Count
- 2
- Additional Cves
- ["CVE-2026-47241"]
- Cvss Version
- null
Threat ID: 6a58b41868715ace43d686ed
Added to database: 07/16/2026, 10:36:08 UTC
Last enriched: 07/16/2026, 10:59:26 UTC
Last updated: 07/17/2026, 03:39:01 UTC
Views: 6
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.