Ruby-Lang OpenSSL vulnerabilities

CVE-2018-16395 [CRITICAL] CVE-2018-16395: An issue was discovered in the OpenSSL library in Ruby before 2.3.8, 2.4.x before 2.4.5, 2.5.x befor An issue was discovered in the OpenSSL library in Ruby before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.2, and 2.6.x before 2.6.0-preview3. When two OpenSSL::X509::Name objects are compared using ==, depending on the ordering, non-equal objects may return true. When the first argument is one character longer than the second, or the second argument conta

CVE-2016-7798 [HIGH] CWE-326 CVE-2016-7798: The openssl gem for Ruby uses the same initialization vector (IV) in GCM Mode (aes-*-gcm) when the I The openssl gem for Ruby uses the same initialization vector (IV) in GCM Mode (aes-*-gcm) when the IV is set before the key, which makes it easier for context-dependent attackers to bypass the encryption protection mechanism.