ruby team

Top products

The 15 most recently published vulnerabilities affecting ruby team.

• CVE-2025-24294The attack vector is a potential Denial of Service (DoS). The vulnerability is caused by an insufficient check on the length of a decompressed domain name within a DNS packet. An attacker can cr...7.5Jul 12, 2025
• CVE-2025-6442Ruby WEBrick read_header HTTP Request Smuggling Vulnerability5.9Jun 25, 2025
• CVE-2025-43857net-imap rubygem vulnerable to possible DoS by memory exhaustion6.5Apr 28, 2025
• CVE-2025-25292Ruby SAML vulnerable to SAML authentication bypass due to namespace handling (parser differential)9.8Mar 12, 2025
• CVE-2025-25291ruby-saml vulnerable to SAML authentication bypass due to DOCTYPE handling (parser differential)9.8Mar 12, 2025
• CVE-2025-25293ruby-saml vulnerable to Remote Denial of Service (DoS) with compressed SAML responses7.5Mar 12, 2025
• CVE-2025-27788Ruby JSON Parser has Out-of-bounds Read7.5Mar 12, 2025
• CVE-2025-27221In the URI gem before 1.0.3 for Ruby, the URI handling methods (URI.join, URI#merge, URI#+) have an inadvertent leakage of authentication credentials because userinfo is retained even after changin...3.2Mar 3, 2025
• CVE-2025-27220In the CGI gem before 0.4.2 for Ruby, a Regular Expression Denial of Service (ReDoS) vulnerability exists in the Util#escapeElement method.4.0Mar 3, 2025
• CVE-2025-27219In the CGI gem before 0.4.2 for Ruby, the CGI::Cookie.parse method in the CGI library contains a potential Denial of Service (DoS) vulnerability. The method does not impose any limit on the length ...5.8Mar 3, 2025
• CVE-2025-0306Ruby: openssl: ruby marvin attack7.4Jan 9, 2025
• CVE-2024-54133Possible Content Security Policy bypass in Action Dispatch4.3Dec 10, 2024
• CVE-2024-49761REXML ReDoS vulnerability7.5Oct 28, 2024
• CVE-2024-47889Action Mailer has possible ReDoS vulnerability in block_format3.7Oct 16, 2024
• CVE-2024-47888Action Text has possible ReDoS vulnerability in plain_text_for_blockquote_node3.7Oct 16, 2024