Whoops, I couldn't find that page - RubySec

You may want to try a search above, or [visit the homepage](/). Also, here are some recent posts:

Nov 07

GHSA-vfpf-xmwh-8m65 (prosemirror_to_html): ProsemirrorToHtml has a Cross-Site Scripting (XSS) vulnerability through unescaped HTML attribute values

posted in •

Nov 06

GHSA-52c5-vh7f-26fx (prosemirror_to_html): Cross-Site Scripting (XSS) vulnerability through unescaped HTML attribute values

posted in •

Nov 06

CVE-2025-12790 (mqtt): MQTT does not validate hostnames

posted in •

Oct 10

CVE-2025-61921 (sinatra): Sinatra is vulnerable to ReDoS through ETag header value generation

posted in •

Oct 10

CVE-2025-61919 (rack): Rack is vulnerable to a memory-exhaustion DoS through unbounded URL-encoded body parsing

posted in •

Oct 10

CVE-2025-61780 (rack): Rack has a Possible Information Disclosure Vulnerability

posted in •

Oct 07

CVE-2025-61772 (rack): Rack's multipart parser buffers unbounded per-part headers, enabling DoS (memory exhaustion)

posted in •

Oct 07

CVE-2025-61771 (rack): Multipart parser buffers large non‑file fields entirely in memory, enabling DoS (memory exhaustion)

posted in •

Oct 07

CVE-2025-61770 (rack): Rack's unbounded multipart preamble buffering enables DoS (memory exhaustion)

posted in •

Oct 07

CVE-2025-61594 (uri): CVE-2025-61594 - URI Credential Leakage Bypass over CVE-2025-27221

posted in •