Whoops, I couldn't find that page - RubySec

You may want to try a search above, or [visit the homepage](/). Also, here are some recent posts:

May 08

CVE-2025-46727 (rack): Rack has an Unbounded-Parameter DoS in Rack::QueryParser

posted in •

May 08

CVE-2025-46336 (rack-session): Rack session gets restored after deletion

posted in •

May 08

CVE-2025-32441 (rack): Rack session gets restored after deletion

posted in •

Apr 28

CVE-2025-43857 (net-imap): net-imap rubygem vulnerable to possible DoS by memory exhaustion

posted in •

Apr 21

GHSA-5w6v-399v-w3cc (nokogiri): Nokogiri updates packaged libxml2 to v2.13.8 to resolve CVE-2025-32414 and CVE-2025-32415

posted in •

Mar 28

CVE-2024-39311 (publify_core): Publify Vulnerable To Cross-Site Scripting (XSS) Via Redirects Requiring User Interaction

posted in •

Mar 27

CVE-2025-30221 (pitchfork): Pitchfork HTTP Request/Response Splitting vulnerability

posted in •

Mar 14

GHSA-mrxw-mxhj-p664 (nokogiri): Nokogiri updates packaged libxslt to v1.1.43 to resolve multiple CVEs

posted in •

Mar 14

CVE-2025-2304 (camaleon_cms): Camaleon CMS Vulnerable to Privilege Escalation through a Mass Assignment

posted in •

Mar 12

CVE-2025-27788 (json): Out-of-bounds Read in Ruby JSON Parser

posted in •