Whoops, I couldn't find that page - RubySec

You may want to try a search above, or [visit the homepage](/). Also, here are some recent posts:

Jun 26

CVE-2025-6442 (webrick): Ruby WEBrick read_headers method can lead to HTTP Request/Response Smuggling

posted in •

Jun 13

CVE-2025-28384 (openc3-cosmos-tool-iframe): OpenC3 COSMOS Vulnerable to Directory Traversal via /script-api/scripts/ endpoint

posted in •

Jun 13

CVE-2025-28382 (openc3-cosmos-tool-iframe): OpenC3 COSMOS Vulnerable to Directory Traversal via openc3-api/tables endpoint

posted in •

Jun 05

CVE-2025-49007 (rack): ReDoS Vulnerability in Rack::Multipart handle_mime_head

posted in •

May 21

CVE-2025-48069 (ejson2env): Insufficient input sanitization in ejson2env

posted in •

May 08

CVE-2025-46727 (rack): Rack has an Unbounded-Parameter DoS in Rack::QueryParser

posted in •

May 08

CVE-2025-46336 (rack-session): Rack session gets restored after deletion

posted in •

May 08

CVE-2025-32441 (rack): Rack session gets restored after deletion

posted in •

Apr 28

CVE-2025-43857 (net-imap): net-imap rubygem vulnerable to possible DoS by memory exhaustion

posted in •

Apr 21

GHSA-5w6v-399v-w3cc (nokogiri): Nokogiri updates packaged libxml2 to v2.13.8 to resolve CVE-2025-32414 and CVE-2025-32415

posted in •