Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.3
CVE-2025-27221
- EPSS 0.03%
- Veröffentlicht 04.03.2025 00:15:31
- Zuletzt bearbeitet 03.11.2025 22:18:43
In the URI gem before 1.0.3 for Ruby, the URI handling methods (URI.join, URI#merge, URI#+) have an inadvertent leakage of authentication credentials because userinfo is retained even after changing the host.
5.3
CVE-2023-36617
- EPSS 1.07%
- Veröffentlicht 29.06.2023 13:15:09
- Zuletzt bearbeitet 04.11.2025 18:15:40
A ReDoS issue was discovered in the URI component before 0.12.2 for Ruby. The URI parser mishandles invalid URLs that have specific characters. There is an increase in execution time for parsing strings to URI objects with rfc2396_parser.rb and rfc39...
5.3
CVE-2023-28755
- EPSS 0.34%
- Veröffentlicht 31.03.2023 04:15:09
- Zuletzt bearbeitet 04.11.2025 18:15:40
A ReDoS issue was discovered in the URI component through 0.12.0 in Ruby through 3.2.1. The URI parser mishandles invalid URLs that have specific characters. It causes an increase in execution time for parsing strings to URI objects. The fixed versio...
1