Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.3
CVE-2025-27221
- EPSS 0.02%
- Veröffentlicht 04.03.2025 00:15:31
- Zuletzt bearbeitet 01.08.2025 02:06:45
In the URI gem before 1.0.3 for Ruby, the URI handling methods (URI.join, URI#merge, URI#+) have an inadvertent leakage of authentication credentials because userinfo is retained even after changing the host.
5.3
CVE-2023-36617
- EPSS 1.2%
- Veröffentlicht 29.06.2023 13:15:09
- Zuletzt bearbeitet 21.11.2024 08:10:04
A ReDoS issue was discovered in the URI component before 0.12.2 for Ruby. The URI parser mishandles invalid URLs that have specific characters. There is an increase in execution time for parsing strings to URI objects with rfc2396_parser.rb and rfc39...
5.3
CVE-2023-28755
- EPSS 0.45%
- Veröffentlicht 31.03.2023 04:15:09
- Zuletzt bearbeitet 14.02.2025 20:15:32
A ReDoS issue was discovered in the URI component through 0.12.0 in Ruby through 3.2.1. The URI parser mishandles invalid URLs that have specific characters. It causes an increase in execution time for parsing strings to URI objects. The fixed versio...
1