Ruby 3.4.7 Released
Ruby 3.4.7 has been released.
Posted by k0kubun on 7 Oct 2025
CVE-2025-61594: URI Credential Leakage Bypass previous fixes
We published security advisory for CVE-2025-61594.
Posted by hsbt on 7 Oct 2025
CVE-2025-58767: DoS vulnerability in REXML
There is a DoS vulnerability in REXML gem. This vulnerability has been assigned the CVE identifier CVE-2025-58767. We strongly recommend upgrading the REXML gem.
Posted by naitoh on 18 Sep 2025
CVE-2025-24294: Possible Denial of Service in resolv gem
A denial of service vulnerability has been discovered in the resolv gem bundled with Ruby.
This vulnerability has been assigned the CVE identifier CVE-2025-24294.
We recommend upgrading the resolv gem.
Posted by mame on 8 Jul 2025
CVE-2025-43857: DoS vulnerability in net-imap
There is a possibility for DoS by in the net-imap gem. This vulnerability has been assigned the CVE identifier CVE-2025-43857. We recommend upgrading the net-imap gem.
Posted by nevans on 28 Apr 2025