Tady najdete informace týkající se otázek bezbečnosti.
Hlášení zranitelností
Bezpečtnostní mezery by měli být hlášeny emailem na adresu security@ruby-lang.org (soukromý mailing list). Nahlášené zranitelnosti budou zveřejněny po jejich opravení.
Známe mezery
- WEBrick has an Escape Sequence Injection vulnerability published at 10 Jan, 2010
- Heap overflow in String published at 7 Dec, 2009
- DoS vulnerability in REXML published at 23 Aug, 2008
- Multiple vulnerabilities in Ruby published at 8 Aug, 2008
- Arbitrary code execution vulnerabilities published at 20 Jun, 2008
- File access vulnerability of WEBrick published at 3 Mar, 2008
- Net::HTTPS Vulnerability published at 4 Oct, 2007
- Another DoS Vulnerability in CGI Library published at 4 Dec, 2006
- DoS Vulnerability in CGI Library published at 3 Nov, 2006
- Ruby vulnerability in the safe level settings published at 2 Oct, 2005