這裡你可以找到 Ruby 的安全問題資訊。
回報安全缺陷(Security Vulnerabilities)
安全缺陷回報請透過 email 至 security@ruby-lang.org (the PGP public key) ,這是一個保密的郵件論壇。回報的問題會直到修正之後才會公布出來。
已知的缺陷問題
以下最近的問題列表:
- Buffer over-run in ARGF.inplace_mode= published at 2 Jul, 2010.
- WEBrick has an Escape Sequence Injection vulnerability published at 10 Jan, 2010
- Heap overflow in String published at 7 Dec, 2009
- DoS vulnerability in REXML published at 23 Aug, 2008
- Multiple vulnerabilities in Ruby published at 8 Aug, 2008
- Arbitrary code execution vulnerabilities published at 20 Jun, 2008
- File access vulnerability of WEBrick published at 3 Mar, 2008
- Net::HTTPS Vulnerability published at 4 Oct, 2007
- Another DoS Vulnerability in CGI Library published at 4 Dec, 2006
- DoS Vulnerability in CGI Library published at 3 Nov, 2006
- Ruby vulnerability in the safe level settings published at 2 Oct, 2005