Ruby 3.0.3 Released
Ruby 3.0.3 has been released.
Posted by nagachika on 24 Nov 2021
CVE-2021-41819: Cookie Prefix Spoofing in CGI::Cookie.parse
A cookie prefix spoofing vulnerability was discovered in CGI::Cookie.parse. This vulnerability has been assigned the CVE identifier CVE-2021-41819. We strongly recommend upgrading Ruby.
Posted by mame on 24 Nov 2021
Other News
-
CVE-2021-41816: Buffer Overrun in CGI.escape_html
Posted by mame on 24 Nov 2021 -
CVE-2021-41817: Regular Expression Denial of Service Vulnerability of Date Parsing Methods
Posted by mame on 15 Nov 2021 -
Ruby 3.1.0 Preview 1 Released
Posted by naruse on 9 Nov 2021 -
2022 Fukuoka Ruby Award Competition - Entries to be judged by Matz
Posted by Fukuoka Ruby on 3 Aug 2021 -
CVE-2021-31810: Trusting FTP PASV responses vulnerability in Net::FTP
Posted by shugo on 7 Jul 2021 -
CVE-2021-32066: A StartTLS stripping vulnerability in Net::IMAP
Posted by shugo on 7 Jul 2021