Ruby 3.4.5 Released
Ruby 3.4.5 has been released.
Posted by k0kubun on 15 Jul 2025
CVE-2025-24294: Possible Denial of Service in resolv gem
A denial of service vulnerability has been discovered in the resolv gem bundled with Ruby.
This vulnerability has been assigned the CVE identifier CVE-2025-24294.
We recommend upgrading the resolv gem.
Posted by mame on 8 Jul 2025
CVE-2025-43857: DoS vulnerability in net-imap
There is a possibility for DoS by in the net-imap gem. This vulnerability has been assigned the CVE identifier CVE-2025-43857. We recommend upgrading the net-imap gem.
Posted by nevans on 28 Apr 2025
Ruby 3.5.0 preview1 Released
We are pleased to announce the release of Ruby 3.5.0-preview1. Ruby 3.5 updates its Unicode version to 15.1.0, and so on.
Posted by naruse on 18 Apr 2025
Ruby 3.2.8 Released
Ruby 3.2.8 has been released. This release includes CVE-2025-27219, CVE-2025-27220 and CVE-2025-27221 fixes.
Posted by hsbt on 26 Mar 2025
Ruby 3.1.7 Released
Ruby 3.1.7 has been released. This release includes CVE-2025-27219, CVE-2025-27220 and CVE-2025-27221 fixes and update bundled REXML and RSS gems.
Posted by hsbt on 26 Mar 2025
Security advisories: CVE-2025-27219, CVE-2025-27220 and CVE-2025-27221
We published security advisories for CVE-2025-27219, CVE-2025-27220 and CVE-2025-27221. Please read the details below.
Posted by hsbt on 26 Feb 2025