Information on source package ruby3.1

Available versions

ReleaseVersion
bookworm3.1.2-7+deb12u1
sid3.1.2-8.5

Open issues

BugbookwormsidDescription
CVE-2025-27221vulnerable (no DSA)vulnerableIn the URI gem before 1.0.3 for Ruby, the URI handling methods (URI.jo ...
CVE-2025-27220vulnerable (no DSA)vulnerableIn the CGI gem before 0.4.2 for Ruby, a Regular Expression Denial of S ...
CVE-2025-27219vulnerable (no DSA)vulnerableIn the CGI gem before 0.4.2 for Ruby, the CGI::Cookie.parse method in ...
CVE-2025-25186vulnerable (no DSA)vulnerableNet::IMAP implements Internet Message Access Protocol (IMAP) client fu ...
CVE-2025-0306vulnerable (no DSA, ignored)fixedA vulnerability was found in Ruby. The Ruby interpreter is vulnerable ...
CVE-2024-49761vulnerablevulnerableREXML is an XML toolkit for Ruby. The REXML gem before 3.3.9 has a ReD ...
CVE-2024-43398vulnerable (no DSA)vulnerableREXML is an XML toolkit for Ruby. The REXML gem before 3.3.6 has a DoS ...
CVE-2024-41946vulnerable (no DSA)vulnerableREXML is an XML toolkit for Ruby. The REXML gem 3.3.2 has a DoS vulner ...
CVE-2024-41123vulnerable (no DSA)vulnerableREXML is an XML toolkit for Ruby. The REXML gem before 3.3.2 has some ...
CVE-2024-39908vulnerable (no DSA)vulnerableREXML is an XML toolkit for Ruby. The REXML gem before 3.3.1 has some ...
CVE-2024-35176vulnerable (no DSA)vulnerableREXML is an XML toolkit for Ruby. The REXML gem before 3.2.6 has a den ...
CVE-2024-27281fixedvulnerableAn issue was discovered in RDoc 6.3.3 through 6.6.2, as distributed in ...
CVE-2024-27280fixedvulnerableA buffer-overread issue was discovered in StringIO 3.0.1, as distribut ...
CVE-2023-28756vulnerable (no DSA)vulnerableA ReDoS issue was discovered in the Time component through 0.2.1 in Ru ...
CVE-2023-28755vulnerable (no DSA)vulnerableA ReDoS issue was discovered in the URI component through 0.12.0 in Ru ...

Resolved issues

BugDescription
CVE-2024-27282An issue was discovered in Ruby 3.x through 3.3.0. If attacker-supplie ...
CVE-2023-36617A ReDoS issue was discovered in the URI component before 0.12.2 for Ru ...
CVE-2021-33621The cgi gem before 0.1.0.2, 0.2.x before 0.2.2, and 0.3.x before 0.3.5 ...

Security announcements

DSA / DLADescription
DSA-5677-1ruby3.1 - security update
Search for package or bug name: Reporting problems