Packages
Get Gentoo!
gentoo.org sites
gentoo.org
Wiki
Bugs
Forums
Packages
Planet
Archives
Sources
Infra Status
Home
Packages
Maintainers
USE flags
Architectures
About
Gentoo Project
Ruby Project
Packages
715
Stabilization
0
Outdated
54
Pull requests
3
Bugs
286
Security
12
Changelog
Security Bug Reports
<dev-ruby/yajl-ruby-1.4.2: heap corruption with very large inputs
837542 - Assigned to Gentoo Security
<dev-ruby/rails-html-sanitizer-1.4.4: multiple vulnerabilities
886023 - Assigned to Gentoo Security
<dev-ruby/loofah-2.19.1: multiple vulnerabilities
886025 - Assigned to Gentoo Security
<dev-ruby/yard-0.9.36: XSS vulnerability
926069 - Assigned to Gentoo Security
<dev-lang/ruby-{3.1.5,3.2.4,3.3.1}: Multiple Vulnerabilities
930533 - Assigned to Gentoo Security
<www-servers/puma-6.4.3: Header normalization allows for client to clobber proxy set headers
939950 - Assigned to Gentoo Security
<dev-ruby/webrick-1.8.2: HTTP Request Smuggling
940185 - Assigned to Gentoo Security
<dev-ruby/sinatra-4.1.1: Reliance on Untrusted Inputs in a Security Decision
944713 - Assigned to Gentoo Security
<dev-ruby/rails-html-sanitizer-1.6.1: multiple vulnerabilities
945819 - Assigned to Gentoo Security
<dev-ruby/rack-{2.2.11:2.2,3.0.12:3.0,3.1.10:3.1}: Log Injection vulnerability
949642 - Assigned to Gentoo Security
<www-apache/passenger-6.0.26: Denial of Service
950020 - Assigned to Gentoo Security
<dev-ruby/rexml-3.4.2: Denial of Service
963042 - Assigned to Gentoo Security
Contact Information
Please file new vulnerability reports on
Gentoo Bugzilla
and assign them to the Gentoo Security product and Vulnerabilities component.