DEBIAN-CVE-2026-35611

Addressable is an alternative implementation to the URI implementation that is part of Ruby's standard library. From 2.3.0 to before 2.9.0, within the URI template implementation in Addressable, two classes of URI template generate regular expressions vulnerable to catastrophic backtracking...

CVE-2026-35611

Addressable is an alternative implementation to the URI implementation that is part of Ruby's standard library. From 2.3.0 to before 2.9.0, within the URI template implementation in Addressable, two classes of URI template generate regular expressions vulnerable to catastrophic backtracking...

UBUNTU-CVE-2026-35611

Addressable is an alternative implementation to the URI implementation that is part of Ruby's standard library. From 2.3.0 to before 2.9.0, within the URI template implementation in Addressable, two classes of URI template generate regular expressions vulnerable to catastrophic backtracking...

CVE-2026-35611

Addressable is an alternative implementation to the URI implementation that is part of Ruby's standard library. From 2.3.0 to before 2.9.0, within the URI template implementation in Addressable, two classes of URI template generate regular expressions vulnerable to catastrophic backtracking...

CVE-2026-35611 Addressable has a Regular Expression Denial of Service in Addressable templates

Addressable is an alternative implementation to the URI implementation that is part of Ruby's standard library. From 2.3.0 to before 2.9.0, within the URI template implementation in Addressable, two classes of URI template generate regular expressions vulnerable to catastrophic backtracking...

CVE-2026-35611

Addressable is an alternative implementation to the URI implementation that is part of Ruby's standard library. From 2.3.0 to before 2.9.0, within the URI template implementation in Addressable, two classes of URI template generate regular expressions vulnerable to catastrophic backtracking...

PT-2026-30806

Name of the Vulnerable Software and Affected Versions Rack::Session versions 2.0.0 through 2.1.1 Description Rack::Session is a session management implementation for Rack. Versions 2.0.0 through 2.1.1 incorrectly handle decryption failures when configured with secrets. If cookie decryption fails,...

Addressable 安全漏洞

Addressable is a Ruby library developed by Bob Aman. Versions of Addressable from 2.3.0 to 2.9.0 contained a security vulnerability. This vulnerability stemmed from the URI template implementation; two types of regular expressions generated by the URI templates had catastrophic backtracking, whic...

CVE-2026-34829 vulnerabilities

Vulnerabilities for packages: ruby3.4-rack, ruby4.0-rack, gitlab-cng, pact-broker-docker-fips, ruby3.2-rails, ruby3.3-rack, logstash, gitlab-rails-ce, ruby3.4-rails, ruby3.2-rack, gitlab-rails-ce-fips, kube-fluentd-operator, pact-broker-docker...

GHSA-X8CG-FQ8G-MXFX vulnerabilities

Vulnerabilities for packages: ruby3.4-rack, ruby4.0-rack, gitlab-cng, pact-broker-docker-fips, ruby3.2-rails, ruby3.3-rack, logstash, gitlab-rails-ce, ruby3.4-rails, ruby3.2-rack, gitlab-rails-ce-fips, kube-fluentd-operator, pact-broker-docker...

GHSA-7MQQ-6CF9-V2QP vulnerabilities

Vulnerabilities for packages: ruby3.4-rack, ruby4.0-rack, gitlab-cng, pact-broker-docker-fips, ruby3.2-rails, ruby3.3-rack, logstash, gitlab-rails-ce, ruby3.4-rails, ruby3.2-rack, gitlab-rails-ce-fips, kube-fluentd-operator, pact-broker-docker...

GHSA-VGPV-F759-9WX3 vulnerabilities

Vulnerabilities for packages: ruby3.4-rack, ruby4.0-rack, gitlab-cng, pact-broker-docker-fips, ruby3.2-rails, ruby3.3-rack, logstash, gitlab-rails-ce, ruby3.4-rails, ruby3.2-rack, gitlab-rails-ce-fips, kube-fluentd-operator, pact-broker-docker...

GHSA-V569-HP3G-36WR vulnerabilities

Vulnerabilities for packages: ruby3.4-rack, ruby4.0-rack, gitlab-cng, pact-broker-docker-fips, ruby3.2-rails, ruby3.3-rack, logstash, gitlab-rails-ce, ruby3.4-rails, ruby3.2-rack, gitlab-rails-ce-fips, kube-fluentd-operator, pact-broker-docker...

GHSA-QFGR-CRR9-7R49 vulnerabilities

Vulnerabilities for packages: pact-broker-docker-fips, ruby3.2-rails, logstash, ruby3.4-rails, kube-fluentd-operator, pact-broker-docker...

CVE-2026-34230 vulnerabilities

Vulnerabilities for packages: ruby3.4-rack, ruby4.0-rack, gitlab-cng, pact-broker-docker-fips, ruby3.2-rails, ruby3.3-rack, logstash, gitlab-rails-ce, ruby3.4-rails, ruby3.2-rack, gitlab-rails-ce-fips, kube-fluentd-operator, pact-broker-docker...

GHSA-Q2WW-5357-X388 vulnerabilities

Vulnerabilities for packages: ruby3.4-rack, ruby4.0-rack, gitlab-cng, pact-broker-docker-fips, ruby3.2-rails, ruby3.3-rack, logstash, gitlab-rails-ce, ruby3.4-rails, ruby3.2-rack, gitlab-rails-ce-fips, kube-fluentd-operator, pact-broker-docker...

CVE-2026-34763 vulnerabilities

Vulnerabilities for packages: ruby3.4-rack, ruby4.0-rack, gitlab-cng, pact-broker-docker-fips, ruby3.2-rails, ruby3.3-rack, logstash, gitlab-rails-ce, ruby3.4-rails, ruby3.2-rack, gitlab-rails-ce-fips, kube-fluentd-operator, pact-broker-docker...

CVE-2026-34835 vulnerabilities

Vulnerabilities for packages: pact-broker-docker-fips, ruby3.2-rails, logstash, ruby3.4-rails, kube-fluentd-operator, pact-broker-docker...

GHSA-QV7J-4883-HWH7 vulnerabilities

Vulnerabilities for packages: ruby3.4-rack, ruby4.0-rack, gitlab-cng, pact-broker-docker-fips, ruby3.2-rails, ruby3.3-rack, logstash, gitlab-rails-ce, ruby3.4-rails, ruby3.2-rack, gitlab-rails-ce-fips, kube-fluentd-operator, pact-broker-docker...

GHSA-H2JQ-G4CQ-5PPQ vulnerabilities

Vulnerabilities for packages: ruby3.4-rack, ruby4.0-rack, gitlab-cng, pact-broker-docker-fips, ruby3.2-rails, ruby3.3-rack, logstash, gitlab-rails-ce, ruby3.4-rails, ruby3.2-rack, gitlab-rails-ce-fips, kube-fluentd-operator, pact-broker-docker...