2 matches found
CVE-2025-61594 affecting package ruby for versions less than 3.1.7-4
CVE-2025-61594 affecting package ruby for versions less than 3.1.7-4. A patched version of the package is available...
AZL-73391 CVE-2025-61594 affecting package ruby for versions less than 3.1.7-4
URI is a module providing classes to handle Uniform Resource Identifiers. In versions prior to 0.12.5, 0.13.3, and 1.0.4, a bypass exists for the fix to CVE-2025-27221 that can expose user credentials. When using the + operator to combine URIs, sensitive information like passwords from the origin...