URI Credential Leakage Bypass
A vulnerability in the URI library bundled with Ruby allows sensitive user credentials such as usernames or passwords in a URI to be unintentionally leaked when combining URIs using the + operator. This issue bypasses the previous fix for CVE-2025-27221. The issue affects Ruby's built-in URI...