2 matches found
CVE-2026-33635 iCalendar has ICS injection via unsanitized URI property values
iCalendar is a Ruby library for dealing with iCalendar files in the iCalendar format defined by RFC-5545. Starting in version 2.0.0 and prior to version 2.12.2, .ics serialization does not properly sanitize URI property values, enabling ICS injection through attacker-controlled input, adding...
CVE-2026-33635
creationtimestamp| type| source ---|---|--- 2026-03-24 19:13:41+00:00| published-proof-of-concept| https://github.com/advisories/GHSA-pv9c-9mfh-hvxq...