Where
-Infinity
0

Trending

Last week
Last month
Last year

Vendor Risk Score

See how ruby compares to other vendors in security performance

View Risk Score →

Ruby Ruby 4Race Condition, Use After Free

Risk 75
Severity
8.1
First published (updated )
CVE-2026-46727

Ruby Ruby 4.0End of life details

EOL
Mar 31, 2029
First published (updated )
EOL-ruby-4.0

Microsoft azl3 rubygem-rexml 3.3.9-1REXML has a DoS condition when parsing malformed XML file

Risk 43
Severity
1.2
First published (updated )
CVE-2025-58767

Ruby jwtWeak Encryption

Risk 66
Severity
9.1
First published (updated )
CVE-2025-45765

Ruby WEBrickRuby WEBrick read_header HTTP Request Smuggling Vulnerability

Risk 33
Severity
5.9
EPSS
0.05%
First published (updated )
CVE-2025-6442
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Ruby WEBrickRuby WEBrick read_header HTTP Request Smuggling Vulnerability

Risk 45
Severity
6.5
First published (updated )
Advisory
ZDI-25-414

Ruby WEBrickZDI-25-414: Ruby WEBrick read_header HTTP Request Smuggling Vulnerability

Risk 45
Severity
6.5
First published (updated )
ZDI-CAN-21876

Ruby RubyRuby vulnerabilities

Risk 32
First published (updated )
Advisory
USN-7418-1

OmniAuth Omniauth Saml RubyGHSL-2024-329_GHSL-2024-330: Authentication bypasses in ruby-saml - CVE-2025-25291, CVE-2025-25292

Risk 63
Severity
9.8
EPSS
0.44%
First published (updated )
CVE-2025-25292

rubygems/jsonRuby JSON Parser has Out-of-bounds Read

Risk 31
Severity
7.5
EPSS
0.10%
First published (updated )
CVE-2025-27788
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Ruby CGI gemIn the CGI gem before 0.4.2 for Ruby, a Regular Expression Denial of Service (ReDoS) vulnerability e…

Risk 19
Severity
4
First published (updated )
REDHAT-BUG-2349696

Ruby CGIIn the CGI gem before 0.4.2 for Ruby, the CGI::Cookie.parse method in the CGI library contains a pot…

Risk 19
Severity
4
First published (updated )
REDHAT-BUG-2349699

Ruby net-imapNet::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Starting …

Risk 19
Severity
4
First published (updated )
REDHAT-BUG-2344680

rubygems/net-imapNet::IMAP vulnerable to possible DoS by memory exhaustion

Risk 27
Severity
6.5
EPSS
0.05%
First published (updated )
CVE-2025-25186

Ruby RubyRuby: openssl: ruby marvin attack

Risk 41
Severity
7.4
EPSS
0.09%
First published (updated )
CVE-2025-0306
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Ruby Ruby InterpreterRuby interpreter is vulnerable to the Marvin Attack. This attack allows the attacker to decrypt prev…

Risk 19
Severity
4
First published (updated )
REDHAT-BUG-2336100

Ruby Ruby 3.4End of life details

EOL
Mar 31, 2028
First published (updated )
EOL-ruby-3.4

Ruby Ruby 3.4End of life details

EOL
Mar 31, 2028
First published (updated )
latest-version-ruby-3.4

Ruby Ruby 3.3End of life details

EOL
Mar 31, 2027
First published (updated )
EOL-ruby-3.3

Ruby Ruby 3.3End of life details

EOL
Mar 31, 2027
First published (updated )
latest-version-ruby-3.3
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Ruby Ruby 3.2Reached end of life

EOL
Mar 31, 2026
First published (updated )
EOL-ruby-3.2

Ruby Ruby 3.2Reached end of life

EOL
Mar 31, 2026
First published (updated )
latest-version-ruby-3.2

Ruby REXMLREXML is an XML toolkit for Ruby. The REXML gem before 3.3.9 has a ReDoS vulnerability when it parse…

Risk 18
Severity
4
First published (updated )
REDHAT-BUG-2322153

Ruby WEBrickAn issue was discovered in the WEBrick toolkit through 1.8.1 for Ruby. It allows HTTP request smuggl…

Risk 19
Severity
4
First published (updated )
REDHAT-BUG-2314051

Ruby REXMLREXML is an XML toolkit for Ruby. The REXML gem before 3.3.6 has a DoS vulnerability when it parses …

Risk 18
Severity
4
First published (updated )
REDHAT-BUG-2307297
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Ruby REXMLREXML is an XML toolkit for Ruby. The REXML gem 3.3.2 has a DoS vulnerability when it parses an XML …

Risk 5
Severity
1
First published (updated )
REDHAT-BUG-2302272

Ruby REXMLREXML is an XML toolkit for Ruby. The REXML gem before 3.3.2 has some DoS vulnerabilities when it pa…

Risk 19
Severity
4
First published (updated )
REDHAT-BUG-2302268

Ruby ruby-magickA memory leak was found in ruby-magick an interface between Ruby and ImageMagick, that could lead to…

Risk 5
Severity
1
First published (updated )
REDHAT-BUG-2247064

Ruby Time libraryThe Time parser mishandles invalid strings that have specific characters. It causes an increase in e…

Risk 19
Severity
4
First published (updated )
REDHAT-BUG-2184061

Ruby CGIcgi.rb in Ruby through 2.6.x, through 3.0x, and through 3.1.x allows HTTP header injection. If a CGI…

Risk 19
Severity
4
First published (updated )
REDHAT-BUG-2149706
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203