Cgi Ruby Programming Language Cgi

Do you want an email whenever new security vulnerabilities are reported in Ruby Programming Language Cgi?

By the Year

In 2023 there have been 0 vulnerabilities in Ruby Programming Language Cgi . Last year Cgi had 3 security vulnerabilities published. Right now, Cgi is on track to have less security vulnerabilities in 2023 than it did last year.

Year Vulnerabilities Average Score
2023 0 0.00
2022 3 8.70
2021 0 0.00
2020 0 0.00
2019 0 0.00
2018 0 0.00

It may take a day or so for new Cgi vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Ruby Programming Language Cgi Security Vulnerabilities

The cgi gem before 0.1.0.2, 0.2.x before 0.2.2, and 0.3.x before 0.3.5 for Ruby allows HTTP response splitting

CVE-2021-33621 8.8 - High - November 18, 2022

The cgi gem before 0.1.0.2, 0.2.x before 0.2.2, and 0.3.x before 0.3.5 for Ruby allows HTTP response splitting. This is relevant to applications that use untrusted user input either to generate an HTTP response or to create a CGI::Cookie object.

Interpretation Conflict

CGI.escape_html in Ruby before 2.7.5 and 3.x before 3.0.3 has an integer overflow and resultant buffer overflow

CVE-2021-41816 9.8 - Critical - February 06, 2022

CGI.escape_html in Ruby before 2.7.5 and 3.x before 3.0.3 has an integer overflow and resultant buffer overflow via a long string on platforms (such as Windows) where size_t and long have different numbers of bytes. This also affects the CGI gem before 0.3.1 for Ruby.

Integer Overflow or Wraparound

CGI::Cookie.parse in Ruby through 2.6.8 mishandles security prefixes in cookie names

CVE-2021-41819 7.5 - High - January 01, 2022

CGI::Cookie.parse in Ruby through 2.6.8 mishandles security prefixes in cookie names. This also affects the CGI gem through 0.3.0 for Ruby.

Reliance on Cookies without Validation and Integrity Checking

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Canonical Ubuntu Linux or by Ruby Programming Language? Click the Watch button to subscribe.

subscribe