VYPR
Moderate severityNVD Advisory· Published Mar 3, 2025· Updated Nov 3, 2025

CVE-2025-27220

CVE-2025-27220

Description

In the CGI gem before 0.4.2 for Ruby, a Regular Expression Denial of Service (ReDoS) vulnerability exists in the Util#escapeElement method.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
cgiRubyGems
< 0.3.5.10.3.5.1
cgiRubyGems
>= 0.3.6, < 0.3.70.3.7
cgiRubyGems
>= 0.4.0, < 0.4.20.4.2

Affected products

85

Patches

Vulnerability mechanics

References

10

News mentions

0

No linked articles in our index yet.