apk package
chainguard/ruby3.2-faraday-1.10.3
pkg:apk/chainguard/ruby3.2-faraday-1.10.3
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-27221 | — | < 1.10.3-r9 | 1.10.3-r9 | Mar 3, 2025 | In the URI gem before 1.0.3 for Ruby, the URI handling methods (URI.join, URI#merge, URI#+) have an inadvertent leakage of authentication credentials because userinfo is retained even after changing the host. |
- CVE-2025-27221Mar 3, 2025affected < 1.10.3-r9fixed 1.10.3-r9
In the URI gem before 1.0.3 for Ruby, the URI handling methods (URI.join, URI#merge, URI#+) have an inadvertent leakage of authentication credentials because userinfo is retained even after changing the host.