apk package
wolfi/ruby3.4-uri
pkg:apk/wolfi/ruby3.4-uri
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-27221 | — | < 1.0.3-r0 | 1.0.3-r0 | Mar 3, 2025 | In the URI gem before 1.0.3 for Ruby, the URI handling methods (URI.join, URI#merge, URI#+) have an inadvertent leakage of authentication credentials because userinfo is retained even after changing the host. |
- CVE-2025-27221Mar 3, 2025affected < 1.0.3-r0fixed 1.0.3-r0
In the URI gem before 1.0.3 for Ruby, the URI handling methods (URI.join, URI#merge, URI#+) have an inadvertent leakage of authentication credentials because userinfo is retained even after changing the host.