RubyGems package
addressable
pkg:gem/addressable
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-35611 | Hig | 7.5 | >= 2.3.0, < 2.9.0 | 2.9.0 | Apr 7, 2026 | Addressable is an alternative implementation to the URI implementation that is part of Ruby's standard library. From 2.3.0 to before 2.9.0, within the URI template implementation in Addressable, two classes of URI template generate regular expressions vulnerable to catastrophic b | |
| CVE-2021-32740 | — | >= 2.3.0, < 2.8.0 | 2.8.0 | Jul 6, 2021 | Addressable is an alternative implementation to the URI implementation that is part of Ruby's standard library. An uncontrolled resource consumption vulnerability exists after version 2.3.0 through version 2.7.0. Within the URI template implementation in Addressable, a maliciousl |
- affected >= 2.3.0, < 2.9.0fixed 2.9.0
Addressable is an alternative implementation to the URI implementation that is part of Ruby's standard library. From 2.3.0 to before 2.9.0, within the URI template implementation in Addressable, two classes of URI template generate regular expressions vulnerable to catastrophic b
- CVE-2021-32740Jul 6, 2021affected >= 2.3.0, < 2.8.0fixed 2.8.0
Addressable is an alternative implementation to the URI implementation that is part of Ruby's standard library. An uncontrolled resource consumption vulnerability exists after version 2.3.0 through version 2.7.0. Within the URI template implementation in Addressable, a maliciousl