VYPR

cgi.rb

by Ruby Lang

Source repositories

CVEs (2)

  • CVE-2025-27219Mar 3, 2025
    risk 0.00cvss epss 0.01

    In the CGI gem before 0.4.2 for Ruby, the CGI::Cookie.parse method in the CGI library contains a potential Denial of Service (DoS) vulnerability. The method does not impose any limit on the length of the raw cookie value it processes. This oversight can lead to excessive…

  • CVE-2025-27220Mar 3, 2025
    risk 0.00cvss epss 0.01

    In the CGI gem before 0.4.2 for Ruby, a Regular Expression Denial of Service (ReDoS) vulnerability exists in the Util#escapeElement method.