In the URI gem before 1.0.3 for Ruby, the URI handling methods (URI.join, URI#merge, URI#+) have an inadvertent leakage of authentication credentials because userinfo is retained even after changing the host.

In the URI gem before 1.0.3 for Ruby, the URI handling methods (URI.join, URI#merge, URI#+) have an inadvertent leakage of authentication credentials because userinfo is retained even after changing the host.

In the URI gem before 1.0.3 for Ruby, the URI handling methods (URI.join, URI#merge, URI#+) have an inadvertent leakage of authentication credentials because userinfo is retained even after changing the host.

In the URI gem before 1.0.3 for Ruby, the URI handling methods (URI.join, URI#merge, URI#+) have an inadvertent leakage of authentication credentials because userinfo is retained even after changing the host.

In the URI gem before 1.0.3 for Ruby, the URI handling methods (URI.jo ...

URI allows for userinfo Leakage in URI#join, URI#merge, and URI#+

Уязвимость программного средства URI gem, связанная с раскрытием информации, позволяющая нарушителю получить доступ к конфиденциальной информации

Security update for ruby2.5

Security update for ruby2.5

Уязвимость ruby

Moderate: ruby security update

Moderate: ruby:3.3 security update

Moderate: ruby:3.3 security update

ELSA-2025-8131: ruby security update (MODERATE)

ELSA-2025-4493: ruby:3.3 security update (MODERATE)

ELSA-2025-10217: ruby:3.3 security update (MODERATE)

Moderate: ruby:3.1 security update

Moderate: ruby:3.1 security update

ELSA-2025-4488: ruby:3.1 security update (MODERATE)

ELSA-2025-4063: ruby:3.1 security update (MODERATE)