pkg:Debian/ruby3.1

28 total CVEsCRITICAL5HIGH11MEDIUM11LOW1

✅ Check your installed version

All known vulnerabilities

  • CRITICAL9.8CVE-2026-42257net-imap vulnerable to command Injection via "raw" arguments to multiple commands
    from 0
  • CRITICAL9.8CVE-2026-42258net-imap vulnerable to command Injection via unvalidated Symbol inputs
    from 0
  • CRITICAL9.8CVE-2026-27820Buffer Overflow in Zlib::GzipReader ungetc via large input leads to memory corruption
    from 0
  • CRITICAL9.8CVE-2024-27280StringIO buffer overread vulnerability
    from 0, < 3.1.2-7+deb12u1
  • CRITICAL9.8CVE-2024-27280StringIO buffer overread vulnerability
    from 0, < 3.1.2-7+deb12u1
  • HIGH8.8CVE-2021-33621HTTP response splitting in CGI
    from 0, < 3.1.2-4
  • HIGH8.1CVE-2026-41316ERB has an @_init deserialization guard bypass via def_module / def_method / def_class
    from 0
  • HIGH7.5CVE-2026-42245net-imap has quadratic complexity when reading response literals
    from 0
  • HIGH7.5CVE-2025-61594URI Credential Leakage Bypass over CVE-2025-27221
    from 0
  • HIGH7.5CVE-2024-49761REXML ReDoS vulnerability
    from 0
  • HIGH7.5CVE-2024-41946REXML DoS vulnerability
    from 0
  • HIGH7.5CVE-2024-41123REXML DoS vulnerability
    from 0
  • HIGH7.5CVE-2023-28756Ruby Time component ReDoS issue
    from 0
  • HIGH7.5CVE-2023-28755Ruby URI component ReDoS issue
    from 0
  • HIGH7.4CVE-2026-42246net-imap vulnerable to STARTTLS stripping via invalid response timing
    from 0
  • HIGH7.4CVE-2025-0306A vulnerability was found in Ruby.
    from 0
  • MEDIUM6.6CVE-2024-27282An issue was discovered in Ruby 3.x through 3.3.0.
    from 0, < 3.1.2-7+deb12u1
  • MEDIUM6.5CVE-2026-42256net-imap vulnerable to denial of service via high iteration count for `SCRAM-*` authentication
    from 0
  • MEDIUM6.5CVE-2025-43857net-imap rubygem vulnerable to possible DoS by memory exhaustion
    from 0
  • MEDIUM6.5CVE-2025-25186Possible DoS by memory exhaustion in net-imap
    from 0
  • MEDIUM5.9CVE-2024-43398REXML denial of service vulnerability
    from 0
  • MEDIUM5.8CVE-2025-27219CGI has Denial of Service (DoS) potential in Cookie.parse
    from 0
  • MEDIUM5.3CVE-2025-24294resolv vulnerable to DoS via insufficient DNS domain name length validation
    from 0
  • MEDIUM5.3CVE-2024-35176ruby2.7 - security update
    from 0
  • MEDIUM4.5CVE-2024-27281RDoc RCE vulnerability with .rdoc_options
    from 0, < 3.1.2-7+deb12u1
  • MEDIUM4.3CVE-2024-39908REXML denial of service vulnerability
    from 0
  • MEDIUM4.0CVE-2025-27220CGI has Regular Expression Denial of Service (ReDoS) potential in Util#escapeElement
    from 0
  • LOW3.2CVE-2025-27221URI allows for userinfo Leakage in URI#join, URI#merge, and URI#+
    from 0