Vulnerabilities > Ruby Lang > CGI

DATE	CVE	VULNERABILITY TITLE	RISK
2022-11-18	CVE-2021-33621	Injection vulnerability in multiple products The cgi gem before 0.1.0.2, 0.2.x before 0.2.2, and 0.3.x before 0.3.5 for Ruby allows HTTP response splitting. network low complexity ruby-lang fedoraproject CWE-74	8.8
2022-02-06	CVE-2021-41816	Integer Overflow or Wraparound vulnerability in multiple products CGI.escape_html in Ruby before 2.7.5 and 3.x before 3.0.3 has an integer overflow and resultant buffer overflow via a long string on platforms (such as Windows) where size_t and long have different numbers of bytes. network low complexity ruby-lang fedoraproject CWE-190 critical	9.8
2022-01-01	CVE-2021-41819	Reliance on Cookies without Validation and Integrity Checking vulnerability in multiple products CGI::Cookie.parse in Ruby through 2.6.8 mishandles security prefixes in cookie names. network low complexity ruby-lang redhat debian suse opensuse fedoraproject CWE-565	7.5