Vulnerabilities > Ruby Lang > CGI > 0.3.1

DATE CVE VULNERABILITY TITLE RISK
2025-03-04 CVE-2025-27219 Unspecified vulnerability in Ruby-Lang CGI
In the CGI gem before 0.4.2 for Ruby, the CGI::Cookie.parse method in the CGI library contains a potential Denial of Service (DoS) vulnerability.
network
low complexity
ruby-lang
7.5
2025-03-04 CVE-2025-27220 Unspecified vulnerability in Ruby-Lang CGI
In the CGI gem before 0.4.2 for Ruby, a Regular Expression Denial of Service (ReDoS) vulnerability exists in the Util#escapeElement method.
network
low complexity
ruby-lang
7.5
2022-11-18 CVE-2021-33621 Injection vulnerability in multiple products
The cgi gem before 0.1.0.2, 0.2.x before 0.2.2, and 0.3.x before 0.3.5 for Ruby allows HTTP response splitting.
network
low complexity
ruby-lang fedoraproject CWE-74
8.8