Ruby Lang News
@ruby-lang-news
Publisher
12
Posts
Posts by Ruby Lang News
CVE-2026-46727: Use-after-free in pthread-based getaddrinfo timeout handler
A use-after-free vulnerability has been discovered in the pthread-based getaddrinfo timeout handler of Ruby. This vulnerability has been assigned the CVE ide...
CVE-2026-41316: ERB @_init deserialization guard bypass via def_module / def_method / def_class
We published security advisory for CVE-2026-41316.
Ruby 3.2.11 Released
Ruby 3.2.11 has been released. This release includes an update to the zlib gem addressing CVE-2026-27820.
Ruby 3.3.11 Released
Ruby 3.3.11 has been released. This release includes an update to the zlib gem addressing CVE-2026-27820, along with some bug fixes.