CVE-2025-27221

Vulnerability Description

In the URI gem before 1.0.3 for Ruby, the URI handling methods (URI.join, URI#merge, URI#+) have an inadvertent leakage of authentication credentials because userinfo is retained even after changing the host.

Vulnerability Details

Published Date

March 04, 2025

Last Modified

November 03, 2025

Source

NVD

CVE-2025-27221

Vulnerability Description

Vulnerability Details

Discussion (0)

Add Comment