VulnerableCode Package Details - pkg:apk/alpine/ruby@3.3.8-r0?arch=x86

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:apk/alpine/ruby@3.3.8-r0?arch=x86_64&distroversion=v3.21&reponame=main

purl	pkg:apk/alpine/ruby@3.3.8-r0?arch=x86_64&distroversion=v3.21&reponame=main

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-exq5-cnrm-3uhd	CGI has Denial of Service (DoS) potential in Cookie.parse There is a possibility for DoS by in the cgi gem. This vulnerability has been assigned the CVE identifier CVE-2025-27219. We recommend upgrading the cgi gem. ## Details CGI::Cookie.parse took super-linear time to parse a cookie string in some cases. Feeding a maliciously crafted cookie string into the method could lead to a Denial of Service. Please update CGI gem to version 0.3.5.1, 0.3.7, 0.4.2 or later. ## Affected versions cgi gem versions <= 0.3.5, 0.3.6, 0.4.0 and 0.4.1. ## Credits Thanks to lio346 for discovering this issue. Also thanks to mame for fixing this vulnerability.	CVE-2025-27219 GHSA-gh9q-2xrm-x6qv

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-01T18:55:38.507899+00:00	Alpine Linux Importer	Fixing	VCID-exq5-cnrm-3uhd	https://secdb.alpinelinux.org/v3.21/main.json	38.0.0