addressable

RubyGems2 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting addressablepage 1 of 1

CVE-2021-32740HIGHCVSS 7.5EG 7.5✓ Fixed in 2.8.0
2021-07-06
vulnerable: 2.3.2 ... 2.7.0 (13 versions)
Addressable is an alternative implementation to the URI implementation that is part of Ruby's standard library. An uncontrolled resource consumption vulnerability exists after version 2.3.0 through version 2.7.0. Within the URI template im…
CVE-2026-35611HIGHCVSS 7.5EG 7.5✓ Fixed in 2.9.0
2026-04-07
vulnerable: 2.3.2 ... 2.8.9 (24 versions)
Addressable is an alternative implementation to the URI implementation that is part of Ruby's standard library. From 2.3.0 to before 2.9.0, within the URI template implementation in Addressable, two classes of URI template generate regular…

Check whether addressable is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for addressable CVEs against the assets you own.

Start Free Scan →