Debian Ruby-Addressable vulnerabilities

CVE-2026-35611 [HIGH] CVE-2026-35611: ruby-addressable - Addressable is an alternative implementation to the URI implementation that is p... Addressable is an alternative implementation to the URI implementation that is part of Ruby's standard library. From 2.3.0 to before 2.9.0, within the URI template implementation in Addressable, two classes of URI template generate regular expressions vulnerable to catastrophic backtracking. Templates using the * (explode) modifier with any expansion operat

CVE-2021-32740 [HIGH] CVE-2021-32740: ruby-addressable - Addressable is an alternative implementation to the URI implementation that is p... Addressable is an alternative implementation to the URI implementation that is part of Ruby's standard library. An uncontrolled resource consumption vulnerability exists after version 2.3.0 through version 2.7.0. Within the URI template implementation in Addressable, a maliciously crafted template may result in uncontrolled resource consumption, leading to