PT-2026-29962 — Uri+2 Uri+4

PT-2026-29962 · Uri+2 · Uri+4

Published

2026-03-31

Updated

2026-03-31

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.

Name of the Vulnerable Software and Affected Versions Ruby URI gem (affected versions not specified)

Description The Ruby URI gem did not properly handle sensitive information when combining URIs. This could allow a remote attacker to leak authentication credentials.

Recommendations Run sudo pro fix USN-8137-1 to fix the vulnerability. Update to libruby2.7 - 2.7.0-5ubuntu1.18+esm4. Update to ruby2.7 - 2.7.0-5ubuntu1.18+esm4. Update to ruby2.7-dev - 2.7.0-5ubuntu1.18+esm4. Update to ruby2.7-doc - 2.7.0-5ubuntu1.18+esm4.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

USN-8137-1

Affected Products

Uri

Libruby2.7

Ruby2.7

Ruby2.7-Dev

Ruby2.7-Doc