Ruby URI
Moderate fix4 remedies
cpe:2.3:a:ruby-lang:uri:*:*:*:*:ruby:*:*
Moderate fix4 remedies
- < 0.11.3
- >= 0.12.0, <= 0.12.3
- >= 0.13.0, <= 0.13.1
- >= 1.0.0, <= 1.0.2
URI Gem Userinfo Leakage Vulnerability in Ruby
Vulnerability
Patched
A vulnerability in the URI gem for Ruby, affecting versions prior to 1.0.3, has been identified. The issue arises in the URI handling methods URI.join, URI#merge, and URI#+, where authentication credentials are inadvertently leaked. This occurs because userinfo is retained even after the host is changed. When a URL containing sensitive userinfo is merged with a malicious host, and the resulting URL is accessed, the userinfo can be unintentionally exposed.
Impact
Exploitation of this vulnerability can lead to the unintentional leakage of authentication credentials, such as user names and passwords.
Reproduction
To reproduce this vulnerability, use the URI gem version prior to 1.0.3. Apply the URI#join, URI#merge, or URI#+ methods to a URL that includes userinfo (e.g., a URL with embedded credentials like user:password). Replace the host with a malicious one. When the modified URL is accessed, the userinfo will be leaked.
Remediation
Users are advised to upgrade the URI gem to version 0.11.3, 0.12.4, 0.13.2, or 1.0.3 and later.
Added: Jun 9, 2025, 7:46 PM
Updated: Jun 9, 2025, 7:46 PM
Vulnerability Rating
Custom Algorithm
spread
6.6impact
2.5exploitability
4.8remediation
7.7relevance
0.0threat
1.6urgency
2.9incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.