Skip to content

CVE-2026-38969 GHSA-h4w6-wx8r-p68v #211

Description

@phoenix-gi

There is vulnerability:

bundle exec bundle-audit check --update

Updating ruby-advisory-db ...
From https://github.com/rubysec/ruby-advisory-db
 * branch            master     -> FETCH_HEAD
Already up to date.
Updated ruby-advisory-db
ruby-advisory-db:
  advisories:   1193 advisories
  last updated: 2026-07-06 09:49:20 -0400
  commit:       150311af4c8161152909f4f004987461fa455e92
Name: webrick
Version: 1.9.2
CVE: CVE-2026-38969
GHSA: GHSA-h4w6-wx8r-p68v
Criticality: Unknown
URL: https://nvd.nist.gov/vuln/detail/CVE-2026-38969
Title: ruby webrick through v1.9.2 WEBrick reparses trailer
Solution: remove or disable this gem until a patch is available!

Vulnerabilities found!

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions