The Transition of RubyGems Repository Ownership
Dear Ruby community,
Posted by matz on 17 Oct 2025
We published security advisory for CVE-2025-61594.
Posted by hsbt on 7 Oct 2025
There is a DoS vulnerability in REXML gem. This vulnerability has been assigned the CVE identifier CVE-2025-58767. We strongly recommend upgrading the REXML gem.
Posted by naitoh on 18 Sep 2025
A denial of service vulnerability has been discovered in the resolv gem bundled with Ruby.
This vulnerability has been assigned the CVE identifier CVE-2025-24294.
We recommend upgrading the resolv gem.
Posted by mame on 8 Jul 2025
There is a possibility for DoS by in the net-imap gem. This vulnerability has been assigned the CVE identifier CVE-2025-43857. We recommend upgrading the net-imap gem.
Posted by nevans on 28 Apr 2025
We are pleased to announce the release of Ruby 3.5.0-preview1. Ruby 3.5 updates its Unicode version to 15.1.0, and so on.
Posted by naruse on 18 Apr 2025
Ruby 3.2.8 has been released. This release includes CVE-2025-27219, CVE-2025-27220 and CVE-2025-27221 fixes.
Posted by hsbt on 26 Mar 2025
Ruby 3.1.7 has been released. This release includes CVE-2025-27219, CVE-2025-27220 and CVE-2025-27221 fixes and update bundled REXML and RSS gems.
Posted by hsbt on 26 Mar 2025
We published security advisories for CVE-2025-27219, CVE-2025-27220 and CVE-2025-27221. Please read the details below.
Posted by hsbt on 26 Feb 2025
There is a possibility for DoS by in the net-imap gem. This vulnerability has been assigned the CVE identifier CVE-2025-25186. We recommend upgrading the net-imap gem.
Posted by nevans on 10 Feb 2025