org.jruby:jruby-parent (Maven) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the Maven package org.jruby:jruby-parent, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (2)
CVE-2011-5036 — CVSS 5.0 (medium): Rack before 1.1.3, 1.2.x before 1.2.5, and 1.3.x before 1.3.6 computes hash values for form parameters without restricting the ability to…
CVE-2012-5370 — CVSS 5.0 (medium): JRuby computes hash values without properly restricting the ability to trigger hash collisions predictably, which allows context-dependent…