Skip to content

Commit e8607af

Browse files
toddsiegelpostmodern
toddsiegel
and
postmodern
authored
Added the patched version of ~> 1.10.5 for CVE-2026-25765 (#992)
* The fix for CVE-2026-25765 was backported to the 1.x version family. See: * lostisland/faraday@d0fc049beb * GHSA-33mh-2634-fwr2 --------- Co-authored-by: Postmodern <postmodern.mod3@gmail.com>
1 parent a888ef6 commit e8607af

File tree

1 file changed

+3
-0
lines changed

1 file changed

+3
-0
lines changed

gems/faraday/CVE-2026-25765.yml

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -61,14 +61,17 @@ description: |
6161
```
6262
cvss_v3: 5.8
6363
patched_versions:
64+
- "~> 1.10.5"
6465
- ">= 2.14.1"
6566
related:
6667
url:
6768
- https://nvd.nist.gov/vuln/detail/CVE-2026-25765
6869
- https://github.com/lostisland/faraday/security/advisories/GHSA-33mh-2634-fwr2
6970
- https://github.com/lostisland/faraday/releases/tag/v2.14.1
71+
- https://github.com/lostisland/faraday/releases/tag/v1.10.5
7072
- https://github.com/lostisland/faraday/pull/1569
7173
- https://github.com/lostisland/faraday/commit/a6d3a3a0bf59c2ab307d0abd91bc126aef5561bc
74+
- https://github.com/lostisland/faraday/commit/d0fc049beb0b0e4e3bd4a52711189130bba7c5f4
7275
- https://www.rfc-editor.org/rfc/rfc3986#section-5.2.2
7376
- https://www.rfc-editor.org/rfc/rfc3986#section-5.4
7477
- https://advisories.gitlab.com/pkg/gem/faraday/CVE-2026-25765

0 commit comments

Comments
 (0)