URI Credential Leakage Bypass over CVE-2025-27221_CVE-2025-61594

2.7 / 10

LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U

Description

URI is a module providing classes to handle Uniform Resource Identifiers. In versions prior to 0.12.5, 0.13.3, and 1.0.4, a bypass exists for the fix to CVE-2025-27221 that can expose user credentials. When using the `+` operator to combine URIs, sensitive information like passwords from the original URI can be leaked, violating RFC3986 and making applications vulnerable to credential exposure. Versions 0.12.5, 0.13.3, and 1.0.4 fix the issue.

Basic Information

ID CVE-2025-61594

Source GitHub_M

Published Dec 30, 2025 at 21:03

Modified Dec 30, 2025 at 21:29

Affected Product

Vendor ruby

Product uri

Affected Versions ruby uri 0
ruby uri 0.13.0
ruby uri 1.0.0

CWE Classification

CWE-212

References

{
    "lastseen": "",
    "description": "URI is a module providing classes to handle Uniform Resource Identifiers. In versions prior to 0.12.5, 0.13.3, and 1.0.4, a bypass exists for the fix to CVE-2025-27221 that can expose user credentials. When using the `+` operator to combine URIs, sensitive information like passwords from the original URI can be leaked, violating RFC3986 and making applications vulnerable to credential exposure. Versions 0.12.5, 0.13.3, and 1.0.4 fix the issue.",
    "published": "2025-12-30T21:03:08.990Z",
    "modified": "2025-12-30T21:29:39.048Z",
    "type": "cve",
    "title": "URI Credential Leakage Bypass over CVE-2025-27221",
    "source": "GitHub_M",
    "references": "https://www.ruby-lang.org/en/news/2025/10/07/uri-cve-2025-61594/\nhttps://github.com/rubysec/ruby-advisory-db/blob/master/gems/uri/CVE-2025-61594.yml\nhttps://github.com/ruby/uri/commit/7e521b2da0833d964aab43019e735aea674e1c2c\nhttps://github.com/ruby/uri/commit/20157e3e29b125ff41f1d9662e2e3b1d066f5902\nhttps://github.com/ruby/uri/commit/d3116ca66a3b1c97dc7577f9d2d6e353f391cd6a",
    "id": "CVE-2025-61594",
    "bulletinFamily": "",
    "cwe": [
        "CWE-212"
    ],
    "cvelist": null,
    "sourceData": "ruby uri 0\nruby uri 0.13.0\nruby uri 1.0.0",
    "sourceHref": "",
    "cvss": {
        "score": 2.7,
        "severity": "LOW",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "uri",
    "version": "0",
    "vendor": "ruby",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}