UpgradeRuby.com

The go-to resource for upgrading Ruby, Rails, and your dependencies.

Posts Tagged: c-extensions

Understanding CVE-2008-2664: Unsafe Use of alloca in Ruby's rb_str_format

An in-depth look at CVE-2008-2664, a high-severity vulnerability in Ruby involving unsafe use of alloca in rb_str_format.

Mar 15, 2026

rubysecuritycvevulnerabilityc-extensions