UpgradeRuby.com

The go-to resource for upgrading Ruby, Rails, and your dependencies.

Posts Tagged: cve-2008-3655

Understanding CVE-2008-3655: Multiple Insufficient $SAFE Level Restrictions in Ruby

An in-depth analysis of CVE-2008-3655, a vulnerability in early Ruby versions where incomplete $SAFE level checks allowed attackers to bypass sandbox restrictions.

Mar 15, 2026

rubysecuritycvecve-2008-3655sandboxvulnerability