CVE-2026-38969

Publication date 3 July 2026

Last updated 4 July 2026


Ubuntu priority

Description

ruby webrick through v1.9.2 WEBrick reparses trailer Content-Length into canonical request state, enabling request smuggling.

Status

Package Ubuntu Release Status
ruby-webrick 26.04 LTS resolute
Needs evaluation
25.10 questing
Needs evaluation
24.04 LTS noble
Needs evaluation
22.04 LTS jammy
Needs evaluation


Access our resources on patching vulnerabilities