ruby webrick through v1.9.2 WEBrick reparses trailer Content-Length into canonical request state, enabling request smuggling.
{ "binaries": [ { "binary_name": "ruby-webrick", "binary_version": "1.7.0-3ubuntu0.2" } ] }
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-38969.json"
{ "binaries": [ { "binary_name": "ruby-webrick", "binary_version": "1.8.1-1ubuntu0.2" } ] }
{ "binaries": [ { "binary_name": "ruby-webrick", "binary_version": "1.9.1-1" } ] }
{ "binaries": [ { "binary_name": "ruby-webrick", "binary_version": "1.9.2-1" } ] }