diff --git a/rubies/ruby/CVE-2011-3624.yml b/rubies/ruby/CVE-2011-3624.yml
new file mode 100644
index 0000000000..15dceb4f3b
--- /dev/null
+++ b/rubies/ruby/CVE-2011-3624.yml
@@ -0,0 +1,29 @@
+---
+engine: ruby
+cve: 2011-3624
+ghsa: rc82-v3mm-rhj2
+url: https://nvd.nist.gov/vuln/detail/CVE-2011-3624
+title: WEBrick::HTTPRequest X-Forwarded-* allows arbitrary data
+date: 2019-11-25
+description: |
+  Various methods in WEBrick::HTTPRequest do not validate the
+  X-Forwarded-For, X-Forwarded-Host and X-Forwarded-Server headers in
+  requests, which might allow remote attackers to inject arbitrary text
+  into log files or bypass intended address parsing via a crafted header.
+cvss_v2: 5.0
+cvss_v3: 5.3
+patched_versions:
+  - ">= 3.0.0"
+related:
+  url:
+    - https://nvd.nist.gov/vuln/detail/CVE-2011-3624
+    - https://www.ruby-lang.org/en/news/2020/12/25/ruby-3-0-0-released
+    - https://github.com/ruby/ruby/blob/v3_0_0/NEWS.md
+    - https://bugs.ruby-lang.org/issues/17303
+    - https://raw.githubusercontent.com/ruby/ruby/refs/heads/ruby_1_9_2/ChangeLog
+    - https://access.redhat.com/security/cve/cve-2011-3624
+    - https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-3624
+    - https://security-tracker.debian.org/tracker/CVE-2011-3624
+    - https://github.com/advisories/GHSA-rc82-v3mm-rhj2
+notes: |
+  - Ruby 3.0.0 was the release when webrick was moved into a separate gem.