Filters
Versions
3.0.0
42
3.0.0-beta
37
3.0.0-beta2
37
3.0.0-beta3
37
3.0.0-beta4
37
3.0.0-rc
37
3.0.0-rc2
37
3.0.1
37
3.0.2
37
3.0.3
37
3.0.4-rc1
37
3.0.1-pre
36
3.0.2-pre
36
3.1.0
35
3.0.5
34
3.1.0-beta1
34
3.1.0-rc1
34
3.0.5-rc1
33
3.0.6
33
3.0.6-rc1
33
3.0.6-rc2
33
3.0.7
33
3.0.7-rc1
33
3.0.7-rc2
33
3.0.8-rc1
33
3.0.8-rc2
33
3.0.8-rc3
33
3.0.8-rc4
33
3.1.0-rc2
33
3.1.0-rc3
33
3.1.0-rc4
33
3.0.10-rc1
32
3.0.8
32
3.0.9
32
3.0.9-rc1
32
3.0.9-rc2
32
3.0.9-rc3
32
3.0.9-rc4
32
3.0.9-rc5
32
3.2.0
32
3.1.0-rc5
30
3.2.1
30
3.1.0-rc6
29
3.1.0-rc7
29
3.1.0-rc8
29
3.1.1
29
3.1.1-rc1
29
3.1.1-rc2
29
3.1.1-rc3
29
3.2.0-rc1
29
3.2.0-rc2
29
3.2.2-rc1
29
3.0.10
28
3.1.2
28
3.1.2-rc1
28
3.1.2-rc2
28
3.1.3
28
3.1.4-rc1
28
3.2.2
28
3.2.3
28
3.0.11
27
3.0.12-rc1
27
3.2.3-rc1
27
3.2.3-rc2
27
3.2.4-rc1
27
3.1.4
26
3.1.5-rc1
26
3.2.4
26
3.2.5
26
3.0.12
25
3.0.13-rc1
25
3.1.5
24
3.2.6
24
2.3.2
23
2.3.3
23
3.1.6
22
3.2.7
22
2.3.4
21
2.3.9
21
3.0.13
21
3.0.14
21
2.3.10
20
3.1.7
20
4.0.0
20
4.0.0-beta
20
4.0.0-rc1
20
4.0.0-rc2
20
4.0.1
20
4.0.1-rc1
20
2.1.0
19
3.2.8
19
2.3.11
18
3.2.10
18
3.2.11
18
2.0.0
17
2.1.1
17
2.3.12
17
3.0.16
17
3.1.8
17
3.2.9
17
2.0.0-rc1
16
2.0.0-rc2
16
2.0.1
16
2.0.2
16
2.1.2
16
2.2.0
16
2.2.1
16
3.1.10
16
3.1.9
16
3.2.12
16
4.1.0
16
2.0.4
15
2.2.2
15
3.0.17
15
3.0.18
15
3.0.19
15
4.0.1-rc2
15
4.0.1-rc3
15
4.0.1-rc4
15
4.0.2
15
4.1.0-beta1
15
3.0.20
14
4.1.1
14
4.1.2
14
4.0.3
13
4.0.4
13
4.1.3
13
4.1.4
13
4.2.0
13
4.2.0-beta1
13
4.2.1
13
6.0.0
13
4.0.5
12
4.0.6
12
4.0.6-rc1
12
4.0.6-rc2
12
4.0.6-rc3
12
4.1.2-rc1
12
4.1.2-rc2
12
4.1.2-rc3
12
4.1.5
12
1.1.0
11
1.1.1
11
1.1.2
11
1.1.3
11
3.2.13-rc1
11
3.2.13-rc2
11
4.0.7
11
4.0.8
11
4.1.7
11
4.2.0-beta2
11
4.2.2
11
4.2.3
11
4.2.4
11
4.2.5
11
0.10.0
10
0.10.1
10
0.11.0
10
0.11.1
10
0.12.0
10
0.12.1
10
0.13.0
10
0.13.1
10
0.14.1
10
0.14.2
10
0.14.3
10
0.14.4
10
0.9.1
10
0.9.2
10
0.9.3
10
0.9.4
10
0.9.4.1
10
1.0.0
10
1.1.4
10
1.1.5
10
4.0.10-rc1
10
4.0.9
10
4.1.6-rc1
10
4.1.8
10
4.2.0-beta3
10
4.2.3-rc1
10
4.2.4-rc1
10
4.2.5-rc1
10
4.2.5-rc2
10
5.0.0-beta1
10
1.1.6
9
1.2.0
9
1.2.1
9
1.2.2
9
1.2.3
9
1.2.4
9
1.2.5
9
1.2.6
9
1.9.5
9
2.3.0
9
2.3.1
9
2.3.13
9
2.3.14
9
2.3.15
9
4.2.0-beta4
9
4.2.0-rc1
9
4.2.0-rc2
9
4.2.0-rc3
9
4.2.1-rc1
9
4.2.1-rc2
9
4.2.1-rc3
9
4.2.1-rc4
9
2.3.16
8
3.2.13
8
6.1.0
8
3.2.15-rc3
7
4.1.6
7
3.2.16
6
4.0.10
6
4.2.5.1
6
7.0.0
6
3.2.17
5
4.0.4-rc1
5
4.1.0-beta2
5
4.1.0-rc1
5
4.1.0-rc2
5
4.1.10
5
4.1.10-rc1
5
4.1.10-rc2
5
4.1.10-rc3
5
4.1.10-rc4
5
4.1.12
5
4.1.12-rc1
5
4.1.13
5
4.1.13-rc1
5
4.1.14-rc1
5
4.1.14-rc2
5
4.1.6-rc2
5
4.1.7.1
5
4.1.9
5
4.1.9-rc1
5
4.2.5.2
5
4.2.6-rc1
5
5.0.0
5
3.2.15
4
3.2.18
4
4.1.14
4
5.0.0-beta1.1
4
5.0.0-beta2
4
5.0.0-beta3
4
5.2.0
4
5.1.0
3
4.2.6
2
4.2.7
2
4.2.7-rc1
2
5.1.4
2
7.1.0
2
7.2.0-beta1
2
1.9.3
1
2.3
1
2.3.18
1
3.1.12
1
3.2.21
1
3.2.22.2
1
3.2.7-rc1
1
3.2.8-rc1
1
3.2.8-rc2
1
3.2.9-rc1
1
3.2.9-rc2
1
3.2.9-rc3
1
4.1.14.2
1
4.1.15
1
4.1.15-rc1
1
4.1.16
1
4.1.16-rc1
1
5.0.0-beta4
1
5.0.0-rc1
1
5.0.0-rc2
1
5.2.0.0
1
5.2.5
1
6.0.0-beta1
1
6.0.0-beta2
1
6.0.0.0
1
6.0.4.2
1
6.1.0-rc2
1
6.1.0.0
1
6.1.1
1
6.1.4.2
1
7.0.0-rc2
1
rubygems/actiontextActionText ContentAttachment can Contain Unsanitized HTML
6.1
First published (updated )
rubygems/actionpackAction Pack is missing security headers on non-HTML responses
9.8
First published (updated )
Actionpack Project ActionpackAn open redirect vulnerability is fixed in Rails 7.0.4.1 with the new protection against open redire…
6.1
First published (updated )
Rubyonrails RailsA specially crafted HTTP If-None-Match header can cause the regular expression engine to enter a sta…
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Rubyonrails RailsA regular expression based DoS vulnerability in Action Dispatch <6.0.6.1,< 6.1.7.1, and <7.0.4.1. Sp…
7.5
First published (updated )
Rubyonrails RailsRuby on Rails _table.html.erb cross site scripting
5.4
First published (updated )
rubygems/actionpackExposure of sensitive information in Action Pack
7.4
First published (updated )
Rubyonrails RailsInformation Exposure when using Puma with Rails
8
First published (updated )
Rubyonrails RailsA open redirect vulnerability exists in Action Pack >= 6.0.0 that could allow an attacker to craft a…
6.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
debian/railsA possible open redirect vulnerability in the Host Authorization middleware in Action Pack >= 6.0.0 …
6.1
First published (updated )
Rubyonrails RailsThe actionpack ruby gem before 6.1.3.2 suffers from a possible open redirect vulnerability. Speciall…
6.1
First published (updated )
rubygems/actionpackA flaw was found in RubyGem Actionpack which is framework for handling and responding to web request…
7.5
First published (updated )
rubygems/actionpackA flaw was found in RubyGem Actionpack which is framework for handling and responding to web request…
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Rubyonrails RailsCVE-2021-22881
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Rubyonrails RailsA denial of service vulnerability exists in Rails <6.0.3.2 that allowed an untrusted user to run any…
6.5
First published (updated )
Debian Debian LinuxA deserialization of untrusted data vulnerability exists in rails < 5.2.4.3, rails < 6.0.3.1 which c…
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Debian Debian LinuxA deserialization of untrusted data vulnernerability exists in rails < 5.2.4.3, rails < 6.0.3.1 that…
9.8
First published (updated )
Debian Debian LinuxThe encrypt/decrypt functions in Ruby on Rails 2.3 are vulnerable to padding oracle attacks.
6.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Rubyonrails RailsA Broken Access Control vulnerability in Active Job versions >= 4.2.0 allows an attacker to craft us…
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Rubyonrails RailsRuby on Rails Directory Traversal Vulnerability
First published (updated )
Rubyonrails RailsActive Model in Ruby on Rails 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta…
5.3
First published (updated )
Rubyonrails RailsThe http_basic_authenticate_with method in actionpack/lib/action_controller/metal/http_authenticatio…
4.3
First published (updated )
Rubyonrails Railsactionpack/lib/action_dispatch/http/mime_type.rb in Action Pack in Ruby on Rails before 3.2.22.1, 4.…
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Rubyonrails Railsactionpack/lib/action_dispatch/routing/route_set.rb in Action Pack in Ruby on Rails 4.x before 4.2.5…
7.5
First published (updated )
Rubyonrails Railsactiverecord/lib/active_record/nested_attributes.rb in Active Record in Ruby on Rails 3.1.x and 3.2.…
5.3
First published (updated )
Rubyonrails RailsThe (1) jdom.rb and (2) rexml.rb components in Active Support in Ruby on Rails before 4.1.11 and 4.2…
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.