Filter
-Infinity
0
Trending
Debian LinuxA deserialization of untrusted data vulnernerability exists in rails < 5.2.4.3, rails < 6.0.3.1 that…
9.8
First published (updated )
rubygems/activestoragePossible Sensitive Session Information Leak in Active Storage
5.3
EPSS
0.04%
First published (updated )
redhat/rubygem-railsInformation Exposure when using Puma with Rails
8
First published (updated )
Ruby on RailsRuby on Rails Directory Traversal Vulnerability
First published (updated )
Ruby on RailsRuby on Rails Directory Traversal Vulnerability
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Ruby on RailsUnspecified vulnerability in the "dependency resolution mechanism" in Ruby on Rails 1.1.0 through 1.…
7.5
First published (updated )
Ruby on RailsThe (1) jdom.rb and (2) rexml.rb components in Active Support in Ruby on Rails before 4.1.11 and 4.2…
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Ruby on RailsA specially crafted HTTP If-None-Match header can cause the regular expression engine to enter a sta…
7.5
First published (updated )
rubygems/actionpackA regular expression based DoS vulnerability in Action Dispatch <6.0.6.1,< 6.1.7.1, and <7.0.4.1. Sp…
7.5
First published (updated )
Ruby on Rails ActionPackAn open redirect vulnerability is fixed in Rails 7.0.4.1 with the new protection against open redire…
6.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
rubygems/actionpackRails possible ReDoS vulnerability in Accept header parsing in Action Dispatch
7.5
EPSS
0.04%
First published (updated )
redhat/rubygem-rails-html-sanitizerrails-html-sanitizer contains an incomplete fix for an XSS vulnerability
6.1
First published (updated )
redhat/rubygem-rails-html-sanitizerPossible XSS vulnerability with certain configurations of rails-html-sanitizer
7.2
First published (updated )
rubygems/railsRails Possible XSS Vulnerability in Action Controller
6.1
EPSS
0.04%
First published (updated )
Ruby on Railsactionpack/lib/action_dispatch/http/request.rb in Ruby on Rails before 3.0.13, 3.1.x before 3.1.5, a…
6.4
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Ruby on RailsThe decode_credentials method in actionpack/lib/action_controller/metal/http_authentication.rb in Ru…
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Ruby on Railsactionpack/lib/action_dispatch/http/request.rb in Ruby on Rails before 3.0.14, 3.1.x before 3.1.6, a…
4.3
First published (updated )
rubygems/actionpackAction Pack is missing security headers on non-HTML responses
9.8
First published (updated )
redhat/railsExposure of sensitive information in Action Pack
7.4
First published (updated )
Ruby on RailsA open redirect vulnerability exists in Action Pack >= 6.0.0 that could allow an attacker to craft a…
6.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.