Vulnerabilities > Rubyonrails

DATE CVE VULNERABILITY TITLE RISK
2024-06-04 CVE-2024-28103 Unspecified vulnerability in Rubyonrails Rails
Action Pack is a framework for handling and responding to web requests.
network
low complexity
rubyonrails
critical
9.8
2024-06-04 CVE-2024-32464 Cross-site Scripting vulnerability in Rubyonrails Rails
Action Text brings rich text content and editing to Rails.
network
low complexity
rubyonrails CWE-79
6.1
2023-02-09 CVE-2023-22792 Unspecified vulnerability in Rubyonrails Rails
A regular expression based DoS vulnerability in Action Dispatch <6.0.6.1,< 6.1.7.1, and <7.0.4.1.
network
low complexity
rubyonrails
7.5
2023-02-09 CVE-2023-22795 A regular expression based DoS vulnerability in Action Dispatch <6.1.7.1 and <7.0.4.1 related to the If-None-Match header.
network
low complexity
rubyonrails debian
7.5
2023-02-09 CVE-2023-22797 Open Redirect vulnerability in multiple products
An open redirect vulnerability is fixed in Rails 7.0.4.1 with the new protection against open redirects from calling redirect_to with untrusted user input.
network
low complexity
rubyonrails actionpack-project CWE-601
6.1
2023-02-09 CVE-2023-22799 Unspecified vulnerability in Rubyonrails Globalid
A ReDoS based DoS vulnerability in the GlobalID <1.0.1 which could allow an attacker supplying a carefully crafted input can cause the regular expression engine to take an unexpected amount of time.
network
low complexity
rubyonrails
7.5
2022-12-14 CVE-2022-23520 rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications.
network
low complexity
rubyonrails debian
6.1
2022-12-14 CVE-2022-23517 rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications.
network
low complexity
rubyonrails debian
7.5
2022-12-14 CVE-2022-23518 rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications.
network
low complexity
rubyonrails debian loofah-project
6.1
2022-12-14 CVE-2022-23519 Cross-site Scripting vulnerability in multiple products
rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications.
network
low complexity
rubyonrails debian CWE-79
6.1