Vulnerabilities > Rubyonrails
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-04 | CVE-2024-28103 | Unspecified vulnerability in Rubyonrails Rails Action Pack is a framework for handling and responding to web requests. | 9.8 |
| 2024-06-04 | CVE-2024-32464 | Cross-site Scripting vulnerability in Rubyonrails Rails Action Text brings rich text content and editing to Rails. | 6.1 |
| 2023-02-09 | CVE-2023-22792 | Unspecified vulnerability in Rubyonrails Rails A regular expression based DoS vulnerability in Action Dispatch <6.0.6.1,< 6.1.7.1, and <7.0.4.1. | 7.5 |
| 2023-02-09 | CVE-2023-22795 | A regular expression based DoS vulnerability in Action Dispatch <6.1.7.1 and <7.0.4.1 related to the If-None-Match header. | 7.5 |
| 2023-02-09 | CVE-2023-22797 | Open Redirect vulnerability in multiple products An open redirect vulnerability is fixed in Rails 7.0.4.1 with the new protection against open redirects from calling redirect_to with untrusted user input. | 6.1 |
| 2023-02-09 | CVE-2023-22799 | Unspecified vulnerability in Rubyonrails Globalid A ReDoS based DoS vulnerability in the GlobalID <1.0.1 which could allow an attacker supplying a carefully crafted input can cause the regular expression engine to take an unexpected amount of time. | 7.5 |
| 2022-12-14 | CVE-2022-23520 | Cross-site Scripting vulnerability in multiple products rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. | 6.1 |
| 2022-12-14 | CVE-2022-23517 | rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. | 7.5 |
| 2022-12-14 | CVE-2022-23518 | Cross-site Scripting vulnerability in multiple products rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. | 6.1 |
| 2022-12-14 | CVE-2022-23519 | Cross-site Scripting vulnerability in multiple products rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. | 6.1 |