Vulnerabilities > Rubyonrails > Actionpack Page Caching
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-27 | CVE-2021-22885 | Information Exposure Through an Error Message vulnerability in multiple products A possible information disclosure / unintended method execution vulnerability in Action Pack >= 2.0.0 when using the `redirect_to` or `polymorphic_url`helper with untrusted user input. | 5.0 |
| 2020-05-12 | CVE-2020-8159 | Path Traversal vulnerability in multiple products There is a vulnerability in actionpack_page-caching gem < v1.2.1 that allows an attacker to write arbitrary files to a web server, potentially resulting in remote code execution if the attacker can write unescaped ERB to a view. | 9.8 |