Vulnerabilities > Rubyonrails > Rails > 6.1.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-04 | CVE-2024-28103 | Unspecified vulnerability in Rubyonrails Rails Action Pack is a framework for handling and responding to web requests. | 9.8 |
| 2024-02-27 | CVE-2024-26144 | Unspecified vulnerability in Rubyonrails Rails Rails is a web-application framework. | 5.3 |
| 2023-02-09 | CVE-2023-22792 | Unspecified vulnerability in Rubyonrails Rails A regular expression based DoS vulnerability in Action Dispatch <6.0.6.1,< 6.1.7.1, and <7.0.4.1. | 7.5 |
| 2023-02-09 | CVE-2023-22795 | A regular expression based DoS vulnerability in Action Dispatch <6.1.7.1 and <7.0.4.1 related to the If-None-Match header. | 7.5 |
| 2022-02-11 | CVE-2022-23634 | Improper Resource Shutdown or Release vulnerability in multiple products Puma is a Ruby/Rack web server built for parallelism. | 5.9 |
| 2022-02-11 | CVE-2022-23633 | Improper Cross-boundary Removal of Sensitive Data vulnerability in multiple products Action Pack is a framework for handling and responding to web requests. | 5.9 |
| 2021-10-18 | CVE-2021-22942 | Open Redirect vulnerability in Rubyonrails Rails A possible open redirect vulnerability in the Host Authorization middleware in Action Pack >= 6.0.0 that could allow attackers to redirect users to a malicious website. | 6.1 |
| 2021-06-11 | CVE-2021-22903 | Open Redirect vulnerability in Rubyonrails Rails The actionpack ruby gem before 6.1.3.2 suffers from a possible open redirect vulnerability. | 6.1 |
| 2021-06-11 | CVE-2021-22904 | Unspecified vulnerability in Rubyonrails Rails The actionpack ruby gem before 6.1.3.2, 6.0.3.7, 5.2.4.6, 5.2.6 suffers from a possible denial of service vulnerability in the Token Authentication logic in Action Controller due to a too permissive regular expression. | 7.5 |
| 2021-05-27 | CVE-2021-22885 | Information Exposure Through an Error Message vulnerability in multiple products A possible information disclosure / unintended method execution vulnerability in Action Pack >= 2.0.0 when using the `redirect_to` or `polymorphic_url`helper with untrusted user input. | 7.5 |