Vulnerabilities > Rubyonrails > Rails > 7.0.2.2

DATE CVE VULNERABILITY TITLE RISK
2024-06-04 CVE-2024-28103 Unspecified vulnerability in Rubyonrails Rails
Action Pack is a framework for handling and responding to web requests.
network
low complexity
rubyonrails
critical
 9.8
9.8
2024-02-27 CVE-2024-26143 Cross-site Scripting vulnerability in Rubyonrails Rails
Rails is a web-application framework.
network
low complexity
rubyonrails CWE-79
6.1
6.1
2024-02-27 CVE-2024-26144 Unspecified vulnerability in Rubyonrails Rails
Rails is a web-application framework.
network
low complexity
rubyonrails
5.3
5.3
2023-02-09 CVE-2023-22792 Unspecified vulnerability in Rubyonrails Rails
A regular expression based DoS vulnerability in Action Dispatch <6.0.6.1,< 6.1.7.1, and <7.0.4.1.
network
low complexity
rubyonrails
7.5
7.5
2023-02-09 CVE-2023-22795 A regular expression based DoS vulnerability in Action Dispatch <6.1.7.1 and <7.0.4.1 related to the If-None-Match header.
network
low complexity
rubyonrails debian
7.5
7.5
2023-02-09 CVE-2023-22797 Open Redirect vulnerability in multiple products
An open redirect vulnerability is fixed in Rails 7.0.4.1 with the new protection against open redirects from calling redirect_to with untrusted user input.
network
low complexity
rubyonrails actionpack-project CWE-601
6.1
6.1