Vulnerabilities > Rubyonrails > Rails > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-04 | CVE-2024-28103 | Unspecified vulnerability in Rubyonrails Rails Action Pack is a framework for handling and responding to web requests. | 9.8 |
| 2019-03-27 | CVE-2019-5420 | Use of Insufficiently Random Values vulnerability in multiple products A remote code execution vulnerability in development mode Rails <5.2.2.1, <6.0.0.beta3 can allow an attacker to guess the automatically generated development mode secret token. | 9.8 |
| 2013-02-13 | CVE-2013-0277 | Remote Code Execution vulnerability in Ruby on Rails ActiveRecord in Ruby on Rails before 2.3.17 and 3.x before 3.1.0 allows remote attackers to cause a denial of service or execute arbitrary code via crafted serialized attributes that cause the +serialize+ helper to deserialize arbitrary YAML. | 10.0 |