Vulnerabilities > Rubyonrails > Rails > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-08-14 | CVE-2006-4112 | Denial of Service vulnerability in Ruby on Rails Routing Unspecified vulnerability in the "dependency resolution mechanism" in Ruby on Rails 1.1.0 through 1.1.5 allows remote attackers to execute arbitrary Ruby code via a URL that is not properly handled in the routing code, which leads to a denial of service (application hang) or "data loss," a different vulnerability than CVE-2006-4111. | 7.5 |
| 2006-08-14 | CVE-2006-4111 | Code Injection vulnerability in Rubyonrails Rails and Ruby ON Rails Ruby on Rails before 1.1.5 allows remote attackers to execute Ruby code with "severe" or "serious" impact via a File Upload request with an HTTP header that modifies the LOAD_PATH variable, a different vulnerability than CVE-2006-4112. | 7.5 |