Lucene search
+L

211 matches found

Github Security Blog
Github Security Blog
added 2026/03/23 9:17 p.m.9 views

Rails Active Storage has possible Path Traversal in DiskService

Impact Active Storage's DiskServicepathfor does not validate that the resolved filesystem path remains within the storage root directory. If a blob key containing path traversal sequences e.g. ../ is used, it could allow reading, writing, or deleting arbitrary files on the server. Blob keys are...

9.8CVSS5.4AI score0.00567EPSS
Exploits0References10Affected Software1
OSV
OSV
added 2026/03/23 9:17 p.m.3 views

GHSA-9XRJ-H377-FR87 Rails Active Storage has possible Path Traversal in DiskService

Impact Active Storage's DiskServicepathfor does not validate that the resolved filesystem path remains within the storage root directory. If a blob key containing path traversal sequences e.g. ../ is used, it could allow reading, writing, or deleting arbitrary files on the server. Blob keys are...

9.3CVSS5.9AI score0.00567EPSS
Exploits0References10
Github Security Blog
Github Security Blog
added 2026/03/23 9:8 p.m.9 views

Rails Active Storage has a possible DoS vulnerability when in proxy mode via Range requests

Impact When serving files through Active Storage's Blobs::ProxyController, the controller loads the entire requested byte range into memory before sending it. A request with a large or unbounded Range header e.g. bytes=0- could cause the server to allocate memory proportional to the file size,...

8.7CVSS5.3AI score0.0061EPSS
Exploits0References10Affected Software1
EUVD
EUVD
added 2026/03/23 9:8 p.m.5 views

EUVD-2026-14628

Rails Active Storage has a possible DoS vulnerability when in proxy mode via Range requests...

8.7CVSS5.8AI score0.0061EPSS
Exploits0References7
OSV
OSV
added 2026/03/23 9:8 p.m.5 views

GHSA-R46P-8F7G-VVVG Rails Active Storage has a possible DoS vulnerability when in proxy mode via Range requests

Impact When serving files through Active Storage's Blobs::ProxyController, the controller loads the entire requested byte range into memory before sending it. A request with a large or unbounded Range header e.g. bytes=0- could cause the server to allocate memory proportional to the file size,...

8.7CVSS5.8AI score0.0061EPSS
Exploits0References10
Github Security Blog
Github Security Blog
added 2026/03/23 8:54 p.m.9 views

Rails Active Storage has possible content type bypass via metadata in direct uploads

Impact Active Storage's DirectUploadsController accepts arbitrary metadata from the client and persists it on the blob. Because internal flags like identified and analyzed are stored in the same metadata hash, a malicious direct-upload client could set these flags. Releases The fixed releases are...

5.3CVSS5.4AI score0.0039EPSS
Exploits0References10Affected Software1
EUVD
EUVD
added 2026/03/23 8:54 p.m.5 views

EUVD-2026-14626

Rails Active Storage has possible content type bypass via metadata in direct uploads...

5.3CVSS5.8AI score0.0039EPSS
Exploits0References7
OSV
OSV
added 2026/03/23 8:54 p.m.4 views

GHSA-QCFX-2MFW-W4CG Rails Active Storage has possible content type bypass via metadata in direct uploads

Impact Active Storage's DirectUploadsController accepts arbitrary metadata from the client and persists it on the blob. Because internal flags like identified and analyzed are stored in the same metadata hash, a malicious direct-upload client could set these flags. Releases The fixed releases are...

5.3CVSS5.9AI score0.0039EPSS
Exploits0References10
CNNVD
CNNVD
added 2026/03/23 12:0 a.m.8 views

Rails 路径遍历漏洞

Rails is an open-source web application framework based on the Ruby language, developed by the Rails team in the United States. Versions of Rails Active Storage prior to 8.1.2.1, 8.0.4.1, and 7.2.3.1 contained a path traversal vulnerability. This vulnerability stemmed from the lack of verificatio...

9.8CVSS5.8AI score0.00567EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/03/23 12:0 a.m.8 views

PT-2026-27259

Name of the Vulnerable Software and Affected Versions Rails versions prior to 8.1.2.1 Rails versions prior to 8.0.4.1 Rails versions prior to 7.2.3.1 Description Active Storage in Rails applications allows users to attach files from cloud and local sources. Prior to versions 8.1.2.1, 8.0.4.1, and...

5.3CVSS5.9AI score0.0039EPSS
Exploits0References21
Positive Technologies
Positive Technologies
added 2026/03/23 12:0 a.m.5 views

PT-2026-27260

Name of the Vulnerable Software and Affected Versions Rails versions prior to 8.1.2.1 Rails versions prior to 8.0.4.1 Rails versions prior to 7.2.3.1 Description Active Storage in Rails applications allows users to attach cloud and local files. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1, the...

8.7CVSS5.8AI score0.0061EPSS
Exploits0References21
RubySec
RubySec
added 2026/03/23 12:0 a.m.10 views

Rails Active Storage has possible glob injection in its DiskService

Impact Active Storage's DiskServicedeleteprefixed passes blob keys directly to Dir.glob without escaping glob metacharacters. If a blob key contains attacker-controlled input or custom-generated keys with glob metacharacters, it may be possible to delete unintended files from the storage director...

9.1CVSS5.7AI score0.00646EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2026/03/23 12:0 a.m.10 views

Rails Active Storage has possible Path Traversal in DiskService

Impact Active Storage's DiskServicepathfor does not validate that the resolved filesystem path remains within the storage root directory. If a blob key containing path traversal sequences e.g. ../ is used, it could allow reading, writing, or deleting arbitrary files on the server. Blob keys are...

9.8CVSS5.9AI score0.00567EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2026/03/23 12:0 a.m.11 views

Rails Active Storage has possible content type bypass via metadata in direct uploads

Impact Active Storage's DirectUploadsController accepts arbitrary metadata from the client and persists it on the blob. Because internal flags like identified and analyzed are stored in the same metadata hash, a malicious direct-upload client could set these flags. Releases The fixed releases are...

5.3CVSS5.9AI score0.0039EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2026/03/23 12:0 a.m.14 views

Rails Active Storage has a possible DoS vulnerability when in proxy mode via Range requests

Impact When serving files through Active Storage's Blobs::ProxyController, the controller loads the entire requested byte range into memory before sending it. A request with a large or unbounded Range header e.g. bytes=0- could cause the server to allocate memory proportional to the file size,...

8.7CVSS5.8AI score0.0061EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/23 12:0 a.m.5 views

PT-2026-27263

Name of the Vulnerable Software and Affected Versions Rails versions prior to 8.1.2.1 Rails versions prior to 8.0.4.1 Rails versions prior to 7.2.3.1 Description Active Storage enables users to attach cloud and local files within Rails applications. A flaw exists in the DiskServicedelete prefixed...

9.1CVSS5.8AI score0.00646EPSS
Exploits0References21
CNNVD
CNNVD
added 2026/03/23 12:0 a.m.8 views

Rails 注入漏洞

Rails is an open-source web application framework based on the Ruby language, developed by the Rails team in the United States. There were injection vulnerabilities in versions of Rails Active Storage prior to 8.1.2.1, 8.0.4.1, and 7.2.3.1. These vulnerabilities stemmed from the direct passing of...

9.1CVSS5.8AI score0.00646EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/03/23 12:0 a.m.8 views

Rails 安全漏洞

Rails is an open-source web application framework based on the Ruby language, developed by the Rails team in the United States. There are security vulnerabilities in versions of Rails Active Storage prior to 8.1.2.1, 8.0.4.1, and 7.2.3.1. These vulnerabilities stem from the proxy controller loadi...

8.7CVSS5.8AI score0.0061EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/03/23 12:0 a.m.25 views

PT-2026-27262

Name of the Vulnerable Software and Affected Versions Rails versions prior to 8.1.2.1 Rails versions prior to 8.0.4.1 Rails versions prior to 7.2.3.1 Description Active Storage in Rails applications allows users to attach cloud and local files. The DiskServicepath for function does not validate...

9.8CVSS5.9AI score0.00567EPSS
Exploits0References21
Hacker One
Hacker One
added 2026/03/02 7:38 a.m.17 views

Ruby on Rails: ActiveStorage Disk Service Path Traversal via Custom Blob Key Injection

A vulnerability was discovered in the ActiveStorage Disk Service component of Ruby on Rails. The vulnerability allowed an attacker to achieve arbitrary file write, read, and delete on the server's filesystem by injecting a malicious blob key. The vulnerability was due to insufficient validation o...

5.9AI score
Exploits0
Rows per page
Query Builder