Linux Distros Unpatched Vulnerability : CVE-2021-22885

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A possible information disclosure / unintended method execution vulnerability in Action Pack = 2.0.0 when using the redirectto or polymorphicurlhelper with...

Rails Action Pack 输入验证错误漏洞

Rails Action Pack is a web framework for the Rails community in the United States . It provides a mechanism for routing mapping request URLs to actions, defining controllers that implement actions, and generating responses by rendering views templates in various formats. An input validation error...

rubygem-actionpack: DoS vulnerability in authenticate_or_request_with_http_digest

The decodecredentials method in actionpack/lib/actioncontroller/metal/httpauthentication.rb in Ruby on Rails 3.x before 3.0.16, 3.1.x before 3.1.7, and 3.2.x before 3.2.7 converts Digest Authentication strings to symbols, which allows remote attackers to cause a denial of service by leveraging...