Unity Linux 20.1060e / 20.1070e Security Update: rubygem-actionpack (UTSA-2026-017610)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017610 advisory. The actionpack ruby gem before 6.1.3.2, 6.0.3.7, 5.2.4.6, 5.2.6 suffers from a possible denial of service vulnerability in the Token Authentication logic in Action...

Unity Linux 20.1060e / 20.1070e Security Update: rubygem-actionpack (UTSA-2026-017586)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017586 advisory. A possible information disclosure / unintended method execution vulnerability in Action Pack = 2.0.0 when using the redirectto or polymorphicurlhelper with untrusted...

RHCOS 6 : rubygem-actionpack and ruby193-rubygem-actionpack (RHSA-2013:0698)

The remote Red Hat Enterprise Linux CoreOS 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2013:0698 advisory. - rubygem-actionpack: csssanitization: XSS vulnerability in sanitizecss CVE-2013-1855 - rubygem-actionpack: sanitizeprotocol: XSS...

OPENSUSE-SU-2026:10338-1 ruby4.0-rubygem-actionpack-8.0-8.0.3-1.3 on GA media

These are all security issues fixed in the ruby4.0-rubygem-actionpack-8.0-8.0.3-1.3 package on the GA media of openSUSE Tumbleweed...

EUVD-2021-0742

Malware in sbrugna...

EUVD-2021-1009

Malware in sbrugna...

EUVD-2022-7065

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2021-22902

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The actionpack ruby gem a framework for handling and responding to web requests in Rails before 6.0.3.7, 6.1.3.2 suffers from a possible denial of service...

Linux Distros Unpatched Vulnerability : CVE-2020-8159

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There is a vulnerability in actionpackpage-caching gem v1.2.1 that allows an attacker to write arbitrary files to a web server, potentially resulting in remote...

openSUSE Security Advisory (SUSE-SU-2024:0103-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

ruby3.4-rubygem-actionpack-8.0-8.0.1-1.1 on GA media (moderate)

ruby3.4-rubygem-actionpack-8.0-8.0.1-1.1 on GA media Announcement ID: openSUSE-SU-2025:14671-1 Rating: moderate Cross-References: CVE-2024-54133 Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can now be installed. Description: These are all security issues fixed in...

OESA-2024-2465 rubygem-actionpack security update

Eases web-request routing, handling, and response as a half-way front, half-way page controller. Implemented with specific emphasis on enabling easy unit/integration testing that doesn't require a browser. Security Fixes: A Cross-site Scripting XSS vulnerability was found in Actionpack due to...

OESA-2024-2411 rubygem-actionpack security update

Eases web-request routing, handling, and response as a half-way front, half-way page controller. Implemented with specific emphasis on enabling easy unit/integration testing that doesn't require a browser. Security Fixes: Action Pack is a framework for handling and responding to web requests...

OPENSUSE-SU-2024:14472-1 ruby3.3-rubygem-actionpack-7.0-7.0.8.6-1.1 on GA media

These are all security issues fixed in the ruby3.3-rubygem-actionpack-7.0-7.0.8.6-1.1 package on the GA media of openSUSE Tumbleweed...

RHEL 6 / 7 : rh-ror42-rubygem-actionpack (RHSA-2019:1149)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:1149 advisory. Ruby on Rails is a model-view-controller MVC framework for web application development. Action Pack implements the controller and the vi...

SUSE SLES15 Security Update : rubygem-actionpack-5_1 (SUSE-SU-2024:3877-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3877-1 advisory. - CVE-2024-47887: Fixed Possible ReDoS vulnerability in HTTP Token authentication in Action Controller bsc1231729. - CVE-2024-42228: Fixed...

Security update for rubygem-actionpack-5_1

This update for rubygem-actionpack-51 fixes the following issues: CVE-2024-47887: Fixed Possible ReDoS vulnerability in HTTP Token authentication in Action Controller bsc1231729. CVE-2024-42228: Fixed uninitialized value size when calling amdgpuvcecsreloc bsc1228667. Patch Instructions: To instal...

SUSE-SU-2024:3877-1 Security update for rubygem-actionpack-5_1

This update for rubygem-actionpack-51 fixes the following issues: - CVE-2024-47887: Fixed Possible ReDoS vulnerability in HTTP Token authentication in Action Controller bsc1231729. - CVE-2024-42228: Fixed uninitialized value size when calling amdgpuvcecsreloc bsc1228667...

CVE-2024-41128

A flaw was found in rubygem actionpack. Carefully crafted query parameters can cause query parameter filtering to take an unexpected amount of time, possibly resulting in a denial of service...

RHSA-2013:0698 Red Hat Security Advisory: rubygem-actionpack and ruby193-rubygem-actionpack security update

Bulletin has no description...