Lucene search
K

9803 matches found

RedhatCVE
RedhatCVE
added 2026/03/24 11:2 a.m.6 views

CVE-2026-33195

A flaw was found in Active Storage, a component of Rails applications that manages file attachments. This vulnerability allows an attacker to manipulate file paths by using specially crafted input in blob keys. This manipulation can lead to unauthorized reading, writing, or deletion of arbitrary...

9.8CVSS5.8AI score0.00567EPSS
Exploits0References10
RedhatCVE
RedhatCVE
added 2026/03/24 10:55 a.m.10 views

CVE-2026-33173

A flaw was found in Rails Active Storage. A remote attacker, acting as a direct-upload client, can exploit this vulnerability by manipulating metadata during file uploads. By setting internal flags, the attacker can bypass the system's automatic MIME Multipurpose Internet Mail Extensions type...

7.6CVSS6AI score0.0039EPSS
Exploits0References10
RedhatCVE
RedhatCVE
added 2026/03/24 10:50 a.m.9 views

CVE-2026-33174

A flaw was found in Rails Active Storage. A remote attacker can exploit this vulnerability by sending a request with a large or unbounded Range header, such as bytes=0-, when files are served through Active Storage's proxy delivery mode. This action can cause the server to allocate memory...

8.7CVSS5.7AI score0.0061EPSS
Exploits0References10
RedhatCVE
RedhatCVE
added 2026/03/24 10:2 a.m.7 views

CVE-2026-33170

A flaw was found in Active Support, a toolkit of support libraries for the Rails framework. When a SafeBuffer is modified in place and subsequently formatted with untrusted input, the @htmlunsafe flag is not correctly propagated. This improper handling causes the buffer to incorrectly report as...

6.1CVSS5.8AI score0.00327EPSS
Exploits0References10
NVD
NVD
added 2026/03/24 12:16 a.m.2 views

CVE-2026-33202

Active Storage allows users to attach cloud and local files in Rails applications. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1, Active Storage's DiskServicedeleteprefixed passes blob keys directly to Dir.glob without escaping glob metacharacters. If a blob key contains attacker-controlled inp...

9.1CVSS0.00646EPSS
Exploits0References7
OSV
OSV
added 2026/03/24 12:16 a.m.3 views

DEBIAN-CVE-2026-33202

Active Storage allows users to attach cloud and local files in Rails applications. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1, Active Storage's DiskServicedeleteprefixed passes blob keys directly to Dir.glob without escaping glob metacharacters. If a blob key contains attacker-controlled inp...

9.1CVSS5.2AI score0.00646EPSS
Exploits0References1
NVD
NVD
added 2026/03/24 12:16 a.m.2 views

CVE-2026-33174

Active Storage allows users to attach cloud and local files in Rails applications. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1, when serving files through Active Storage's proxy delivery mode, the proxy controller loads the entire requested byte range into memory before sending it. A request...

8.7CVSS0.0061EPSS
Exploits0References7
NVD
NVD
added 2026/03/24 12:16 a.m.4 views

CVE-2026-33169

Active Support is a toolkit of support libraries and Ruby core extensions extracted from the Rails framework. NumberToDelimitedConverter uses a lookahead-based regular expression with gsub! to insert thousands delimiters. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1, the interaction between th...

6.9CVSS0.00498EPSS
Exploits0References7
NVD
NVD
added 2026/03/24 12:16 a.m.6 views

CVE-2026-33176

Active Support is a toolkit of support libraries and Ruby core extensions extracted from the Rails framework. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1, Active Support number helpers accept strings containing scientific notation e.g. 1e10000, which BigDecimal expands into extremely large...

8.7CVSS0.0061EPSS
Exploits0References7
NVD
NVD
added 2026/03/24 12:16 a.m.3 views

CVE-2026-33173

Active Storage allows users to attach cloud and local files in Rails applications. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1, DirectUploadsController accepts arbitrary metadata from the client and persists it on the blob. Because internal flags like identified and analyzed are stored in the...

5.3CVSS0.0039EPSS
Exploits0References7
OSV
OSV
added 2026/03/24 12:16 a.m.4 views

DEBIAN-CVE-2026-33173

Active Storage allows users to attach cloud and local files in Rails applications. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1, DirectUploadsController accepts arbitrary metadata from the client and persists it on the blob. Because internal flags like identified and analyzed are stored in the...

5.3CVSS5.6AI score0.0039EPSS
Exploits0References1
OSV
OSV
added 2026/03/24 12:16 a.m.6 views

DEBIAN-CVE-2026-33176

Active Support is a toolkit of support libraries and Ruby core extensions extracted from the Rails framework. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1, Active Support number helpers accept strings containing scientific notation e.g. 1e10000, which BigDecimal expands into extremely large...

7.5CVSS4.7AI score0.0061EPSS
Exploits0References1
OSV
OSV
added 2026/03/24 12:16 a.m.5 views

DEBIAN-CVE-2026-33195

Active Storage allows users to attach cloud and local files in Rails applications. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1, Active Storage's DiskServicepathfor does not validate that the resolved filesystem path remains within the storage root directory. If a blob key containing path...

9.8CVSS5.5AI score0.00567EPSS
Exploits0References1
OSV
OSV
added 2026/03/24 12:16 a.m.5 views

DEBIAN-CVE-2026-33174

Active Storage allows users to attach cloud and local files in Rails applications. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1, when serving files through Active Storage's proxy delivery mode, the proxy controller loads the entire requested byte range into memory before sending it. A request...

7.5CVSS5.4AI score0.0061EPSS
Exploits0References1
OSV
OSV
added 2026/03/24 12:16 a.m.6 views

DEBIAN-CVE-2026-33169

Active Support is a toolkit of support libraries and Ruby core extensions extracted from the Rails framework. NumberToDelimitedConverter uses a lookahead-based regular expression with gsub! to insert thousands delimiters. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1, the interaction between th...

5.3CVSS4.4AI score0.00498EPSS
Exploits0References1
NVD
NVD
added 2026/03/24 12:16 a.m.4 views

CVE-2026-33195

Active Storage allows users to attach cloud and local files in Rails applications. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1, Active Storage's DiskServicepathfor does not validate that the resolved filesystem path remains within the storage root directory. If a blob key containing path...

9.8CVSS0.00567EPSS
Exploits0References10
OSV
OSV
added 2026/03/24 12:16 a.m.5 views

UBUNTU-CVE-2026-33176

Active Support is a toolkit of support libraries and Ruby core extensions extracted from the Rails framework. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1, Active Support number helpers accept strings containing scientific notation e.g. 1e10000, which BigDecimal expands into extremely large...

8.7CVSS5.8AI score0.0061EPSS
Exploits0References9
UbuntuCve
UbuntuCve
added 2026/03/24 12:16 a.m.10 views

CVE-2026-33173

Active Storage allows users to attach cloud and local files in Rails applications. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1, DirectUploadsController accepts arbitrary metadata from the client and persists it on the blob. Because internal flags like identified and analyzed are stored in the...

5.3CVSS6AI score0.0039EPSS
Exploits0References8
UbuntuCve
UbuntuCve
added 2026/03/24 12:16 a.m.3 views

CVE-2026-33202

Active Storage allows users to attach cloud and local files in Rails applications. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1, Active Storage's DiskServicedeleteprefixed passes blob keys directly to Dir.glob without escaping glob metacharacters. If a blob key contains attacker-controlled inp...

9.1CVSS5.8AI score0.00646EPSS
Exploits0References8
UbuntuCve
UbuntuCve
added 2026/03/24 12:16 a.m.3 views

CVE-2026-33170

Active Support is a toolkit of support libraries and Ruby core extensions extracted from the Rails framework. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1, SafeBuffer% does not propagate the @htmlunsafe flag to the newly created buffer. If a SafeBuffer is mutated in place e.g. via gsub! and th...

6.1CVSS5.9AI score0.00327EPSS
Exploits0References8
Rows per page
Query Builder