Lucene search
+L

6 matches found

OPENSUSE Linux
OPENSUSE Linux
added 2025/05/18 12:0 a.m.6 views

ruby3.4-rubygem-activestorage-7.0-7.0.8.6-1.3 on GA media (moderate)

ruby3.4-rubygem-activestorage-7.0-7.0.8.6-1.3 on GA media Announcement ID: openSUSE-SU-2025:15113-1 Rating: moderate Cross-References: CVE-2022-21831 CVSS scores: CVE-2022-21831 SUSE : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: openSUSE Tumbleweed An update that solves on...

9.8CVSS7.5AI score0.02742EPSS
Exploits0
Debian
Debian
added 2023/03/13 3:6 a.m.195 views

[SECURITY] [DSA 5372-1] rails security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5372-1 [email protected] https://www.debian.org/security/ Aron Xu March 13, 2023 https://www.debian.org/security/faq - -------------------------------------------------------------------------...

9.8CVSS7.8AI score0.04182EPSS
Exploits2
SUSE CVE
SUSE CVE
added 2023/02/15 3:28 a.m.4 views

SUSE CVE-2022-21831

A code injection vulnerability exists in the Active Storage = v5.2.0 that could allow an attacker to execute code via imageprocessing arguments...

9.8CVSS6.2AI score0.02742EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2022/10/21 9:32 a.m.43 views

Security Bulletin: A security vulnerability in Ruby on Rails affects IBM Cloud Pak for Multicloud Management Infrastructure Management [CVE-2022-21831]

Summary A security vulnerability in Ruby on Rails affects IBM Cloud Pak for Multicloud Management Infrastructure Management CVE-2022-21831 Vulnerability Details CVEID:CVE-2022-21831 DESCRIPTION: Ruby on Rails Active Storage module could allow a remote attacker to execute arbitrary code on the...

9.8CVSS9.7AI score0.02742EPSS
Exploits0Affected Software1
Hacker One
Hacker One
added 2022/07/27 8:3 p.m.108 views

Internet Bug Bounty: CVE-2022-21831: Possible code injection vulnerability in Rails / Active Storage

Original report: https://hackerone.com/reports/1154034 Rails advisory: https://discuss.rubyonrails.org/t/cve-2022-21831-possible-code-injection-vulnerability-in-rails-active-storage/80199 Blogpost:...

6.8CVSS8.9AI score0.02742EPSS
Exploits0
CVE
CVE
added 2022/05/26 12:0 a.m.301 views

CVE-2022-21831

CVE-2022-21831 affects Ruby on Rails’ Active Storage (Rails >= 5.2.0). The vulnerability arises from a code-injection in the image_processing backend (mini_magick), allowing remote code execution via crafted image_processing arguments. Impact is High (CVE describes RCE; CVSSv3.1 base score 9.8...

9.8CVSS9.4AI score0.02742EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder