Lucene search
K

10 matches found

UbuntuCve
UbuntuCve
added 2026/01/30 9:15 p.m.3 views

CVE-2025-24293

Active Storage allowed transformation methods potentially unsafe Active Storage attempts to prevent the use of potentially unsafe image transformation methods and parameters by default. The default allowed list contains three methods allow for the circumvention of the safe defaults which enables...

9.2CVSS6.2AI score0.02388EPSS
Exploits0References8
UbuntuCve
UbuntuCve
added 2024/12/10 11:15 p.m.12 views

CVE-2024-54133

Action Pack is a framework for handling and responding to web requests. There is a possible Cross Site Scripting XSS vulnerability in the contentsecuritypolicy helper starting in version 5.2.0 of Action Pack and prior to versions 7.0.8.7, 7.1.5.1, 7.2.2.1, and 8.0.0.1. Applications which set...

2.3CVSS6.3AI score0.01009EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2024/10/16 9:15 p.m.12 views

CVE-2024-47889

Action Mailer is a framework for designing email service layers. Starting in version 3.0.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1, there is a possible ReDoS vulnerability in the blockformat helper in Action Mailer. Carefully crafted text can cause the blockformat helper to...

8.7CVSS6.4AI score0.00944EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2024/10/16 9:15 p.m.20 views

CVE-2024-47888

Action Text brings rich text content and editing to Rails. Starting in version 6.0.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1, there is a possible ReDoS vulnerability in the plaintextforblockquotenode helper in Action Text. Carefully crafted text can cause the...

8.7CVSS6.4AI score0.00991EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2024/10/16 8:15 p.m.14 views

CVE-2024-47887

Action Pack is a framework for handling and responding to web requests. Starting in version 4.0.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1, there is a possible ReDoS vulnerability in Action Controller's HTTP Token authentication. For applications using HTTP Token authenticatio...

8.7CVSS6.4AI score0.01048EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2024/10/16 6:15 p.m.6 views

CVE-2024-41128

Action Pack is a framework for handling and responding to web requests. Starting in version 3.1.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1, there is a possible ReDoS vulnerability in the query parameter filtering routines of Action Dispatch. Carefully crafted query parameters...

8.7CVSS6.4AI score0.01103EPSS
Exploits0References9
UbuntuCve
UbuntuCve
added 2020/07/02 7:15 p.m.38 views

CVE-2020-8185

A denial of service vulnerability exists in Rails 6.0.3.2 that allowed an untrusted user to run any pending migrations on a Rails app running in production...

6.5CVSS6.8AI score0.02181EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2017/12/29 4:29 p.m.45 views

CVE-2017-17917

SQL injection vulnerability in the 'where' method in Ruby on Rails 5.1.4 and earlier allows remote attackers to execute arbitrary SQL commands via the 'id' parameter. NOTE: The vendor disputes this issue because the documentation states that this method is not intended for use with untrusted inpu...

8.1CVSS7.5AI score0.02264EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2016/02/16 2:59 a.m.32 views

CVE-2016-0752

Directory traversal vulnerability in Action View in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 allows remote attackers to read arbitrary files by leveraging an application's unrestricted use of the render method and providing...

7.5CVSS6.9AI score0.95537EPSS
Exploits11References3
UbuntuCve
UbuntuCve
added 2016/02/16 2:59 a.m.26 views

CVE-2015-7581

actionpack/lib/actiondispatch/routing/routeset.rb in Action Pack in Ruby on Rails 4.x before 4.2.5.1 and 5.x before 5.0.0.beta1.1 allows remote attackers to cause a denial of service superfluous caching and memory consumption by leveraging an application's use of a wildcard controller route...

7.5CVSS7.1AI score0.06535EPSS
Exploits0References2
Rows per page
Query Builder