Astra Linux - уязвимость в rails

A potential information disclosure/vulnerability in Action Pack = 2.0.0, where using the redirectto or polymorphicurl helper with untrusted user input may lead to unintended method executions...

Unity Linux 20.1060e / 20.1070e Security Update: rubygem-actionpack (UTSA-2026-017586)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017586 advisory. A possible information disclosure / unintended method execution vulnerability in Action Pack = 2.0.0 when using the redirectto or polymorphicurlhelper with untrusted...

Linux Distros Unpatched Vulnerability : CVE-2021-22885

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A possible information disclosure / unintended method execution vulnerability in Action Pack = 2.0.0 when using the redirectto or polymorphicurlhelper with...

SUSE CVE-2021-22885

A possible information disclosure / unintended method execution vulnerability in Action Pack = 2.0.0 when using the redirectto or polymorphicurlhelper with untrusted user input...

OESA-2021-1236 rubygem-actionpack security update

Eases web-request routing, handling, and response as a half-way front, half-way page controller. Implemented with specific emphasis on enabling easy unit/integration testing that doesn't require a browser. Security Fixes: A possible information disclosure/unintended method execution vulnerability...

DEBIAN-CVE-2021-22885

A possible information disclosure / unintended method execution vulnerability in Action Pack = 2.0.0 when using the redirectto or polymorphicurlhelper with untrusted user input...

Information Exposure

Overview Affected versions of this package are vulnerable to Information Exposure. There is a possible information exposure / unintended method execution when using the redirectto or polymorphicurl helper with untrusted user input. This arises because urlfor supports building polymorphic URLs via...