GHSA-2J22-PR5W-6GQ8 vulnerabilities

Vulnerabilities for packages: ruby3.3-rails, ruby3.2-rails, ruby4.0-rails, ruby3.4-rails...

Rails 安全漏洞

Rails is an open-source web application framework based on the Ruby language, developed by the Rails team in the United States. Vulnerabilities exist in versions of Rails prior to 8.1.2.1, 8.0.4.1, and 7.2.3.1. These vulnerabilities stem from a problem with regular expressions that involves...

[SECURITY] [DLA 4416-1] rails security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4416-1 [email protected] https://www.debian.org/lts/security/ Bastien Roucariès December 21, 2025 https://wiki.debian.org/LTS -...

Debian dla-4383 : rails - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4383 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4383-1 [email protected]...

ROS-20250625-03

Vulnerability of eachpair function from strongparameters.rb of Ruby on Rails software platform is related to recovery of an invalid data structure in memory. Exploitation of the vulnerability could allow a remote attacker to gain access to confidential data Vulnerability in Ruby on Rails software...

GHSA-5W6V-399V-W3CC vulnerabilities

Vulnerabilities for packages: ruby3.4-rails...

GHSA-MRXW-MXHJ-P664 vulnerabilities

Vulnerabilities for packages: ruby3.3-rails, ruby3.2-rails, ruby3.4-rails...

Debian dsa-5881 : rails - security update

The remote Debian 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5881 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5881-1 [email protected] https://www.debian.org/securit...

USN-7290-1: Rails vulnerabilities

It was discovered that Rails did not correctly handle parsing block formats in email service layers. An attacker could possibly use this issue to cause a denial of service. CVE-2024-47889 It was discovered that Rails did not correctly handle parsing block quotes in rich text content. An attacker...

USN-7290-1 rails vulnerabilities

It was discovered that Rails did not correctly handle parsing block formats in email service layers. An attacker could possibly use this issue to cause a denial of service. CVE-2024-47889 It was discovered that Rails did not correctly handle parsing block quotes in rich text content. An attacker...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS : Rails vulnerabilities (USN-7290-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7290-1 advisory. It was discovered that Rails did not correctly handle parsing block formats in email service layers. An attacker coul...

DLA-604-1 ruby-actionpack-3.2 - security update

Bulletin has no description...

PT-2013-2139

Name of the Vulnerable Software and Affected Versions Ruby on Rails versions 2.3.15 and earlier Ruby on Rails versions 3.0.x through 3.0.18 Ruby on Rails versions 3.1.x through 3.1.9 Ruby on Rails versions 3.2.x through 3.2.10 Description The issue allows remote attackers to conduct...