ruby4.0-rubygem-railties-8.0-8.0.3-1.3 on GA media (moderate)

ruby4.0-rubygem-railties-8.0-8.0.3-1.3 on GA media Announcement ID: openSUSE-SU-2026:10362-1 Rating: moderate Cross-References: CVE-2024-54133 Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can now be installed. Description: These are all security issues fixed in t...

OPENSUSE-SU-2026:10362-1 ruby4.0-rubygem-railties-8.0-8.0.3-1.3 on GA media

These are all security issues fixed in the ruby4.0-rubygem-railties-8.0-8.0.3-1.3 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:10207-1 ruby2.2-rubygem-railties-4_2-4.2.7.1-1.1 on GA media

These are all security issues fixed in the ruby2.2-rubygem-railties-42-4.2.7.1-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:11832-1 ruby3.1-rubygem-railties-6.0-6.0.4.4-1.1 on GA media

These are all security issues fixed in the ruby3.1-rubygem-railties-6.0-6.0.4.4-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:11351-1 ruby2.7-rubygem-railties-6.0-6.0.4-1.2 on GA media

These are all security issues fixed in the ruby2.7-rubygem-railties-6.0-6.0.4-1.2 package on the GA media of openSUSE Tumbleweed...

Fedora: Security Advisory for rubygem-railties (FEDORA-2023-4f0bb4ff5e)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 39 Update: rubygem-railties-7.0.7.2-1.fc39

Rails internals: application bootup, plugins, generators, and rake tasks. Railties is responsible to glue all frameworks together. Overall, it: handles all the bootstrapping process for a Rails application; manages rails command line interface; provides Rails generators core;...

Information Exposure

Overview railties is an application bootup, plugins, generators, and rake tasks. Affected versions of this package are vulnerable to Information Exposure. The ImpactActiveSupport::EncryptedFile method writes contents that will be encrypted to a temporary file. The temporary file’s permissions are...

Fedora: Security Advisory for rubygem-railties (FEDORA-2023-7002afbbb8)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 37 Update: rubygem-railties-7.0.4.3-1.fc37

Rails internals: application bootup, plugins, generators, and rake tasks. Railties is responsible to glue all frameworks together. Overall, it: handles all the bootstrapping process for a Rails application; manages rails command line interface; provides Rails generators core;...

Fedora: Security Advisory for rubygem-railties (FEDORA-2023-d6157bb1e2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 38 Update: rubygem-railties-7.0.4.3-1.fc38

Rails internals: application bootup, plugins, generators, and rake tasks. Railties is responsible to glue all frameworks together. Overall, it: handles all the bootstrapping process for a Rails application; manages rails command line interface; provides Rails generators core;...

MAL-2023-718 Malicious code in railties (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ca2a029e076b6bf6c3c47bbc29d4df637c7e966d91a4e95f196e4178397daf1a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in railties (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ca2a029e076b6bf6c3c47bbc29d4df637c7e966d91a4e95f196e4178397daf1a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Fedora: Security Advisory for rubygem-railties (FEDORA-2021-7b8b65bc7a)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 34 Update: rubygem-railties-6.1.2.1-2.fc34

Rails internals: application bootup, plugins, generators, and rake tasks. Railties is responsible to glue all frameworks together. Overall, it: handles all the bootstrapping process for a Rails application; manages rails command line interface; provides Rails generators core;...

[SECURITY] Fedora 33 Update: rubygem-railties-6.0.3.3-1.fc33

Rails internals: application bootup, plugins, generators, and rake tasks. Railties is responsible to glue all frameworks together. Overall, it: handles all the bootstrapping process for a Rails application; manages rails command line interface; provides Rails generators core;...

Fedora Update for rubygem-railties FEDORA-2019-1cfe24db5c

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Remote Code Execution (RCE)

railties is vulnerable to remote code execution. A remote attacker is able to guess the automatically generated secret token when Rails is in development mode. This token can subsequently be used in combination with other Rails internals to execute arbitrary code...

Use of Insufficiently Random Values in Railties Allows Remote Code Execution

Possible Remote Code Execution Exploit in Rails Development Mode Impact ------ With some knowledge of a target application it is possible for an attacker to guess the automatically generated development mode secret token. This secret token can be used in combination with other Rails internals to...