CVE-2026-33658

Active Storage allows users to attach cloud and local files in Rails applications. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1 Active Storage's proxy controller does not limit the number of byte ranges in an HTTP Range header. A request with thousands of small ranges causes disproportionate C...

CVE-2026-33658

Active Storage allows users to attach cloud and local files in Rails applications. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1 Active Storage's proxy controller does not limit the number of byte ranges in an HTTP Range header. A request with thousands of small ranges causes disproportionate C...

SUSE CVE-2026-33176

Active Support is a toolkit of support libraries and Ruby core extensions extracted from the Rails framework. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1, Active Support number helpers accept strings containing scientific notation e.g. 1e10000, which BigDecimal expands into extremely large...

Memory Allocation with Excessive Size Value

Overview Affected versions of this package are vulnerable to Memory Allocation with Excessive Size Value in the Blobs::ProxyController. An attacker can exhaust server memory by sending requests with large or unbounded range headers. Remediation Upgrade activestorage to version 7.2.3.1, 8.0.4.1,...

UBUNTU-CVE-2026-33195

Active Storage allows users to attach cloud and local files in Rails applications. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1, Active Storage's DiskServicepathfor does not validate that the resolved filesystem path remains within the storage root directory. If a blob key containing path...

CVE-2026-33202

Active Storage allows users to attach cloud and local files in Rails applications. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1, Active Storage's DiskServicedeleteprefixed passes blob keys directly to Dir.glob without escaping glob metacharacters. If a blob key contains attacker-controlled inp...

UBUNTU-CVE-2026-33168

Action View provides conventions and helpers for building web pages with the Rails framework. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1, when a blank string is used as an HTML attribute name in Action View tag helpers, the attribute escaping is bypassed, producing malformed HTML. A carefull...

CVE-2026-33169 Rails Active Support has a possible ReDoS vulnerability in number_to_delimited

Active Support is a toolkit of support libraries and Ruby core extensions extracted from the Rails framework. NumberToDelimitedConverter uses a lookahead-based regular expression with gsub! to insert thousands delimiters. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1, the interaction between th...

CVE-2026-33168

Action View provides conventions and helpers for building web pages with the Rails framework. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1, when a blank string is used as an HTML attribute name in Action View tag helpers, the attribute escaping is bypassed, producing malformed HTML. A carefull...

PT-2026-27255

Name of the Vulnerable Software and Affected Versions Rails versions prior to 8.1.2.1 Rails versions prior to 8.0.4.1 Rails versions prior to 7.2.3.1 Description Action View tag helpers are susceptible to an issue where attribute escaping is bypassed when a blank string is used as an HTML attribu...

Rails 安全漏洞

Rails is an open-source web application framework based on the Ruby language, developed by the Rails team in the United States. There are security vulnerabilities in versions of Rails Active Support before 8.1.2.1, 8.0.4.1, and 7.2.3.1. These vulnerabilities stem from digital helper functions...