2 matches found
CVE-2025-24293 vulnerabilities
Vulnerabilities for packages: gitlab-rails-ce...
GHSA-R4MG-4433-C7G3 Active Storage allowed transformation methods that were potentially unsafe
Active Storage attempts to prevent the use of potentially unsafe image transformation methods and parameters by default. The default allowed list contains three methods allowing for the circumvention of the safe defaults which enables potential command injection vulnerabilities in cases where...