Rails Security Vulnerabilities and Issues — Rails CVE List

Lucene search

RubyonrailsRails

3 matches found

CVE•added 2023/02/09 8:15 p.m.•344 views

CVE-2023-22795

A regular expression based DoS vulnerability in Action Dispatch <6.1.7.1 and

7.5CVSS7.3AI score0.00895EPSS

CVE•added 2023/02/09 8:15 p.m.•234 views

CVE-2023-22792

A regular expression based DoS vulnerability in Action Dispatch <6.0.6.1,< 6.1.7.1, and

7.5CVSS7.3AI score0.0236EPSS

CVE•added 2023/02/09 8:15 p.m.•116 views

CVE-2023-22797

An open redirect vulnerability is fixed in Rails 7.0.4.1 with the new protection against open redirects from calling redirect_to with untrusted user input. In prior versions the developer was fully responsible for only providing trusted input. However the check introduced could allow an attacker to...

6.1CVSS5.8AI score0.00135EPSS