Rails Security Vulnerabilities and Issues — Rails CVE List

Lucene search

RubyonrailsRails

3 matches found

CVE•added 2019/03/27 2:29 p.m.•279 views

CVE-2019-5420

A remote code execution vulnerability in development mode Rails <5.2.2.1,

9.8CVSS9.5AI score0.9338EPSS

CVE•added 2020/06/19 6:15 p.m.•214 views

CVE-2020-8165

A deserialization of untrusted data vulnernerability exists in rails < 5.2.4.3, rails

9.8CVSS9.1AI score0.81734EPSS

CVE•added 2024/06/04 8:15 p.m.•67 views

CVE-2024-28103

Action Pack is a framework for handling and responding to web requests. Since 6.1.0, the application configurable Permissions-Policy is only served on responses with an HTML related Content-Type. This vulnerability is fixed in 6.1.7.8, 7.0.8.2, and 7.1.3.3.

9.8CVSS6.8AI score0.00666EPSS