Rails Security Vulnerabilities and Issues — Rails CVE List | Vulners.com

Lucene search

K

RubyonrailsRails

7 matches found

CVE•added 2020/06/19 6:15 p.m.•211 views

CVE-2020-8165

A deserialization of untrusted data vulnernerability exists in rails < 5.2.4.3, rails

9.8CVSS9.1AI score0.90958EPSS

CVE•added 2020/07/02 7:15 p.m.•201 views

CVE-2020-8166

A CSRF forgery vulnerability exists in rails < 5.2.5, rails

4.3CVSS4.5AI score0.00443EPSS

CVE•added 2020/06/19 5:15 p.m.•189 views

CVE-2020-8164

A deserialization of untrusted data vulnerability exists in rails < 5.2.4.3, rails

7.5CVSS8AI score0.05862EPSS

CVE•added 2020/07/02 7:15 p.m.•181 views

CVE-2020-8185

A denial of service vulnerability exists in Rails

6.5CVSS6.2AI score0.01071EPSS

CVE•added 2020/07/02 7:15 p.m.•180 views

CVE-2020-8163

The is a code injection vulnerability in versions of Rails prior to 5.0.1 that wouldallow an attacker who controlled the locals argument of a render call to perform a RCE.

8.8CVSS8.5AI score0.90099EPSS

CVE•added 2020/06/19 6:15 p.m.•177 views

CVE-2020-8167

A CSRF vulnerability exists in rails

6.5CVSS7.5AI score0.00592EPSS

CVE•added 2020/06/19 5:15 p.m.•102 views

CVE-2020-8162

A client side enforcement of server side security vulnerability exists in rails < 5.2.4.2 and rails

7.5CVSS7.2AI score0.01549EPSS