Ruby On Rails@3.2.19 Security Vulnerabilities and Issues — Ruby On Rails@3.2.19 CVE List

Lucene search

RubyonrailsRuby On Rails3.2.19

3 matches found

CVE•added 2016/09/07 7:28 p.m.•85 views

CVE-2016-6316

Cross-site scripting (XSS) vulnerability in Action View in Ruby on Rails 3.x before 3.2.22.3, 4.x before 4.2.7.1, and 5.x before 5.0.0.1 might allow remote attackers to inject arbitrary web script or HTML via text declared as "HTML safe" and used as attribute values in tag handlers.

6.1CVSS6.1AI score0.02193EPSS

CVE•added 2014/11/08 11:55 a.m.•77 views

CVE-2014-7818

Directory traversal vulnerability in actionpack/lib/action_dispatch/middleware/static.rb in Action Pack in Ruby on Rails 3.x before 3.2.20, 4.0.x before 4.0.11, 4.1.x before 4.1.7, and 4.2.x before 4.2.0.beta3, when serve_static_assets is enabled, allows remote attackers to determine the existence ...

4.3CVSS6.4AI score0.00409EPSS

CVE•added 2014/11/18 11:59 p.m.•75 views

CVE-2014-7829

Directory traversal vulnerability in actionpack/lib/action_dispatch/middleware/static.rb in Action Pack in Ruby on Rails 3.x before 3.2.21, 4.0.x before 4.0.12, 4.1.x before 4.1.8, and 4.2.x before 4.2.0.beta4, when serve_static_assets is enabled, allows remote attackers to determine the existence ...

5CVSS6.5AI score0.00409EPSS