Security Announcements

Topic	Replies	Views	Activity
About the Security Announcements category	1	1754	February 10, 2021
[CVE-2023-22799] Possible ReDoS based DoS vulnerability in GlobalID patch , security , globalid	0	1286	January 17, 2023
[CVE-2022-44572] Possible Denial of Service Vulnerability in Rack's RFC2183 boundary parsing patch , rack , security	0	829	January 17, 2023
[CVE-2022-44571] Possible Denial of Service Vulnerability in Rack Content-Disposition parsing patch , rack , security	0	1292	January 17, 2023
[CVE-2023-27539] Possible Denial of Service Vulnerability in Rack's header parsing announcement , patch , security	0	1099	March 13, 2023
[CVE-2023-27531] Possible Deserialization of Untrusted Data vulnerability in Kredis JSON announcement , patch , security	0	288	March 13, 2023
[CVE-2023-28120] Possible XSS Security Vulnerability in SafeBuffer#bytesplice announcement , patch , security	0	1943	March 13, 2023
[CVE-2023-23913] DOM Based Cross-site Scripting in rails-ujs for contenteditable HTML Elements announcement , patch , security	0	584	March 13, 2023
[CVE-2023-27530] Possible DoS Vulnerability in Multipart MIME parsing announcement , security	0	3195	March 2, 2023
[CVE-2022-44570] Possible Denial of Service Vulnerability in Rack's Range header parsing patch , rack , security	0	1512	January 17, 2023
[CVE-2023-22794] SQL Injection Vulnerability via ActiveRecord comments patch , activerecord , security	0	2727	January 17, 2023
[CVE-2023-22795] Possible ReDoS based DoS vulnerability in Action Dispatch patch , security , actiondispatch	0	2147	January 17, 2023
[CVE-2022-44566] Possible Denial of Service Vulnerability in ActiveRecord's PostgreSQL adapter patch , activerecord , security	0	2040	January 17, 2023
[CVE-2023-22797] Possible Open Redirect Vulnerability in Action Pack patch , security , actioncontroller	0	1628	January 17, 2023
[CVE-2023-22796] Possible ReDoS based DoS vulnerability in Active Support's underscore patch , activesupport , security	0	2123	January 17, 2023
[CVE-2023-22792] Possible ReDoS based DoS vulnerability in Action Dispatch patch , security , actiondispatch	0	1989	January 17, 2023
Rails-html-sanitizer v1.4.4 addresses multiple CVEs	0	1185	December 13, 2022
[CVE-2022-32224] Possible RCE escalation bug with Serialized Columns in Active Record patch , activerecord , security	0	25018	July 12, 2022
[CVE-2022-32209] Possible XSS Vulnerability in Rails::Html::Sanitizer	0	2069	June 9, 2022
[CVE-2022-30122] Denial of Service Vulnerability in Rack Multipart Parsing announcement , rack , security	0	2969	May 27, 2022
[CVE-2022-30123] Possible shell escape sequence injection vulnerability in Rack announcement , rack , security	0	3562	May 27, 2022
[CVE-2022-27777] Possible XSS Vulnerability in Action View tag helpers	0	7907	April 26, 2022
[CVE-2022-22577] Possible XSS Vulnerability in Action Pack patch	0	7239	April 26, 2022
[CVE-2022-21831] Possible code injection vulnerability in Rails / Active Storage	0	6713	March 8, 2022
[CVE-2022-23633] Possible exposure of information vulnerability in Action Pack	0	6660	February 11, 2022
Possible Open Redirect in Host Authorization Middleware	0	4549	December 14, 2021
[CVE-2021-22942] Possible Open Redirect in Host Authorization Middleware	0	6285	August 19, 2021
[CVE-2021-22904] Possible DoS Vulnerability in Action Controller Token Authentication	0	7583	May 5, 2021
[CVE-2021-22885] Possible Information Disclosure / Unintended Method Execution in Action Pack	0	5272	May 5, 2021
[CVE-2021-22903] Possible Open Redirect Vulnerability in Action Pack	0	6003	May 5, 2021