Security Announcements

Topic	Replies	Views	Activity
[CVE-2023-22797] Possible Open Redirect Vulnerability in Action Pack patch , security , actioncontroller	0	5451	January 17, 2023
[CVE-2023-22796] Possible ReDoS based DoS vulnerability in Active Support's underscore patch , activesupport , security	0	7650	January 17, 2023
[CVE-2023-22792] Possible ReDoS based DoS vulnerability in Action Dispatch patch , security , actiondispatch	0	7556	January 17, 2023
Rails-html-sanitizer v1.4.4 addresses multiple CVEs	0	2986	December 13, 2022
[CVE-2022-32224] Possible RCE escalation bug with Serialized Columns in Active Record patch , activerecord , security	0	40395	July 12, 2022
[CVE-2022-32209] Possible XSS Vulnerability in Rails::Html::Sanitizer	0	4119	June 9, 2022
[CVE-2022-30122] Denial of Service Vulnerability in Rack Multipart Parsing announcement , rack , security	0	8361	May 27, 2022
[CVE-2022-30123] Possible shell escape sequence injection vulnerability in Rack announcement , rack , security	0	9392	May 27, 2022
[CVE-2022-27777] Possible XSS Vulnerability in Action View tag helpers	0	13089	April 26, 2022
[CVE-2022-22577] Possible XSS Vulnerability in Action Pack patch	0	11588	April 26, 2022
[CVE-2022-21831] Possible code injection vulnerability in Rails / Active Storage	0	10579	March 8, 2022
[CVE-2022-23633] Possible exposure of information vulnerability in Action Pack	0	9570	February 11, 2022
Possible Open Redirect in Host Authorization Middleware	0	6089	December 14, 2021
[CVE-2021-22942] Possible Open Redirect in Host Authorization Middleware	0	8143	August 19, 2021
[CVE-2021-22904] Possible DoS Vulnerability in Action Controller Token Authentication	0	11231	May 5, 2021
[CVE-2021-22885] Possible Information Disclosure / Unintended Method Execution in Action Pack	0	6821	May 5, 2021
[CVE-2021-22903] Possible Open Redirect Vulnerability in Action Pack	0	8190	May 5, 2021
[CVE-2021-22902] Possible Denial of Service vulnerability in Action Dispatch	0	11201	May 5, 2021
[CVE-2021-22881] Possible Open Redirect in Host Authorization Middleware	0	8707	February 10, 2021
[CVE-2021-22880] Possible DoS Vulnerability in Active Record PostgreSQL adapter	0	10644	February 10, 2021
[CVE-2020-8264] Possible XSS Vulnerability in Action Pack in Development Mode	1	5538	October 16, 2020