About the Security Announcements category
|
|
1
|
3530
|
February 10, 2021
|
Possible XSS Vulnerability in Action Controller
|
|
2
|
5586
|
February 27, 2024
|
Possible Denial of Service Vulnerability in Rack Header Parsing
|
|
0
|
2754
|
February 21, 2024
|
Possible ReDoS vulnerability in Accept header parsing in Action Dispatch
|
|
0
|
2416
|
February 21, 2024
|
Denial of Service Vulnerability in Rack Content-Type Parsing
|
|
0
|
3002
|
February 21, 2024
|
Possible Sensitive Session Information Leak in Active Storage
|
|
0
|
3534
|
February 21, 2024
|
Possible DoS Vulnerability with Range Header in Rack
|
|
0
|
2554
|
February 21, 2024
|
[CVE-2023-38037] Possible File Disclosure of Locally Encrypted Files
|
|
0
|
5416
|
August 22, 2023
|
[CVE-2023-28362] Possible XSS via User Supplied Values to redirect_to
|
|
0
|
10913
|
June 26, 2023
|
[CVE-2023-22799] Possible ReDoS based DoS vulnerability in GlobalID
|
|
0
|
5283
|
January 17, 2023
|
[CVE-2022-44572] Possible Denial of Service Vulnerability in Rack's RFC2183 boundary parsing
|
|
0
|
3978
|
January 17, 2023
|
[CVE-2022-44571] Possible Denial of Service Vulnerability in Rack Content-Disposition parsing
|
|
0
|
5836
|
January 17, 2023
|
[CVE-2023-27539] Possible Denial of Service Vulnerability in Rack's header parsing
|
|
0
|
6083
|
March 13, 2023
|
[CVE-2023-27531] Possible Deserialization of Untrusted Data vulnerability in Kredis JSON
|
|
0
|
3344
|
March 13, 2023
|
[CVE-2023-28120] Possible XSS Security Vulnerability in SafeBuffer#bytesplice
|
|
0
|
7323
|
March 13, 2023
|
[CVE-2023-23913] DOM Based Cross-site Scripting in rails-ujs for contenteditable HTML Elements
|
|
0
|
5435
|
March 13, 2023
|
[CVE-2023-27530] Possible DoS Vulnerability in Multipart MIME parsing
|
|
0
|
9344
|
March 2, 2023
|
[CVE-2022-44570] Possible Denial of Service Vulnerability in Rack's Range header parsing
|
|
0
|
6265
|
January 17, 2023
|
[CVE-2023-22794] SQL Injection Vulnerability via ActiveRecord comments
|
|
0
|
30025
|
January 17, 2023
|
[CVE-2023-22795] Possible ReDoS based DoS vulnerability in Action Dispatch
|
|
0
|
6760
|
January 17, 2023
|
[CVE-2022-44566] Possible Denial of Service Vulnerability in ActiveRecord's PostgreSQL adapter
|
|
0
|
6515
|
January 17, 2023
|
[CVE-2023-22797] Possible Open Redirect Vulnerability in Action Pack
|
|
0
|
4795
|
January 17, 2023
|
[CVE-2023-22796] Possible ReDoS based DoS vulnerability in Active Support's underscore
|
|
0
|
6801
|
January 17, 2023
|
[CVE-2023-22792] Possible ReDoS based DoS vulnerability in Action Dispatch
|
|
0
|
6751
|
January 17, 2023
|
Rails-html-sanitizer v1.4.4 addresses multiple CVEs
|
|
0
|
2692
|
December 13, 2022
|
[CVE-2022-32224] Possible RCE escalation bug with Serialized Columns in Active Record
|
|
0
|
36568
|
July 12, 2022
|
[CVE-2022-32209] Possible XSS Vulnerability in Rails::Html::Sanitizer
|
|
0
|
3789
|
June 9, 2022
|
[CVE-2022-30122] Denial of Service Vulnerability in Rack Multipart Parsing
|
|
0
|
7539
|
May 27, 2022
|
[CVE-2022-30123] Possible shell escape sequence injection vulnerability in Rack
|
|
0
|
8358
|
May 27, 2022
|
[CVE-2022-27777] Possible XSS Vulnerability in Action View tag helpers
|
|
0
|
12292
|
April 26, 2022
|