Topics tagged security

Topic	Replies	Views	Activity
[CVE-2023-22799] Possible ReDoS based DoS vulnerability in GlobalID Security Announcements security , patch , globalid	0	1927	January 17, 2023
[CVE-2022-44572] Possible Denial of Service Vulnerability in Rack's RFC2183 boundary parsing Security Announcements security , rack , patch	0	1282	January 17, 2023
[CVE-2022-44571] Possible Denial of Service Vulnerability in Rack Content-Disposition parsing Security Announcements security , patch , rack	0	1902	January 17, 2023
[CVE-2023-27539] Possible Denial of Service Vulnerability in Rack's header parsing Security Announcements security , patch , announcement	0	2281	March 13, 2023
[CVE-2023-27531] Possible Deserialization of Untrusted Data vulnerability in Kredis JSON Security Announcements announcement , security , patch	0	745	March 13, 2023
[CVE-2023-28120] Possible XSS Security Vulnerability in SafeBuffer#bytesplice Security Announcements patch , announcement , security	0	3418	March 13, 2023
[CVE-2023-23913] DOM Based Cross-site Scripting in rails-ujs for contenteditable HTML Elements Security Announcements announcement , patch , security	0	1256	March 13, 2023
Help Needed: Auto-incrementing ID vulnerability causing database malfunctions rubyonrails-core security	1	123	March 13, 2023
[CVE-2023-27530] Possible DoS Vulnerability in Multipart MIME parsing Security Announcements announcement , security	0	4698	March 2, 2023
Is It Possible for an Attacker to Parse and Submit Authenticity Token Separately? rubyonrails-talk security	2	242	February 17, 2023
[CVE-2022-44570] Possible Denial of Service Vulnerability in Rack's Range header parsing Security Announcements security , rack , patch	0	2140	January 17, 2023
[CVE-2023-22794] SQL Injection Vulnerability via ActiveRecord comments Security Announcements activerecord , patch , security	0	3470	January 17, 2023
[CVE-2023-22795] Possible ReDoS based DoS vulnerability in Action Dispatch Security Announcements patch , security , actiondispatch	0	3065	January 17, 2023
[CVE-2022-44566] Possible Denial of Service Vulnerability in ActiveRecord's PostgreSQL adapter Security Announcements security , activerecord , patch	0	2719	January 17, 2023
[CVE-2023-22797] Possible Open Redirect Vulnerability in Action Pack Security Announcements actioncontroller , security , patch	0	2110	January 17, 2023
[CVE-2023-22796] Possible ReDoS based DoS vulnerability in Active Support's underscore Security Announcements activesupport , security , patch	0	2891	January 17, 2023
[CVE-2023-22792] Possible ReDoS based DoS vulnerability in Action Dispatch Security Announcements security , actiondispatch , patch	0	2738	January 17, 2023
Add OpenSSF Scorecard GitHub Action rubyonrails-core security , feature	0	362	December 12, 2022
[CVE-2022-32224] Possible RCE escalation bug with Serialized Columns in Active Record Security Announcements patch , security , activerecord	0	27395	July 12, 2022
Google sign-in (OAuth): should I allow to add it to existing accounts? rubyonrails-talk security	5	378	July 1, 2022
[CVE-2022-30122] Denial of Service Vulnerability in Rack Multipart Parsing Security Announcements announcement , security , rack	0	3524	May 27, 2022
[CVE-2022-30123] Possible shell escape sequence injection vulnerability in Rack Security Announcements rack , security , announcement	0	4306	May 27, 2022
[Feature Proposal] Hash integration with ActiveSupport::ParameterFilter rubyonrails-core activesupport , security	0	323	August 24, 2021