How to implement secret rotation?
|
|
4
|
1432
|
November 20, 2023
|
[CVE-2023-38037] Possible File Disclosure of Locally Encrypted Files
|
|
0
|
5973
|
August 22, 2023
|
[CVE-2023-28362] Possible XSS via User Supplied Values to redirect_to
|
|
0
|
11837
|
June 26, 2023
|
[CVE-2023-22799] Possible ReDoS based DoS vulnerability in GlobalID
|
|
0
|
5873
|
January 17, 2023
|
[CVE-2022-44572] Possible Denial of Service Vulnerability in Rack's RFC2183 boundary parsing
|
|
0
|
4520
|
January 17, 2023
|
[CVE-2022-44571] Possible Denial of Service Vulnerability in Rack Content-Disposition parsing
|
|
0
|
6733
|
January 17, 2023
|
[CVE-2023-27539] Possible Denial of Service Vulnerability in Rack's header parsing
|
|
0
|
6865
|
March 13, 2023
|
[CVE-2023-27531] Possible Deserialization of Untrusted Data vulnerability in Kredis JSON
|
|
0
|
3834
|
March 13, 2023
|
[CVE-2023-28120] Possible XSS Security Vulnerability in SafeBuffer#bytesplice
|
|
0
|
8204
|
March 13, 2023
|
[CVE-2023-23913] DOM Based Cross-site Scripting in rails-ujs for contenteditable HTML Elements
|
|
0
|
6301
|
March 13, 2023
|
Help Needed: Auto-incrementing ID vulnerability causing database malfunctions
|
|
1
|
1156
|
March 13, 2023
|
[CVE-2023-27530] Possible DoS Vulnerability in Multipart MIME parsing
|
|
0
|
10287
|
March 2, 2023
|
Is It Possible for an Attacker to Parse and Submit Authenticity Token Separately?
|
|
2
|
1298
|
February 17, 2023
|
[CVE-2022-44570] Possible Denial of Service Vulnerability in Rack's Range header parsing
|
|
0
|
7158
|
January 17, 2023
|
[CVE-2023-22794] SQL Injection Vulnerability via ActiveRecord comments
|
|
0
|
30805
|
January 17, 2023
|
[CVE-2023-22795] Possible ReDoS based DoS vulnerability in Action Dispatch
|
|
0
|
7536
|
January 17, 2023
|
[CVE-2022-44566] Possible Denial of Service Vulnerability in ActiveRecord's PostgreSQL adapter
|
|
0
|
7406
|
January 17, 2023
|
[CVE-2023-22797] Possible Open Redirect Vulnerability in Action Pack
|
|
0
|
5366
|
January 17, 2023
|
[CVE-2023-22796] Possible ReDoS based DoS vulnerability in Active Support's underscore
|
|
0
|
7510
|
January 17, 2023
|
[CVE-2023-22792] Possible ReDoS based DoS vulnerability in Action Dispatch
|
|
0
|
7470
|
January 17, 2023
|
Add OpenSSF Scorecard GitHub Action
|
|
0
|
1474
|
December 12, 2022
|
[CVE-2022-32224] Possible RCE escalation bug with Serialized Columns in Active Record
|
|
0
|
38920
|
July 12, 2022
|
Google sign-in (OAuth): should I allow to add it to existing accounts?
|
|
5
|
1572
|
July 1, 2022
|
[CVE-2022-30122] Denial of Service Vulnerability in Rack Multipart Parsing
|
|
0
|
8264
|
May 27, 2022
|
[CVE-2022-30123] Possible shell escape sequence injection vulnerability in Rack
|
|
0
|
9165
|
May 27, 2022
|
[Feature Proposal] Hash integration with ActiveSupport::ParameterFilter
|
|
0
|
1297
|
August 24, 2021
|