Rubyonrails

136 tracked vulnerabilities.

CVE-2024-53988 MEDIUM
Rails::HTML::Sanitizer 1.6.0 - XSS
Dec 02, 2024
CVSS 6.1
EPSS 0.02
CVE-2024-53987 MEDIUM
Rails::HTML::Sanitizer 1.6.0 - XSS
Dec 02, 2024
CVSS 6.1
EPSS 0.01
CVE-2024-53986 MEDIUM
Rails::HTML::Sanitizer 1.6.0 - XSS
Dec 02, 2024
CVSS 6.1
EPSS 0.02
CVE-2024-53985 MEDIUM
Rails::HTML::Sanitizer <1.16.8 - XSS
Dec 02, 2024
CVSS 6.1
EPSS 0.02
CVE-2024-53989 MEDIUM
Rails::HTML::Sanitizer 1.6.0 - XSS
Dec 02, 2024
CVSS 6.1
EPSS 0.02
CVE-2024-32464 MEDIUM
Action Text <7.1.3.4,7.2.0.beta2 - XSS
Jun 04, 2024
CVSS 6.1
EPSS 0.00
CVE-2024-28103 MEDIUM
Rails < 6.1.7.8 - Improper Input Validation
Jun 04, 2024
CVSS 5.4
EPSS 0.01
CVE-2024-26144 MEDIUM
Rails < 6.1.7.7 - Information Disclosure
Feb 27, 2024
CVSS 5.3
EPSS 0.02
CVE-2024-26143 MEDIUM
Rails < 7.0.8.1 - XSS
Feb 27, 2024
CVSS 6.1
EPSS 0.02
CVE-2024-26142 HIGH
Rails < 7.1.3.1 - Denial of Service
Feb 27, 2024
CVSS 7.5
EPSS 0.03
CVE-2023-22799 HIGH
Rubyonrails Globalid < 1.0.1 - Denial of Service
Feb 09, 2023
CVSS 7.5
EPSS 0.02
CVE-2023-22797 MEDIUM
Actionpack < 7.0.4.1 - Open Redirect
Feb 09, 2023
CVSS 6.1
EPSS 0.00
CVE-2023-22795 HIGH
Rails < 6.1.7.1 - Denial of Service
Feb 09, 2023
CVSS 7.5
EPSS 0.02
CVE-2023-22792 HIGH
Rails < 6.0.6.1 - Denial of Service
Feb 09, 2023
CVSS 7.5
EPSS 0.03
CVE-2022-23520 MEDIUM
Rubyonrails Rails Html Sanitizers < 1.4.4 - XSS
Dec 14, 2022
CVSS 6.1
EPSS 0.00
CVE-2022-23519 HIGH
Rubyonrails Rails Html Sanitizers < 1.4.4 - XSS
Dec 14, 2022
CVSS 7.2
EPSS 0.00
CVE-2022-23518 MEDIUM
Rubyonrails Rails Html Sanitizers < 1.4.4 - XSS
Dec 14, 2022
CVSS 6.1
EPSS 0.00
CVE-2022-23517 HIGH
Rubyonrails Rails Html Sanitizers < 1.4.4 - Denial of Service
Dec 14, 2022
CVSS 7.5
EPSS 0.00
CVE-2022-3704 LOW
Rails - XSS
Oct 26, 2022
CVSS 3.5
EPSS 0.00
CVE-2022-32209 MEDIUM
Rubyonrails Rails Html Sanitizers < 1.4.3 - XSS
Jun 24, 2022
CVSS 6.1
EPSS 0.05
CVE-2022-27777 MEDIUM
Rubyonrails Actionpack < 5.2.7.1 - XSS
May 26, 2022
CVSS 6.1
EPSS 0.01
CVE-2022-22577 MEDIUM
Action Pack >=5.2.0-<5.2.0 - XSS
May 26, 2022
CVSS 6.1
EPSS 0.00
CVE-2022-21831 CRITICAL
Rubyonrails Active Storage < 5.2.6.3 - Code Injection
May 26, 2022
CVSS 9.8
EPSS 0.01
CVE-2022-23634 HIGH
Puma < 4.3.11 - Information Disclosure
Feb 11, 2022
CVSS 8.0
EPSS 0.00
CVE-2022-23633 HIGH
Rails < 5.2.6.2 - Information Disclosure
Feb 11, 2022
CVSS 7.4
EPSS 0.00
Products
rails 109 ruby_on_rails 49 rails_html_sanitizers 10 html_sanitizer 4 actionpack 2 actionpack_page-caching 2 globalid 1 active_storage 1 jquery-rails 1 jquery-ujs 1 active_resource 1 active_record_session_store 1 actionview 1 web_console 1
Quick Filters
Critical CVEs With Exploits In CISA KEV