Vulnerabilities (CVE)

Filtered by vendor Rubyonrails Subscribe
Total 110 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-5267 2 Debian, Rubyonrails 2 Debian Linux, Actionview 2020-10-05 3.5 LOW 4.8 MEDIUM
In ActionView before versions 6.0.2.2 and 5.2.4.2, there is a possible XSS vulnerability in ActionView's JavaScript literal escape helpers. Views that use the `j` or `escape_javascript` methods may be susceptible to XSS attacks. The issue is fixed in versions 6.0.2.2 and 5.2.4.2.
CVE-2020-8164 2 Debian, Rubyonrails 2 Debian Linux, Rails 2020-09-30 5.0 MEDIUM 7.5 HIGH
A deserialization of untrusted data vulnerability exists in rails < 5.2.4.3, rails < 6.0.3.1 which can allow an attacker to supply information can be inadvertently leaked fromStrong Parameters.
CVE-2020-8162 1 Rubyonrails 1 Rails 2020-09-25 5.0 MEDIUM 7.5 HIGH
A client side enforcement of server side security vulnerability exists in rails < 5.2.4.2 and rails < 6.0.3.1 ActiveStorage's S3 adapter that allows the Content-Length of a direct file upload to be modified by an end user bypassing upload limits.
CVE-2020-8163 2 Debian, Rubyonrails 2 Debian Linux, Rails 2020-07-27 6.5 MEDIUM 8.8 HIGH
The is a code injection vulnerability in versions of Rails prior to 5.0.1 that wouldallow an attacker who controlled the `locals` argument of a `render` call to perform a RCE.
CVE-2010-3299 2 Debian, Rubyonrails 2 Debian Linux, Rails 2019-11-15 4.3 MEDIUM 6.5 MEDIUM
The encrypt/decrypt functions in Ruby on Rails 2.3 are vulnerable to padding oracle attacks.
CVE-2018-3741 1 Rubyonrails 1 Html Sanitizer 2019-10-09 4.3 MEDIUM 6.1 MEDIUM
There is a possible XSS vulnerability in all rails-html-sanitizer gem versions below 1.0.4 for Ruby. The gem allows non-whitelisted attributes to be present in sanitized output when input with specially-crafted HTML fragments, and these attributes can lead to an XSS attack on target applications. This issue is similar to CVE-2018-8048 in Loofah. All users running an affected release should either upgrade or use one of the workarounds immediately.
CVE-2018-16476 2 Redhat, Rubyonrails 2 Cloudforms, Rails 2019-10-09 5.0 MEDIUM 7.5 HIGH
A Broken Access Control vulnerability in Active Job versions >= 4.2.0 allows an attacker to craft user input which can cause Active Job to deserialize it using GlobalId and give them access to information that they should not have. This vulnerability has been fixed in versions 4.2.11, 5.0.7.1, 5.1.6.1, and 5.2.1.1.
CVE-2018-16477 1 Rubyonrails 1 Rails 2019-10-09 4.3 MEDIUM 6.5 MEDIUM
A bypass vulnerability in Active Storage >= 5.2.0 for Google Cloud Storage and Disk services allow an attacker to modify the `content-disposition` and `content-type` parameters which can be used in with HTML files and have them executed inline. Additionally, if combined with other techniques such as cookie bombing and specially crafted AppCache manifests, an attacker can gain access to private signed URLs within a specific storage path. This vulnerability has been fixed in version 5.2.1.1.
CVE-2016-6316 2 Debian, Rubyonrails 3 Debian Linux, Rails, Ruby On Rails 2019-08-08 4.3 MEDIUM 6.1 MEDIUM
Cross-site scripting (XSS) vulnerability in Action View in Ruby on Rails 3.x before 3.2.22.3, 4.x before 4.2.7.1, and 5.x before 5.0.0.1 might allow remote attackers to inject arbitrary web script or HTML via text declared as "HTML safe" and used as attribute values in tag handlers.
CVE-2016-0753 1 Rubyonrails 2 Rails, Ruby On Rails 2019-08-08 5.0 MEDIUM 5.3 MEDIUM
Active Model in Ruby on Rails 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 supports the use of instance-level writers for class accessors, which allows remote attackers to bypass intended validation steps via crafted parameters.
CVE-2015-7581 1 Rubyonrails 1 Rails 2019-08-08 5.0 MEDIUM 7.5 HIGH
actionpack/lib/action_dispatch/routing/route_set.rb in Action Pack in Ruby on Rails 4.x before 4.2.5.1 and 5.x before 5.0.0.beta1.1 allows remote attackers to cause a denial of service (superfluous caching and memory consumption) by leveraging an application's use of a wildcard controller route.
CVE-2016-2097 1 Rubyonrails 2 Rails, Ruby On Rails 2019-08-08 5.0 MEDIUM 5.3 MEDIUM
Directory traversal vulnerability in Action View in Ruby on Rails before 3.2.22.2 and 4.x before 4.1.14.2 allows remote attackers to read arbitrary files by leveraging an application's unrestricted use of the render method and providing a .. (dot dot) in a pathname. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-0752.
CVE-2014-7829 2 Opensuse, Rubyonrails 3 Opensuse, Rails, Ruby On Rails 2019-08-08 5.0 MEDIUM N/A
Directory traversal vulnerability in actionpack/lib/action_dispatch/middleware/static.rb in Action Pack in Ruby on Rails 3.x before 3.2.21, 4.0.x before 4.0.12, 4.1.x before 4.1.8, and 4.2.x before 4.2.0.beta4, when serve_static_assets is enabled, allows remote attackers to determine the existence of files outside the application root via vectors involving a \ (backslash) character, a similar issue to CVE-2014-7818.
CVE-2014-7818 2 Opensuse, Rubyonrails 3 Opensuse, Rails, Ruby On Rails 2019-08-08 4.3 MEDIUM N/A
Directory traversal vulnerability in actionpack/lib/action_dispatch/middleware/static.rb in Action Pack in Ruby on Rails 3.x before 3.2.20, 4.0.x before 4.0.11, 4.1.x before 4.1.7, and 4.2.x before 4.2.0.beta3, when serve_static_assets is enabled, allows remote attackers to determine the existence of files outside the application root via a /..%2F sequence.
CVE-2015-7576 1 Rubyonrails 2 Rails, Ruby On Rails 2019-08-08 4.3 MEDIUM 3.7 LOW
The http_basic_authenticate_with method in actionpack/lib/action_controller/metal/http_authentication.rb in the Basic Authentication implementation in Action Controller in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 does not use a constant-time algorithm for verifying credentials, which makes it easier for remote attackers to bypass authentication by measuring timing differences.
CVE-2015-7577 1 Rubyonrails 2 Rails, Ruby On Rails 2019-08-08 5.0 MEDIUM 5.3 MEDIUM
activerecord/lib/active_record/nested_attributes.rb in Active Record in Ruby on Rails 3.1.x and 3.2.x before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 does not properly implement a certain destroy option, which allows remote attackers to bypass intended change restrictions by leveraging use of the nested attributes feature.
CVE-2016-0751 1 Rubyonrails 2 Rails, Ruby On Rails 2019-08-08 5.0 MEDIUM 7.5 HIGH
actionpack/lib/action_dispatch/http/mime_type.rb in Action Pack in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 does not properly restrict use of the MIME type cache, which allows remote attackers to cause a denial of service (memory consumption) via a crafted HTTP Accept header.
CVE-2016-0752 1 Rubyonrails 2 Rails, Ruby On Rails 2019-08-08 5.0 MEDIUM 7.5 HIGH
Directory traversal vulnerability in Action View in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 allows remote attackers to read arbitrary files by leveraging an application's unrestricted use of the render method and providing a .. (dot dot) in a pathname.
CVE-2015-3226 1 Rubyonrails 2 Rails, Ruby On Rails 2019-08-08 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in json/encoding.rb in Active Support in Ruby on Rails 3.x and 4.1.x before 4.1.11 and 4.2.x before 4.2.2 allows remote attackers to inject arbitrary web script or HTML via a crafted Hash that is mishandled during JSON encoding.
CVE-2014-3483 1 Rubyonrails 1 Rails 2019-08-08 7.5 HIGH N/A
SQL injection vulnerability in activerecord/lib/active_record/connection_adapters/postgresql/quoting.rb in the PostgreSQL adapter for Active Record in Ruby on Rails 4.x before 4.0.7 and 4.1.x before 4.1.3 allows remote attackers to execute arbitrary SQL commands by leveraging improper range quoting.