Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-22885 | 2 Debian, Rubyonrails | 3 Debian Linux, Actionpack Page-caching, Rails | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
| A possible information disclosure / unintended method execution vulnerability in Action Pack >= 2.0.0 when using the `redirect_to` or `polymorphic_url`helper with untrusted user input. | |||||
| CVE-2020-8159 | 2 Debian, Rubyonrails | 2 Debian Linux, Actionpack Page-caching | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
| There is a vulnerability in actionpack_page-caching gem < v1.2.1 that allows an attacker to write arbitrary files to a web server, potentially resulting in remote code execution if the attacker can write unescaped ERB to a view. | |||||