Ruby/actionpack/1.12.5
Web apps on Rails. Simple, battle-tested conventions for building and testing MVC web applications. Works with any Rack-compatible server.
Repo Link:
https://rubygems.org/gems/actionpack
License:
UNKNOWN
56 Security Vulnerabilities
Published date: 2018-09-17T21:54:22Z
CVE: CVE-2014-7818
Withdrawn, accidental duplicate publish.
Directory traversal vulnerability in actionpack/lib/actiondispatch/middleware/static.rb in Action Pack in Ruby on Rails 3.x before 3.2.20, 4.0.x before 4.0.11, 4.1.x before 4.1.7, and 4.2.x before 4.2.0.beta3, when serve static_assets is enabled, allows remote attackers to determine the existence of files outside the application root via a /..%2F sequence.
Affected versions:
["4.1.6", "4.1.6.rc2", "4.1.6.rc1", "4.1.5", "4.1.4", "4.1.3", "4.1.2", "4.1.2.rc3", "4.1.2.rc2", "4.1.2.rc1", "4.1.1", "4.1.0", "4.0.10", "4.0.10.rc2", "4.0.10.rc1", "4.0.9", "4.0.8", "4.0.7", "4.0.6", "4.0.6.rc3", "4.0.6.rc2", "4.0.6.rc1", "4.0.5", "4.0.4", "4.0.4.rc1", "4.0.3", "4.0.2", "4.0.1", "4.0.1.rc4", "4.0.1.rc3", "4.0.1.rc2", "4.0.1.rc1", "4.0.0", "3.2.19", "3.2.18", "3.2.17", "3.2.16", "3.2.15", "3.2.15.rc3", "3.2.15.rc2", "3.2.15.rc1", "3.2.14", "3.2.14.rc2", "3.2.14.rc1", "3.2.13", "3.2.13.rc2", "3.2.13.rc1", "3.2.12", "3.2.11", "3.2.10", "3.2.9", "3.2.9.rc3", "3.2.9.rc2", "3.2.9.rc1", "3.2.8", "3.2.8.rc2", "3.2.8.rc1", "3.2.7", "3.2.7.rc1", "3.2.6", "3.2.5", "3.2.4", "3.2.4.rc1", "3.2.3", "3.2.3.rc2", "3.2.3.rc1", "3.2.2", "3.2.2.rc1", "3.2.1", "3.2.0", "3.2.0.rc2", "3.2.0.rc1", "3.1.12", "3.1.11", "3.1.10", "3.1.9", "3.1.8", "3.1.7", "3.1.6", "3.1.5", "3.1.5.rc1", "3.1.4", "3.1.4.rc1", "3.1.3", "3.1.2", "3.1.2.rc2", "3.1.2.rc1", "3.1.1", "3.1.1.rc3", "3.1.1.rc2", "3.1.1.rc1", "3.1.0", "3.1.0.rc8", "3.1.0.rc6", "3.1.0.rc5", "3.1.0.rc4", "3.1.0.rc3", "3.1.0.rc2", "3.1.0.rc1", "3.1.0.beta1", "3.0.20", "3.0.19", "3.0.18", "3.0.17", "3.0.16", "3.0.15", "3.0.14", "3.0.13", "3.0.13.rc1", "3.0.12", "3.0.12.rc1", "3.0.11", "3.0.10", "3.0.10.rc1", "3.0.9", "3.0.9.rc5", "3.0.9.rc4", "3.0.9.rc3", "3.0.9.rc1", "3.0.8", "3.0.8.rc4", "3.0.8.rc2", "3.0.8.rc1", "3.0.7", "3.0.7.rc2", "3.0.7.rc1", "3.0.6", "3.0.6.rc2", "3.0.6.rc1", "3.0.5", "3.0.5.rc1", "3.0.4", "3.0.4.rc1", "3.0.3", "3.0.2", "3.0.1", "3.0.0", "3.0.0.rc2", "3.0.0.rc", "3.0.0.beta4", "3.0.0.beta3", "3.0.0.beta2", "3.0.0.beta", "2.3.18", "2.3.17", "2.3.16", "2.3.15", "2.3.14", "2.3.12", "2.3.11", "2.3.10", "2.3.9", "2.3.9.pre", "2.3.8", "2.3.8.pre1", "2.3.7", "2.3.6", "2.3.5", "2.3.4", "2.3.3", "2.3.2", "2.2.3", "2.2.2", "2.1.2", "2.1.1", "2.1.0", "2.0.5", "2.0.4", "2.0.2", "2.0.1", "2.0.0", "1.13.6", "1.13.5", "1.13.4", "1.13.3", "1.13.2", "1.13.1", "1.13.0", "1.12.5", "1.12.4", "1.12.3", "1.12.2", "1.12.1", "1.12.0", "1.11.2", "1.11.1", "1.11.0", "1.10.2", "1.10.1", "1.9.1", "1.9.0", "1.8.1", "1.8.0", "1.7.0", "1.6.0", "1.5.1", "1.5.0", "1.4.0", "1.3.1", "1.3.0", "1.2.0", "1.1.0", "1.0.1", "1.0.0", "0.9.5", "0.9.0"]
Secure versions:
[7.2.0.beta2, 7.1.3.4, 7.0.8.4, 7.2.0.beta3, 7.2.0.rc1, 7.2.0, 7.2.1, 7.1.4, 8.0.0.beta1]
Recommendation:
Update to version 7.2.1.
Published date: 2023-06-29T15:03:16Z
CVE: CVE-2023-28362
The redirect_to
method in Rails allows provided values to contain characters which are not legal in an HTTP header value. This results in the potential for downstream services which enforce RFC compliance on HTTP response headers to remove the assigned Location header. This vulnerability has been assigned the CVE identifier CVE-2023-28362.
Versions Affected: All. Not affected: None Fixed Versions: 7.0.5.1, 6.1.7.4
Impact
This introduces the potential for a Cross-site-scripting (XSS) payload to be delivered on the now static redirection page. Note that this both requires user interaction and for a Rails app to be configured to allow redirects to external hosts (defaults to false in Rails >= 7.0.x).
Releases
The FIXED releases are available at the normal locations.
Workarounds
Avoid providing user supplied URLs with arbitrary schemes to the redirect_to
method.
Affected versions:
["7.0.0", "7.0.1", "7.0.2", "7.0.2.2", "7.0.2.1", "7.0.2.3", "7.0.2.4", "7.0.3", "7.0.3.1", "7.0.4", "7.0.4.1", "7.0.4.2", "7.0.4.3", "7.0.5", "6.1.0.rc1", "6.0.3.4", "6.0.3.3", "6.0.3.2", "6.0.3.1", "6.0.3", "6.0.3.rc1", "6.0.2.2", "6.0.2.1", "6.0.2", "6.0.2.rc2", "6.0.2.rc1", "6.0.1", "6.0.1.rc1", "6.0.0", "6.0.0.rc2", "6.0.0.rc1", "6.0.0.beta3", "6.0.0.beta2", "6.0.0.beta1", "5.2.4.4", "5.2.4.3", "5.2.4.2", "5.2.4.1", "5.2.4", "5.2.4.rc1", "5.2.3", "5.2.3.rc1", "5.2.2.1", "5.2.2", "5.2.2.rc1", "5.2.1.1", "5.2.1", "5.2.1.rc1", "5.2.0", "5.2.0.rc2", "5.2.0.rc1", "5.2.0.beta2", "5.2.0.beta1", "5.1.7", "5.1.7.rc1", "5.1.6.2", "5.1.6.1", "5.1.6", "5.1.5", "5.1.5.rc1", "5.1.4", "5.1.4.rc1", "5.1.3", "5.1.3.rc3", "5.1.3.rc2", "5.1.3.rc1", "5.1.2", "5.1.2.rc1", "5.1.1", "5.1.0", "5.1.0.rc2", "5.1.0.rc1", "5.1.0.beta1", "5.0.7.2", "5.0.7.1", "5.0.7", "5.0.6", "5.0.6.rc1", "5.0.5", "5.0.5.rc2", "5.0.5.rc1", "5.0.4", "5.0.4.rc1", "5.0.3", "5.0.2", "5.0.2.rc1", "5.0.1", "5.0.1.rc2", "5.0.1.rc1", "5.0.0.1", "5.0.0", "5.0.0.rc2", "5.0.0.rc1", "5.0.0.racecar1", "5.0.0.beta4", "5.0.0.beta3", "5.0.0.beta2", "5.0.0.beta1.1", "5.0.0.beta1", "4.2.11.3", "4.2.11.2", "4.2.11.1", "4.2.11", "4.2.10", "4.2.10.rc1", "4.2.9", "4.2.9.rc2", "4.2.9.rc1", "4.2.8", "4.2.8.rc1", "4.2.7.1", "4.2.7", "4.2.7.rc1", "4.2.6", "4.2.6.rc1", "4.2.5.2", "4.2.5.1", "4.2.5", "4.2.5.rc2", "4.2.5.rc1", "4.2.4", "4.2.4.rc1", "4.2.3", "4.2.3.rc1", "4.2.2", "4.2.1", "4.2.1.rc4", "4.2.1.rc3", "4.2.1.rc2", "4.2.1.rc1", "4.2.0", "4.2.0.rc3", "4.2.0.rc2", "4.2.0.rc1", "4.2.0.beta4", "4.2.0.beta3", "4.2.0.beta2", "4.2.0.beta1", "4.1.16", "4.1.16.rc1", "4.1.15", "4.1.15.rc1", "4.1.14.2", "4.1.14.1", "4.1.14", "4.1.14.rc2", "4.1.14.rc1", "4.1.13", "4.1.13.rc1", "4.1.12", "4.1.12.rc1", "4.1.11", "4.1.10", "4.1.10.rc4", "4.1.10.rc3", "4.1.10.rc2", "4.1.10.rc1", "4.1.9", "4.1.9.rc1", "4.1.8", "4.1.7.1", "4.1.7", "4.1.6", "4.1.6.rc2", "4.1.6.rc1", "4.1.5", "4.1.4", "4.1.3", "4.1.2", "4.1.2.rc3", "4.1.2.rc2", "4.1.2.rc1", "4.1.1", "4.1.0", "4.1.0.rc2", "4.1.0.rc1", "4.1.0.beta2", "4.1.0.beta1", "4.0.13", "4.0.13.rc1", "4.0.12", "4.0.11.1", "4.0.11", "4.0.10", "4.0.10.rc2", "4.0.10.rc1", "4.0.9", "4.0.8", "4.0.7", "4.0.6", "4.0.6.rc3", "4.0.6.rc2", "4.0.6.rc1", "4.0.5", "4.0.4", "4.0.4.rc1", "4.0.3", "4.0.2", "4.0.1", "4.0.1.rc4", "4.0.1.rc3", "4.0.1.rc2", "4.0.1.rc1", "4.0.0", "4.0.0.rc2", "4.0.0.rc1", "4.0.0.beta1", "3.2.22.5", "3.2.22.4", "3.2.22.3", "3.2.22.2", "3.2.22.1", "3.2.22", "3.2.21", "3.2.20", "3.2.19", "3.2.18", "3.2.17", "3.2.16", "3.2.15", "3.2.15.rc3", "3.2.15.rc2", "3.2.15.rc1", "3.2.14", "3.2.14.rc2", "3.2.14.rc1", "3.2.13", "3.2.13.rc2", "3.2.13.rc1", "3.2.12", "3.2.11", "3.2.10", "3.2.9", "3.2.9.rc3", "3.2.9.rc2", "3.2.9.rc1", "3.2.8", "3.2.8.rc2", "3.2.8.rc1", "3.2.7", "3.2.7.rc1", "3.2.6", "3.2.5", "3.2.4", "3.2.4.rc1", "3.2.3", "3.2.3.rc2", "3.2.3.rc1", "3.2.2", "3.2.2.rc1", "3.2.1", "3.2.0", "3.2.0.rc2", "3.2.0.rc1", "3.1.12", "3.1.11", "3.1.10", "3.1.9", "3.1.8", "3.1.7", "3.1.6", "3.1.5", "3.1.5.rc1", "3.1.4", "3.1.4.rc1", "3.1.3", "3.1.2", "3.1.2.rc2", "3.1.2.rc1", "3.1.1", "3.1.1.rc3", "3.1.1.rc2", "3.1.1.rc1", "3.1.0", "3.1.0.rc8", "3.1.0.rc6", "3.1.0.rc5", "3.1.0.rc4", "3.1.0.rc3", "3.1.0.rc2", "3.1.0.rc1", "3.1.0.beta1", "3.0.20", "3.0.19", "3.0.18", "3.0.17", "3.0.16", "3.0.15", "3.0.14", "3.0.13", "3.0.13.rc1", "3.0.12", "3.0.12.rc1", "3.0.11", "3.0.10", "3.0.10.rc1", "3.0.9", "3.0.9.rc5", "3.0.9.rc4", "3.0.9.rc3", "3.0.9.rc1", "3.0.8", "3.0.8.rc4", "3.0.8.rc2", "3.0.8.rc1", "3.0.7", "3.0.7.rc2", "3.0.7.rc1", "3.0.6", "3.0.6.rc2", "3.0.6.rc1", "3.0.5", "3.0.5.rc1", "3.0.4", "3.0.4.rc1", "3.0.3", "3.0.2", "3.0.1", "3.0.0", "3.0.0.rc2", "3.0.0.rc", "3.0.0.beta4", "3.0.0.beta3", "3.0.0.beta2", "3.0.0.beta", "2.3.18", "2.3.17", "2.3.16", "2.3.15", "2.3.14", "2.3.12", "2.3.11", "2.3.10", "2.3.9", "2.3.9.pre", "2.3.8", "2.3.8.pre1", "2.3.7", "2.3.6", "2.3.5", "2.3.4", "2.3.3", "2.3.2", "2.2.3", "2.2.2", "2.1.2", "2.1.1", "2.1.0", "2.0.5", "2.0.4", "2.0.2", "2.0.1", "2.0.0", "1.13.6", "1.13.5", "1.13.4", "1.13.3", "1.13.2", "1.13.1", "1.13.0", "1.12.5", "1.12.4", "1.12.3", "1.12.2", "1.12.1", "1.12.0", "1.11.2", "1.11.1", "1.11.0", "1.10.2", "1.10.1", "1.9.1", "1.9.0", "1.8.1", "1.8.0", "1.7.0", "1.6.0", "1.5.1", "1.5.0", "1.4.0", "1.3.1", "1.3.0", "1.2.0", "1.1.0", "1.0.1", "1.0.0", "0.9.5", "0.9.0", "6.1.0.rc2", "6.1.0", "6.1.1", "6.1.2", "6.1.2.1", "6.0.3.5", "5.2.4.5", "6.1.3", "6.1.3.1", "6.0.3.6", "5.2.5", "6.1.3.2", "6.0.3.7", "5.2.6", "5.2.4.6", "6.0.4", "6.1.4", "6.1.4.1", "6.0.4.1", "6.1.4.3", "6.1.4.2", "6.0.4.3", "6.0.4.2", "6.1.4.4", "6.0.4.4", "6.1.4.6", "6.1.4.5", "6.0.4.6", "6.0.4.5", "5.2.6.2", "5.2.6.1", "6.1.4.7", "6.0.4.7", "5.2.6.3", "6.1.5", "5.2.7", "6.1.5.1", "6.0.4.8", "5.2.7.1", "6.1.6", "6.0.5", "5.2.8", "6.1.6.1", "6.0.5.1", "5.2.8.1", "6.1.7", "6.0.6", "6.1.7.1", "6.0.6.1", "6.1.7.2", "6.1.7.3"]
Secure versions:
[7.2.0.beta2, 7.1.3.4, 7.0.8.4, 7.2.0.beta3, 7.2.0.rc1, 7.2.0, 7.2.1, 7.1.4, 8.0.0.beta1]
Recommendation:
Update to version 7.2.1.
Published date: 2018-09-17T21:54:37Z
CVE: CVE-2014-7829
Withdrawn, accidental duplicate publish.
Directory traversal vulnerability in actionpack/lib/actiondispatch/middleware/static.rb in Action Pack in Ruby on Rails 3.x before 3.2.21, 4.0.x before 4.0.12, 4.1.x before 4.1.8, and 4.2.x before 4.2.0.beta4, when serve static_assets is enabled, allows remote attackers to determine the existence of files outside the application root via vectors involving a \ (backslash) character, a similar issue to CVE-2014-7818.
Affected versions:
["4.1.7.1", "4.1.7", "4.1.6", "4.1.6.rc2", "4.1.6.rc1", "4.1.5", "4.1.4", "4.1.3", "4.1.2", "4.1.2.rc3", "4.1.2.rc2", "4.1.2.rc1", "4.1.1", "4.1.0", "4.0.11.1", "4.0.11", "4.0.10", "4.0.10.rc2", "4.0.10.rc1", "4.0.9", "4.0.8", "4.0.7", "4.0.6", "4.0.6.rc3", "4.0.6.rc2", "4.0.6.rc1", "4.0.5", "4.0.4", "4.0.4.rc1", "4.0.3", "4.0.2", "4.0.1", "4.0.1.rc4", "4.0.1.rc3", "4.0.1.rc2", "4.0.1.rc1", "4.0.0", "3.2.20", "3.2.19", "3.2.18", "3.2.17", "3.2.16", "3.2.15", "3.2.15.rc3", "3.2.15.rc2", "3.2.15.rc1", "3.2.14", "3.2.14.rc2", "3.2.14.rc1", "3.2.13", "3.2.13.rc2", "3.2.13.rc1", "3.2.12", "3.2.11", "3.2.10", "3.2.9", "3.2.9.rc3", "3.2.9.rc2", "3.2.9.rc1", "3.2.8", "3.2.8.rc2", "3.2.8.rc1", "3.2.7", "3.2.7.rc1", "3.2.6", "3.2.5", "3.2.4", "3.2.4.rc1", "3.2.3", "3.2.3.rc2", "3.2.3.rc1", "3.2.2", "3.2.2.rc1", "3.2.1", "3.2.0", "3.2.0.rc2", "3.2.0.rc1", "3.1.12", "3.1.11", "3.1.10", "3.1.9", "3.1.8", "3.1.7", "3.1.6", "3.1.5", "3.1.5.rc1", "3.1.4", "3.1.4.rc1", "3.1.3", "3.1.2", "3.1.2.rc2", "3.1.2.rc1", "3.1.1", "3.1.1.rc3", "3.1.1.rc2", "3.1.1.rc1", "3.1.0", "3.1.0.rc8", "3.1.0.rc6", "3.1.0.rc5", "3.1.0.rc4", "3.1.0.rc3", "3.1.0.rc2", "3.1.0.rc1", "3.1.0.beta1", "3.0.20", "3.0.19", "3.0.18", "3.0.17", "3.0.16", "3.0.15", "3.0.14", "3.0.13", "3.0.13.rc1", "3.0.12", "3.0.12.rc1", "3.0.11", "3.0.10", "3.0.10.rc1", "3.0.9", "3.0.9.rc5", "3.0.9.rc4", "3.0.9.rc3", "3.0.9.rc1", "3.0.8", "3.0.8.rc4", "3.0.8.rc2", "3.0.8.rc1", "3.0.7", "3.0.7.rc2", "3.0.7.rc1", "3.0.6", "3.0.6.rc2", "3.0.6.rc1", "3.0.5", "3.0.5.rc1", "3.0.4", "3.0.4.rc1", "3.0.3", "3.0.2", "3.0.1", "3.0.0", "3.0.0.rc2", "3.0.0.rc", "3.0.0.beta4", "3.0.0.beta3", "3.0.0.beta2", "3.0.0.beta", "2.3.18", "2.3.17", "2.3.16", "2.3.15", "2.3.14", "2.3.12", "2.3.11", "2.3.10", "2.3.9", "2.3.9.pre", "2.3.8", "2.3.8.pre1", "2.3.7", "2.3.6", "2.3.5", "2.3.4", "2.3.3", "2.3.2", "2.2.3", "2.2.2", "2.1.2", "2.1.1", "2.1.0", "2.0.5", "2.0.4", "2.0.2", "2.0.1", "2.0.0", "1.13.6", "1.13.5", "1.13.4", "1.13.3", "1.13.2", "1.13.1", "1.13.0", "1.12.5", "1.12.4", "1.12.3", "1.12.2", "1.12.1", "1.12.0", "1.11.2", "1.11.1", "1.11.0", "1.10.2", "1.10.1", "1.9.1", "1.9.0", "1.8.1", "1.8.0", "1.7.0", "1.6.0", "1.5.1", "1.5.0", "1.4.0", "1.3.1", "1.3.0", "1.2.0", "1.1.0", "1.0.1", "1.0.0", "0.9.5", "0.9.0"]
Secure versions:
[7.2.0.beta2, 7.1.3.4, 7.0.8.4, 7.2.0.beta3, 7.2.0.rc1, 7.2.0, 7.2.1, 7.1.4, 8.0.0.beta1]
Recommendation:
Update to version 7.2.1.
Published date: 2017-10-24T18:33:38Z
CVE: CVE-2011-0446
Multiple cross-site scripting (XSS) vulnerabilities in the mail_to
helper in Ruby on Rails before 2.3.11, and 3.x before 3.0.4, when javascript encoding is used, allow remote attackers to inject arbitrary web script or HTML via a crafted (1) name or (2) email value.
Affected versions:
["3.0.4.rc1", "3.0.3", "3.0.2", "3.0.1", "3.0.0", "2.3.10", "2.3.9", "2.3.9.pre", "2.3.8", "2.3.8.pre1", "2.3.7", "2.3.6", "2.3.5", "2.3.4", "2.3.3", "2.3.2", "2.2.3", "2.2.2", "2.1.2", "2.1.1", "2.1.0", "2.0.5", "2.0.4", "2.0.2", "2.0.1", "2.0.0", "1.13.6", "1.13.5", "1.13.4", "1.13.3", "1.13.2", "1.13.1", "1.13.0", "1.12.5", "1.12.4", "1.12.3", "1.12.2", "1.12.1", "1.12.0", "1.11.2", "1.11.1", "1.11.0", "1.10.2", "1.10.1", "1.9.1", "1.9.0", "1.8.1", "1.8.0", "1.7.0", "1.6.0", "1.5.1", "1.5.0", "1.4.0", "1.3.1", "1.3.0", "1.2.0", "1.1.0", "1.0.1", "1.0.0", "0.9.5", "0.9.0"]
Secure versions:
[7.2.0.beta2, 7.1.3.4, 7.0.8.4, 7.2.0.beta3, 7.2.0.rc1, 7.2.0, 7.2.1, 7.1.4, 8.0.0.beta1]
Recommendation:
Update to version 7.2.1.
Published date: 2017-10-24T18:33:37Z
CVE: CVE-2012-3465
Cross-site scripting (XSS) vulnerability in actionpack/lib/action_view/helpers/sanitize_helper.rb
in the strip_tags
helper in Ruby on Rails before 3.0.17, 3.1.x before 3.1.8, and 3.2.x before 3.2.8 allows remote attackers to inject arbitrary web script or HTML via malformed HTML markup.
Affected versions:
["3.2.8.rc2", "3.2.8.rc1", "3.2.7", "3.2.7.rc1", "3.2.6", "3.2.5", "3.2.4", "3.2.4.rc1", "3.2.3", "3.2.3.rc2", "3.2.3.rc1", "3.2.2", "3.2.2.rc1", "3.2.1", "3.2.0", "3.1.7", "3.1.6", "3.1.5", "3.1.5.rc1", "3.1.4", "3.1.4.rc1", "3.1.3", "3.1.2", "3.1.2.rc2", "3.1.2.rc1", "3.1.1", "3.1.1.rc3", "3.1.1.rc2", "3.1.1.rc1", "3.1.0", "3.0.16", "3.0.15", "3.0.14", "3.0.13", "3.0.13.rc1", "3.0.12", "3.0.12.rc1", "3.0.11", "3.0.10", "3.0.10.rc1", "3.0.9", "3.0.9.rc5", "3.0.9.rc4", "3.0.9.rc3", "3.0.9.rc1", "3.0.8", "3.0.8.rc4", "3.0.8.rc2", "3.0.8.rc1", "3.0.7", "3.0.7.rc2", "3.0.7.rc1", "3.0.6", "3.0.6.rc2", "3.0.6.rc1", "3.0.5", "3.0.5.rc1", "3.0.4", "3.0.4.rc1", "3.0.3", "3.0.2", "3.0.1", "3.0.0", "3.0.0.rc2", "3.0.0.rc", "3.0.0.beta4", "3.0.0.beta3", "3.0.0.beta2", "3.0.0.beta", "2.3.18", "2.3.17", "2.3.16", "2.3.15", "2.3.14", "2.3.12", "2.3.11", "2.3.10", "2.3.9", "2.3.9.pre", "2.3.8", "2.3.8.pre1", "2.3.7", "2.3.6", "2.3.5", "2.3.4", "2.3.3", "2.3.2", "2.2.3", "2.2.2", "2.1.2", "2.1.1", "2.1.0", "2.0.5", "2.0.4", "2.0.2", "2.0.1", "2.0.0", "1.13.6", "1.13.5", "1.13.4", "1.13.3", "1.13.2", "1.13.1", "1.13.0", "1.12.5", "1.12.4", "1.12.3", "1.12.2", "1.12.1", "1.12.0", "1.11.2", "1.11.1", "1.11.0", "1.10.2", "1.10.1", "1.9.1", "1.9.0", "1.8.1", "1.8.0", "1.7.0", "1.6.0", "1.5.1", "1.5.0", "1.4.0", "1.3.1", "1.3.0", "1.2.0", "1.1.0", "1.0.1", "1.0.0", "0.9.5", "0.9.0"]
Secure versions:
[7.2.0.beta2, 7.1.3.4, 7.0.8.4, 7.2.0.beta3, 7.2.0.rc1, 7.2.0, 7.2.1, 7.1.4, 8.0.0.beta1]
Recommendation:
Update to version 7.2.1.
Published date: 2017-10-24T18:33:38Z
CVE: CVE-2008-7248
Ruby on Rails 2.1 before 2.1.3 and 2.2.x before 2.2.2 does not verify tokens for requests with certain content types, which allows remote attackers to bypass cross-site request forgery (CSRF) protection for requests to applications that rely on this protection, as demonstrated using text/plain.
Affected versions:
["2.1.2", "2.1.1", "2.1.0", "2.0.5", "2.0.4", "2.0.2", "2.0.1", "2.0.0", "1.13.6", "1.13.5", "1.13.4", "1.13.3", "1.13.2", "1.13.1", "1.13.0", "1.12.5", "1.12.4", "1.12.3", "1.12.2", "1.12.1", "1.12.0", "1.11.2", "1.11.1", "1.11.0", "1.10.2", "1.10.1", "1.9.1", "1.9.0", "1.8.1", "1.8.0", "1.7.0", "1.6.0", "1.5.1", "1.5.0", "1.4.0", "1.3.1", "1.3.0", "1.2.0", "1.1.0", "1.0.1", "1.0.0", "0.9.5", "0.9.0"]
Secure versions:
[7.2.0.beta2, 7.1.3.4, 7.0.8.4, 7.2.0.beta3, 7.2.0.rc1, 7.2.0, 7.2.1, 7.1.4, 8.0.0.beta1]
Recommendation:
Update to version 7.2.1.
Published date: 2023-01-18T18:20:51Z
CVE: CVE-2023-22795
There is a possible regular expression based DoS vulnerability in Action Dispatch related to the If-None-Match header. This vulnerability has been assigned the CVE identifier CVE-2023-22795.
Versions Affected: All Not affected: None Fixed Versions: 5.2.8.15 (Rails LTS), 6.1.7.1, 7.0.4.1
Impact
A specially crafted HTTP If-None-Match header can cause the regular expression engine to enter a state of catastrophic backtracking, when on a version of Ruby below 3.2.0. This can cause the process to use large amounts of CPU and memory, leading to a possible DoS vulnerability All users running an affected release should either upgrade or use one of the workarounds immediately.
Releases
The FIXED releases are available at the normal locations.
Workarounds
We recommend that all users upgrade to one of the FIXED versions. In the meantime, users can mitigate this vulnerability by using a load balancer or other device to filter out malicious If-None-Match headers before they reach the application.
Users on Ruby 3.2.0 or greater are not affected by this vulnerability.
Patches
To aid users who aren’t able to upgrade immediately we have provided patches for the two supported release series. They are in git-am format and consist of a single changeset.
6-1-Avoid-regex-backtracking-on-If-None-Match-header.patch - Patch for 6.1 series
7-0-Avoid-regex-backtracking-on-If-None-Match-header.patch - Patch for 7.0 series
Please note that only the 7.0.Z and 6.1.Z series are supported at present, and 6.0.Z for severe vulnerabilities. Users of earlier unsupported releases are advised to upgrade as soon as possible as we cannot guarantee the continued availability of security fixes for unsupported releases.
Affected versions:
["6.1.0.rc1", "6.0.3.4", "6.0.3.3", "6.0.3.2", "6.0.3.1", "6.0.3", "6.0.3.rc1", "6.0.2.2", "6.0.2.1", "6.0.2", "6.0.2.rc2", "6.0.2.rc1", "6.0.1", "6.0.1.rc1", "6.0.0", "6.0.0.rc2", "6.0.0.rc1", "6.0.0.beta3", "6.0.0.beta2", "6.0.0.beta1", "5.2.4.4", "5.2.4.3", "5.2.4.2", "5.2.4.1", "5.2.4", "5.2.4.rc1", "5.2.3", "5.2.3.rc1", "5.2.2.1", "5.2.2", "5.2.2.rc1", "5.2.1.1", "5.2.1", "5.2.1.rc1", "5.2.0", "5.2.0.rc2", "5.2.0.rc1", "5.2.0.beta2", "5.2.0.beta1", "5.1.7", "5.1.7.rc1", "5.1.6.2", "5.1.6.1", "5.1.6", "5.1.5", "5.1.5.rc1", "5.1.4", "5.1.4.rc1", "5.1.3", "5.1.3.rc3", "5.1.3.rc2", "5.1.3.rc1", "5.1.2", "5.1.2.rc1", "5.1.1", "5.1.0", "5.1.0.rc2", "5.1.0.rc1", "5.1.0.beta1", "5.0.7.2", "5.0.7.1", "5.0.7", "5.0.6", "5.0.6.rc1", "5.0.5", "5.0.5.rc2", "5.0.5.rc1", "5.0.4", "5.0.4.rc1", "5.0.3", "5.0.2", "5.0.2.rc1", "5.0.1", "5.0.1.rc2", "5.0.1.rc1", "5.0.0.1", "5.0.0", "5.0.0.rc2", "5.0.0.rc1", "5.0.0.racecar1", "5.0.0.beta4", "5.0.0.beta3", "5.0.0.beta2", "5.0.0.beta1.1", "5.0.0.beta1", "4.2.11.3", "4.2.11.2", "4.2.11.1", "4.2.11", "4.2.10", "4.2.10.rc1", "4.2.9", "4.2.9.rc2", "4.2.9.rc1", "4.2.8", "4.2.8.rc1", "4.2.7.1", "4.2.7", "4.2.7.rc1", "4.2.6", "4.2.6.rc1", "4.2.5.2", "4.2.5.1", "4.2.5", "4.2.5.rc2", "4.2.5.rc1", "4.2.4", "4.2.4.rc1", "4.2.3", "4.2.3.rc1", "4.2.2", "4.2.1", "4.2.1.rc4", "4.2.1.rc3", "4.2.1.rc2", "4.2.1.rc1", "4.2.0", "4.2.0.rc3", "4.2.0.rc2", "4.2.0.rc1", "4.2.0.beta4", "4.2.0.beta3", "4.2.0.beta2", "4.2.0.beta1", "4.1.16", "4.1.16.rc1", "4.1.15", "4.1.15.rc1", "4.1.14.2", "4.1.14.1", "4.1.14", "4.1.14.rc2", "4.1.14.rc1", "4.1.13", "4.1.13.rc1", "4.1.12", "4.1.12.rc1", "4.1.11", "4.1.10", "4.1.10.rc4", "4.1.10.rc3", "4.1.10.rc2", "4.1.10.rc1", "4.1.9", "4.1.9.rc1", "4.1.8", "4.1.7.1", "4.1.7", "4.1.6", "4.1.6.rc2", "4.1.6.rc1", "4.1.5", "4.1.4", "4.1.3", "4.1.2", "4.1.2.rc3", "4.1.2.rc2", "4.1.2.rc1", "4.1.1", "4.1.0", "4.1.0.rc2", "4.1.0.rc1", "4.1.0.beta2", "4.1.0.beta1", "4.0.13", "4.0.13.rc1", "4.0.12", "4.0.11.1", "4.0.11", "4.0.10", "4.0.10.rc2", "4.0.10.rc1", "4.0.9", "4.0.8", "4.0.7", "4.0.6", "4.0.6.rc3", "4.0.6.rc2", "4.0.6.rc1", "4.0.5", "4.0.4", "4.0.4.rc1", "4.0.3", "4.0.2", "4.0.1", "4.0.1.rc4", "4.0.1.rc3", "4.0.1.rc2", "4.0.1.rc1", "4.0.0", "4.0.0.rc2", "4.0.0.rc1", "4.0.0.beta1", "3.2.22.5", "3.2.22.4", "3.2.22.3", "3.2.22.2", "3.2.22.1", "3.2.22", "3.2.21", "3.2.20", "3.2.19", "3.2.18", "3.2.17", "3.2.16", "3.2.15", "3.2.15.rc3", "3.2.15.rc2", "3.2.15.rc1", "3.2.14", "3.2.14.rc2", "3.2.14.rc1", "3.2.13", "3.2.13.rc2", "3.2.13.rc1", "3.2.12", "3.2.11", "3.2.10", "3.2.9", "3.2.9.rc3", "3.2.9.rc2", "3.2.9.rc1", "3.2.8", "3.2.8.rc2", "3.2.8.rc1", "3.2.7", "3.2.7.rc1", "3.2.6", "3.2.5", "3.2.4", "3.2.4.rc1", "3.2.3", "3.2.3.rc2", "3.2.3.rc1", "3.2.2", "3.2.2.rc1", "3.2.1", "3.2.0", "3.2.0.rc2", "3.2.0.rc1", "3.1.12", "3.1.11", "3.1.10", "3.1.9", "3.1.8", "3.1.7", "3.1.6", "3.1.5", "3.1.5.rc1", "3.1.4", "3.1.4.rc1", "3.1.3", "3.1.2", "3.1.2.rc2", "3.1.2.rc1", "3.1.1", "3.1.1.rc3", "3.1.1.rc2", "3.1.1.rc1", "3.1.0", "3.1.0.rc8", "3.1.0.rc6", "3.1.0.rc5", "3.1.0.rc4", "3.1.0.rc3", "3.1.0.rc2", "3.1.0.rc1", "3.1.0.beta1", "3.0.20", "3.0.19", "3.0.18", "3.0.17", "3.0.16", "3.0.15", "3.0.14", "3.0.13", "3.0.13.rc1", "3.0.12", "3.0.12.rc1", "3.0.11", "3.0.10", "3.0.10.rc1", "3.0.9", "3.0.9.rc5", "3.0.9.rc4", "3.0.9.rc3", "3.0.9.rc1", "3.0.8", "3.0.8.rc4", "3.0.8.rc2", "3.0.8.rc1", "3.0.7", "3.0.7.rc2", "3.0.7.rc1", "3.0.6", "3.0.6.rc2", "3.0.6.rc1", "3.0.5", "3.0.5.rc1", "3.0.4", "3.0.4.rc1", "3.0.3", "3.0.2", "3.0.1", "3.0.0", "3.0.0.rc2", "3.0.0.rc", "3.0.0.beta4", "3.0.0.beta3", "3.0.0.beta2", "3.0.0.beta", "2.3.18", "2.3.17", "2.3.16", "2.3.15", "2.3.14", "2.3.12", "2.3.11", "2.3.10", "2.3.9", "2.3.9.pre", "2.3.8", "2.3.8.pre1", "2.3.7", "2.3.6", "2.3.5", "2.3.4", "2.3.3", "2.3.2", "2.2.3", "2.2.2", "2.1.2", "2.1.1", "2.1.0", "2.0.5", "2.0.4", "2.0.2", "2.0.1", "2.0.0", "1.13.6", "1.13.5", "1.13.4", "1.13.3", "1.13.2", "1.13.1", "1.13.0", "1.12.5", "1.12.4", "1.12.3", "1.12.2", "1.12.1", "1.12.0", "1.11.2", "1.11.1", "1.11.0", "1.10.2", "1.10.1", "1.9.1", "1.9.0", "1.8.1", "1.8.0", "1.7.0", "1.6.0", "1.5.1", "1.5.0", "1.4.0", "1.3.1", "1.3.0", "1.2.0", "1.1.0", "1.0.1", "1.0.0", "0.9.5", "0.9.0", "6.1.0.rc2", "6.1.0", "6.1.1", "6.1.2", "6.1.2.1", "6.0.3.5", "5.2.4.5", "6.1.3", "6.1.3.1", "6.0.3.6", "5.2.5", "6.1.3.2", "6.0.3.7", "5.2.6", "5.2.4.6", "6.0.4", "6.1.4", "6.1.4.1", "6.0.4.1", "6.1.4.3", "6.1.4.2", "6.0.4.3", "6.0.4.2", "6.1.4.4", "6.0.4.4", "6.1.4.6", "6.1.4.5", "6.0.4.6", "6.0.4.5", "5.2.6.2", "5.2.6.1", "6.1.4.7", "6.0.4.7", "5.2.6.3", "6.1.5", "5.2.7", "6.1.5.1", "6.0.4.8", "5.2.7.1", "6.1.6", "6.0.5", "5.2.8", "6.1.6.1", "6.0.5.1", "5.2.8.1", "6.1.7", "6.0.6", "6.0.6.1", "7.0.0", "7.0.1", "7.0.2", "7.0.2.2", "7.0.2.1", "7.0.2.3", "7.0.2.4", "7.0.3", "7.0.3.1", "7.0.4"]
Secure versions:
[7.2.0.beta2, 7.1.3.4, 7.0.8.4, 7.2.0.beta3, 7.2.0.rc1, 7.2.0, 7.2.1, 7.1.4, 8.0.0.beta1]
Recommendation:
Update to version 7.2.1.
Published date: 2017-10-24T18:33:38Z
CVE: CVE-2012-3424
The decode_credentials
method in actionpack/lib/action_controller/metal/http_authentication.rb
in Ruby on Rails before 3.0.16, 3.1.x before 3.1.7, and 3.2.x before 3.2.7 converts Digest Authentication strings to symbols, which allows remote attackers to cause a denial of service by leveraging access to an application that uses a with_http_digest
helper method, as demonstrated by the authenticate_or_request_with_http_digest
method.
Affected versions:
["3.2.7.rc1", "3.2.6", "3.2.5", "3.2.4", "3.2.4.rc1", "3.2.3", "3.2.3.rc2", "3.2.3.rc1", "3.2.2", "3.2.2.rc1", "3.2.1", "3.2.0", "3.1.6", "3.1.5", "3.1.5.rc1", "3.1.4", "3.1.4.rc1", "3.1.3", "3.1.2", "3.1.2.rc2", "3.1.2.rc1", "3.1.1", "3.1.1.rc3", "3.1.1.rc2", "3.1.1.rc1", "3.1.0", "3.0.15", "3.0.14", "3.0.13", "3.0.13.rc1", "3.0.12", "3.0.12.rc1", "3.0.11", "3.0.10", "3.0.10.rc1", "3.0.9", "3.0.9.rc5", "3.0.9.rc4", "3.0.9.rc3", "3.0.9.rc1", "3.0.8", "3.0.8.rc4", "3.0.8.rc2", "3.0.8.rc1", "3.0.7", "3.0.7.rc2", "3.0.7.rc1", "3.0.6", "3.0.6.rc2", "3.0.6.rc1", "3.0.5", "3.0.5.rc1", "3.0.4", "3.0.4.rc1", "3.0.3", "3.0.2", "3.0.1", "3.0.0", "3.0.0.rc2", "3.0.0.rc", "3.0.0.beta4", "3.0.0.beta3", "3.0.0.beta2", "3.0.0.beta", "2.3.18", "2.3.17", "2.3.16", "2.3.15", "2.3.14", "2.3.12", "2.3.11", "2.3.10", "2.3.9", "2.3.9.pre", "2.3.8", "2.3.8.pre1", "2.3.7", "2.3.6", "2.3.5", "2.3.4", "2.3.3", "2.3.2", "2.2.3", "2.2.2", "2.1.2", "2.1.1", "2.1.0", "2.0.5", "2.0.4", "2.0.2", "2.0.1", "2.0.0", "1.13.6", "1.13.5", "1.13.4", "1.13.3", "1.13.2", "1.13.1", "1.13.0", "1.12.5", "1.12.4", "1.12.3", "1.12.2", "1.12.1", "1.12.0", "1.11.2", "1.11.1", "1.11.0", "1.10.2", "1.10.1", "1.9.1", "1.9.0", "1.8.1", "1.8.0", "1.7.0", "1.6.0", "1.5.1", "1.5.0", "1.4.0", "1.3.1", "1.3.0", "1.2.0", "1.1.0", "1.0.1", "1.0.0", "0.9.5", "0.9.0"]
Secure versions:
[7.2.0.beta2, 7.1.3.4, 7.0.8.4, 7.2.0.beta3, 7.2.0.rc1, 7.2.0, 7.2.1, 7.1.4, 8.0.0.beta1]
Recommendation:
Update to version 7.2.1.
Published date: 2022-10-27T12:00:27Z
CVE: CVE-2022-3704
actionpack from the Ruby on Rails project is vulnerable to Cross-site Scripting in the Route Error Page. This issue has been patched with this commit .
This vulnerability is disputed by the Rails security team. It requires that the developer is tricked into copy pasting a malicious javascript-containing string into a development-only error page accessible only via localhost.
Affected versions:
["6.1.0.rc1", "6.0.3.4", "6.0.3.3", "6.0.3.2", "6.0.3.1", "6.0.3", "6.0.3.rc1", "6.0.2.2", "6.0.2.1", "6.0.2", "6.0.2.rc2", "6.0.2.rc1", "6.0.1", "6.0.1.rc1", "6.0.0", "6.0.0.rc2", "6.0.0.rc1", "6.0.0.beta3", "6.0.0.beta2", "6.0.0.beta1", "5.2.4.4", "5.2.4.3", "5.2.4.2", "5.2.4.1", "5.2.4", "5.2.4.rc1", "5.2.3", "5.2.3.rc1", "5.2.2.1", "5.2.2", "5.2.2.rc1", "5.2.1.1", "5.2.1", "5.2.1.rc1", "5.2.0", "5.2.0.rc2", "5.2.0.rc1", "5.2.0.beta2", "5.2.0.beta1", "5.1.7", "5.1.7.rc1", "5.1.6.2", "5.1.6.1", "5.1.6", "5.1.5", "5.1.5.rc1", "5.1.4", "5.1.4.rc1", "5.1.3", "5.1.3.rc3", "5.1.3.rc2", "5.1.3.rc1", "5.1.2", "5.1.2.rc1", "5.1.1", "5.1.0", "5.1.0.rc2", "5.1.0.rc1", "5.1.0.beta1", "5.0.7.2", "5.0.7.1", "5.0.7", "5.0.6", "5.0.6.rc1", "5.0.5", "5.0.5.rc2", "5.0.5.rc1", "5.0.4", "5.0.4.rc1", "5.0.3", "5.0.2", "5.0.2.rc1", "5.0.1", "5.0.1.rc2", "5.0.1.rc1", "5.0.0.1", "5.0.0", "5.0.0.rc2", "5.0.0.rc1", "5.0.0.racecar1", "5.0.0.beta4", "5.0.0.beta3", "5.0.0.beta2", "5.0.0.beta1.1", "5.0.0.beta1", "4.2.11.3", "4.2.11.2", "4.2.11.1", "4.2.11", "4.2.10", "4.2.10.rc1", "4.2.9", "4.2.9.rc2", "4.2.9.rc1", "4.2.8", "4.2.8.rc1", "4.2.7.1", "4.2.7", "4.2.7.rc1", "4.2.6", "4.2.6.rc1", "4.2.5.2", "4.2.5.1", "4.2.5", "4.2.5.rc2", "4.2.5.rc1", "4.2.4", "4.2.4.rc1", "4.2.3", "4.2.3.rc1", "4.2.2", "4.2.1", "4.2.1.rc4", "4.2.1.rc3", "4.2.1.rc2", "4.2.1.rc1", "4.2.0", "4.2.0.rc3", "4.2.0.rc2", "4.2.0.rc1", "4.2.0.beta4", "4.2.0.beta3", "4.2.0.beta2", "4.2.0.beta1", "4.1.16", "4.1.16.rc1", "4.1.15", "4.1.15.rc1", "4.1.14.2", "4.1.14.1", "4.1.14", "4.1.14.rc2", "4.1.14.rc1", "4.1.13", "4.1.13.rc1", "4.1.12", "4.1.12.rc1", "4.1.11", "4.1.10", "4.1.10.rc4", "4.1.10.rc3", "4.1.10.rc2", "4.1.10.rc1", "4.1.9", "4.1.9.rc1", "4.1.8", "4.1.7.1", "4.1.7", "4.1.6", "4.1.6.rc2", "4.1.6.rc1", "4.1.5", "4.1.4", "4.1.3", "4.1.2", "4.1.2.rc3", "4.1.2.rc2", "4.1.2.rc1", "4.1.1", "4.1.0", "4.1.0.rc2", "4.1.0.rc1", "4.1.0.beta2", "4.1.0.beta1", "4.0.13", "4.0.13.rc1", "4.0.12", "4.0.11.1", "4.0.11", "4.0.10", "4.0.10.rc2", "4.0.10.rc1", "4.0.9", "4.0.8", "4.0.7", "4.0.6", "4.0.6.rc3", "4.0.6.rc2", "4.0.6.rc1", "4.0.5", "4.0.4", "4.0.4.rc1", "4.0.3", "4.0.2", "4.0.1", "4.0.1.rc4", "4.0.1.rc3", "4.0.1.rc2", "4.0.1.rc1", "4.0.0", "4.0.0.rc2", "4.0.0.rc1", "4.0.0.beta1", "3.2.22.5", "3.2.22.4", "3.2.22.3", "3.2.22.2", "3.2.22.1", "3.2.22", "3.2.21", "3.2.20", "3.2.19", "3.2.18", "3.2.17", "3.2.16", "3.2.15", "3.2.15.rc3", "3.2.15.rc2", "3.2.15.rc1", "3.2.14", "3.2.14.rc2", "3.2.14.rc1", "3.2.13", "3.2.13.rc2", "3.2.13.rc1", "3.2.12", "3.2.11", "3.2.10", "3.2.9", "3.2.9.rc3", "3.2.9.rc2", "3.2.9.rc1", "3.2.8", "3.2.8.rc2", "3.2.8.rc1", "3.2.7", "3.2.7.rc1", "3.2.6", "3.2.5", "3.2.4", "3.2.4.rc1", "3.2.3", "3.2.3.rc2", "3.2.3.rc1", "3.2.2", "3.2.2.rc1", "3.2.1", "3.2.0", "3.2.0.rc2", "3.2.0.rc1", "3.1.12", "3.1.11", "3.1.10", "3.1.9", "3.1.8", "3.1.7", "3.1.6", "3.1.5", "3.1.5.rc1", "3.1.4", "3.1.4.rc1", "3.1.3", "3.1.2", "3.1.2.rc2", "3.1.2.rc1", "3.1.1", "3.1.1.rc3", "3.1.1.rc2", "3.1.1.rc1", "3.1.0", "3.1.0.rc8", "3.1.0.rc6", "3.1.0.rc5", "3.1.0.rc4", "3.1.0.rc3", "3.1.0.rc2", "3.1.0.rc1", "3.1.0.beta1", "3.0.20", "3.0.19", "3.0.18", "3.0.17", "3.0.16", "3.0.15", "3.0.14", "3.0.13", "3.0.13.rc1", "3.0.12", "3.0.12.rc1", "3.0.11", "3.0.10", "3.0.10.rc1", "3.0.9", "3.0.9.rc5", "3.0.9.rc4", "3.0.9.rc3", "3.0.9.rc1", "3.0.8", "3.0.8.rc4", "3.0.8.rc2", "3.0.8.rc1", "3.0.7", "3.0.7.rc2", "3.0.7.rc1", "3.0.6", "3.0.6.rc2", "3.0.6.rc1", "3.0.5", "3.0.5.rc1", "3.0.4", "3.0.4.rc1", "3.0.3", "3.0.2", "3.0.1", "3.0.0", "3.0.0.rc2", "3.0.0.rc", "3.0.0.beta4", "3.0.0.beta3", "3.0.0.beta2", "3.0.0.beta", "2.3.18", "2.3.17", "2.3.16", "2.3.15", "2.3.14", "2.3.12", "2.3.11", "2.3.10", "2.3.9", "2.3.9.pre", "2.3.8", "2.3.8.pre1", "2.3.7", "2.3.6", "2.3.5", "2.3.4", "2.3.3", "2.3.2", "2.2.3", "2.2.2", "2.1.2", "2.1.1", "2.1.0", "2.0.5", "2.0.4", "2.0.2", "2.0.1", "2.0.0", "1.13.6", "1.13.5", "1.13.4", "1.13.3", "1.13.2", "1.13.1", "1.13.0", "1.12.5", "1.12.4", "1.12.3", "1.12.2", "1.12.1", "1.12.0", "1.11.2", "1.11.1", "1.11.0", "1.10.2", "1.10.1", "1.9.1", "1.9.0", "1.8.1", "1.8.0", "1.7.0", "1.6.0", "1.5.1", "1.5.0", "1.4.0", "1.3.1", "1.3.0", "1.2.0", "1.1.0", "1.0.1", "1.0.0", "0.9.5", "0.9.0", "6.1.0.rc2", "6.1.0", "6.1.1", "6.1.2", "6.1.2.1", "6.0.3.5", "5.2.4.5", "6.1.3", "6.1.3.1", "6.0.3.6", "5.2.5", "6.1.3.2", "6.0.3.7", "5.2.6", "5.2.4.6", "6.0.4", "6.1.4", "6.1.4.1", "6.0.4.1", "7.0.0.alpha2", "7.0.0.alpha1", "7.0.0.rc1", "7.0.0.rc3", "7.0.0.rc2", "6.1.4.3", "6.1.4.2", "6.0.4.3", "6.0.4.2", "6.1.4.4", "6.0.4.4", "7.0.0", "7.0.1", "7.0.2", "7.0.2.2", "7.0.2.1", "6.1.4.6", "6.1.4.5", "6.0.4.6", "6.0.4.5", "5.2.6.2", "5.2.6.1", "7.0.2.3", "6.1.4.7", "6.0.4.7", "5.2.6.3", "6.1.5", "5.2.7", "7.0.2.4", "6.1.5.1", "6.0.4.8", "5.2.7.1", "7.0.3", "6.1.6", "6.0.5", "5.2.8", "7.0.3.1", "6.1.6.1", "6.0.5.1", "5.2.8.1", "7.0.4", "6.1.7", "6.0.6", "6.1.7.1", "6.0.6.1", "6.1.7.2", "6.1.7.3", "6.1.7.4", "6.1.7.6", "6.1.7.5", "6.1.7.7", "6.1.7.8"]
Secure versions:
[7.2.0.beta2, 7.1.3.4, 7.0.8.4, 7.2.0.beta3, 7.2.0.rc1, 7.2.0, 7.2.1, 7.1.4, 8.0.0.beta1]
Recommendation:
Update to version 7.2.1.
Published date: 2017-10-24T18:33:35Z
CVE: CVE-2016-0751
actionpack/lib/actiondispatch/http/mime type.rb in Action Pack in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 does not properly restrict use of the MIME type cache, which allows remote attackers to cause a denial of service (memory consumption) via a crafted HTTP Accept header.
Affected versions:
["4.1.14", "4.1.14.rc2", "4.1.14.rc1", "4.1.13", "4.1.13.rc1", "4.1.12", "4.1.12.rc1", "4.1.11", "4.1.10", "4.1.10.rc4", "4.1.10.rc3", "4.1.10.rc2", "4.1.10.rc1", "4.1.9", "4.1.9.rc1", "4.1.8", "4.1.7.1", "4.1.7", "4.1.6", "4.1.6.rc2", "4.1.6.rc1", "4.1.5", "4.1.4", "4.1.3", "4.1.2", "4.1.2.rc3", "4.1.2.rc2", "4.1.2.rc1", "4.1.1", "4.1.0", "4.1.0.rc2", "4.1.0.rc1", "4.1.0.beta2", "4.1.0.beta1", "4.0.13", "4.0.13.rc1", "4.0.12", "4.0.11.1", "4.0.11", "4.0.10", "4.0.10.rc2", "4.0.10.rc1", "4.0.9", "4.0.8", "4.0.7", "4.0.6", "4.0.6.rc3", "4.0.6.rc2", "4.0.6.rc1", "4.0.5", "4.0.4", "4.0.4.rc1", "4.0.3", "4.0.2", "4.0.1", "4.0.1.rc4", "4.0.1.rc3", "4.0.1.rc2", "4.0.1.rc1", "4.0.0", "3.2.22", "3.2.21", "3.2.20", "3.2.19", "3.2.18", "3.2.17", "3.2.16", "3.2.15", "3.2.15.rc3", "3.2.15.rc2", "3.2.15.rc1", "3.2.14", "3.2.14.rc2", "3.2.14.rc1", "3.2.13", "3.2.13.rc2", "3.2.13.rc1", "3.2.12", "3.2.11", "3.2.10", "3.2.9", "3.2.9.rc3", "3.2.9.rc2", "3.2.9.rc1", "3.2.8", "3.2.8.rc2", "3.2.8.rc1", "3.2.7", "3.2.7.rc1", "3.2.6", "3.2.5", "3.2.4", "3.2.4.rc1", "3.2.3", "3.2.3.rc2", "3.2.3.rc1", "3.2.2", "3.2.2.rc1", "3.2.1", "3.2.0", "3.2.0.rc2", "3.2.0.rc1", "3.1.12", "3.1.11", "3.1.10", "3.1.9", "3.1.8", "3.1.7", "3.1.6", "3.1.5", "3.1.5.rc1", "3.1.4", "3.1.4.rc1", "3.1.3", "3.1.2", "3.1.2.rc2", "3.1.2.rc1", "3.1.1", "3.1.1.rc3", "3.1.1.rc2", "3.1.1.rc1", "3.1.0", "3.1.0.rc8", "3.1.0.rc6", "3.1.0.rc5", "3.1.0.rc4", "3.1.0.rc3", "3.1.0.rc2", "3.1.0.rc1", "3.1.0.beta1", "3.0.20", "3.0.19", "3.0.18", "3.0.17", "3.0.16", "3.0.15", "3.0.14", "3.0.13", "3.0.13.rc1", "3.0.12", "3.0.12.rc1", "3.0.11", "3.0.10", "3.0.10.rc1", "3.0.9", "3.0.9.rc5", "3.0.9.rc4", "3.0.9.rc3", "3.0.9.rc1", "3.0.8", "3.0.8.rc4", "3.0.8.rc2", "3.0.8.rc1", "3.0.7", "3.0.7.rc2", "3.0.7.rc1", "3.0.6", "3.0.6.rc2", "3.0.6.rc1", "3.0.5", "3.0.5.rc1", "3.0.4", "3.0.4.rc1", "3.0.3", "3.0.2", "3.0.1", "3.0.0", "3.0.0.rc2", "3.0.0.rc", "3.0.0.beta4", "3.0.0.beta3", "3.0.0.beta2", "3.0.0.beta", "2.3.18", "2.3.17", "2.3.16", "2.3.15", "2.3.14", "2.3.12", "2.3.11", "2.3.10", "2.3.9", "2.3.9.pre", "2.3.8", "2.3.8.pre1", "2.3.7", "2.3.6", "2.3.5", "2.3.4", "2.3.3", "2.3.2", "2.2.3", "2.2.2", "2.1.2", "2.1.1", "2.1.0", "2.0.5", "2.0.4", "2.0.2", "2.0.1", "2.0.0", "1.13.6", "1.13.5", "1.13.4", "1.13.3", "1.13.2", "1.13.1", "1.13.0", "1.12.5", "1.12.4", "1.12.3", "1.12.2", "1.12.1", "1.12.0", "1.11.2", "1.11.1", "1.11.0", "1.10.2", "1.10.1", "1.9.1", "1.9.0", "1.8.1", "1.8.0", "1.7.0", "1.6.0", "1.5.1", "1.5.0", "1.4.0", "1.3.1", "1.3.0", "1.2.0", "1.1.0", "1.0.1", "1.0.0", "0.9.5", "0.9.0", "4.2.5", "4.2.5.rc2", "4.2.5.rc1", "4.2.4", "4.2.4.rc1", "4.2.3", "4.2.3.rc1", "4.2.2", "4.2.1", "4.2.1.rc4", "4.2.1.rc3", "4.2.1.rc2", "4.2.1.rc1", "4.2.0"]
Secure versions:
[7.2.0.beta2, 7.1.3.4, 7.0.8.4, 7.2.0.beta3, 7.2.0.rc1, 7.2.0, 7.2.1, 7.1.4, 8.0.0.beta1]
Recommendation:
Update to version 7.2.1.
Published date: 2017-10-24T18:33:38Z
CVE: CVE-2012-2660
actionpack/lib/action_dispatch/http/request.rb
in Ruby on Rails before 3.0.13, 3.1.x before 3.1.5, and 3.2.x before 3.2.4 does not properly consider differences in parameter handling between the Active Record component and the Rack interface, which allows remote attackers to bypass intended database-query restrictions and perform NULL checks via a crafted request, as demonstrated by certain [nil]
values, a related issue to CVE-2012-2694.
Affected versions:
["3.2.4.rc1", "3.2.3", "3.2.3.rc2", "3.2.3.rc1", "3.2.2", "3.2.2.rc1", "3.2.1", "3.2.0", "3.1.5.rc1", "3.1.4", "3.1.4.rc1", "3.1.3", "3.1.2", "3.1.2.rc2", "3.1.2.rc1", "3.1.1", "3.1.1.rc3", "3.1.1.rc2", "3.1.1.rc1", "3.1.0", "3.0.13.rc1", "3.0.12", "3.0.12.rc1", "3.0.11", "3.0.10", "3.0.10.rc1", "3.0.9", "3.0.9.rc5", "3.0.9.rc4", "3.0.9.rc3", "3.0.9.rc1", "3.0.8", "3.0.8.rc4", "3.0.8.rc2", "3.0.8.rc1", "3.0.7", "3.0.7.rc2", "3.0.7.rc1", "3.0.6", "3.0.6.rc2", "3.0.6.rc1", "3.0.5", "3.0.5.rc1", "3.0.4", "3.0.4.rc1", "3.0.3", "3.0.2", "3.0.1", "3.0.0", "3.0.0.rc2", "3.0.0.rc", "3.0.0.beta4", "3.0.0.beta3", "3.0.0.beta2", "3.0.0.beta", "2.3.18", "2.3.17", "2.3.16", "2.3.15", "2.3.14", "2.3.12", "2.3.11", "2.3.10", "2.3.9", "2.3.9.pre", "2.3.8", "2.3.8.pre1", "2.3.7", "2.3.6", "2.3.5", "2.3.4", "2.3.3", "2.3.2", "2.2.3", "2.2.2", "2.1.2", "2.1.1", "2.1.0", "2.0.5", "2.0.4", "2.0.2", "2.0.1", "2.0.0", "1.13.6", "1.13.5", "1.13.4", "1.13.3", "1.13.2", "1.13.1", "1.13.0", "1.12.5", "1.12.4", "1.12.3", "1.12.2", "1.12.1", "1.12.0", "1.11.2", "1.11.1", "1.11.0", "1.10.2", "1.10.1", "1.9.1", "1.9.0", "1.8.1", "1.8.0", "1.7.0", "1.6.0", "1.5.1", "1.5.0", "1.4.0", "1.3.1", "1.3.0", "1.2.0", "1.1.0", "1.0.1", "1.0.0", "0.9.5", "0.9.0"]
Secure versions:
[7.2.0.beta2, 7.1.3.4, 7.0.8.4, 7.2.0.beta3, 7.2.0.rc1, 7.2.0, 7.2.1, 7.1.4, 8.0.0.beta1]
Recommendation:
Update to version 7.2.1.
Published date: 2017-10-24T18:33:37Z
CVE: CVE-2013-1857
The sanitize helper in lib/action_controller/vendor/html-scanner/html/sanitizer.rb
in the Action Pack component in Ruby on Rails before 2.3.18, 3.0.x and 3.1.x before 3.1.12, and 3.2.x before 3.2.13 does not properly handle encoded :
(colon) characters in URLs, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted scheme name, as demonstrated by including a :
sequence.
Affected versions:
["3.2.13.rc2", "3.2.13.rc1", "3.2.12", "3.2.11", "3.2.10", "3.2.9", "3.2.9.rc3", "3.2.9.rc2", "3.2.9.rc1", "3.2.8", "3.2.8.rc2", "3.2.8.rc1", "3.2.7", "3.2.7.rc1", "3.2.6", "3.2.5", "3.2.4", "3.2.4.rc1", "3.2.3", "3.2.3.rc2", "3.2.3.rc1", "3.2.2", "3.2.2.rc1", "3.2.1", "3.2.0", "3.1.11", "3.1.10", "3.1.9", "3.1.8", "3.1.7", "3.1.6", "3.1.5", "3.1.5.rc1", "3.1.4", "3.1.4.rc1", "3.1.3", "3.1.2", "3.1.2.rc2", "3.1.2.rc1", "3.1.1", "3.1.1.rc3", "3.1.1.rc2", "3.1.1.rc1", "3.1.0", "3.1.0.rc8", "3.1.0.rc6", "3.1.0.rc5", "3.1.0.rc4", "3.1.0.rc3", "3.1.0.rc2", "3.1.0.rc1", "3.1.0.beta1", "3.0.20", "3.0.19", "3.0.18", "3.0.17", "3.0.16", "3.0.15", "3.0.14", "3.0.13", "3.0.13.rc1", "3.0.12", "3.0.12.rc1", "3.0.11", "3.0.10", "3.0.10.rc1", "3.0.9", "3.0.9.rc5", "3.0.9.rc4", "3.0.9.rc3", "3.0.9.rc1", "3.0.8", "3.0.8.rc4", "3.0.8.rc2", "3.0.8.rc1", "3.0.7", "3.0.7.rc2", "3.0.7.rc1", "3.0.6", "3.0.6.rc2", "3.0.6.rc1", "3.0.5", "3.0.5.rc1", "3.0.4", "3.0.4.rc1", "3.0.3", "3.0.2", "3.0.1", "3.0.0", "2.3.17", "2.3.16", "2.3.15", "2.3.14", "2.3.12", "2.3.11", "2.3.10", "2.3.9", "2.3.9.pre", "2.3.8", "2.3.8.pre1", "2.3.7", "2.3.6", "2.3.5", "2.3.4", "2.3.3", "2.3.2", "2.2.3", "2.2.2", "2.1.2", "2.1.1", "2.1.0", "2.0.5", "2.0.4", "2.0.2", "2.0.1", "2.0.0", "1.13.6", "1.13.5", "1.13.4", "1.13.3", "1.13.2", "1.13.1", "1.13.0", "1.12.5", "1.12.4", "1.12.3", "1.12.2", "1.12.1", "1.12.0", "1.11.2", "1.11.1", "1.11.0", "1.10.2", "1.10.1", "1.9.1", "1.9.0", "1.8.1", "1.8.0", "1.7.0", "1.6.0", "1.5.1", "1.5.0", "1.4.0", "1.3.1", "1.3.0", "1.2.0", "1.1.0", "1.0.1", "1.0.0", "0.9.5", "0.9.0"]
Secure versions:
[7.2.0.beta2, 7.1.3.4, 7.0.8.4, 7.2.0.beta3, 7.2.0.rc1, 7.2.0, 7.2.1, 7.1.4, 8.0.0.beta1]
Recommendation:
Update to version 7.2.1.
Published date: 2017-10-24T18:33:37Z
CVE: CVE-2013-0156
active_support/core_ext/hash/conversions.rb
in Ruby on Rails before 2.3.15, 3.0.x before 3.0.19, 3.1.x before 3.1.10, and 3.2.x before 3.2.11 does not properly restrict casts of string values, which allows remote attackers to conduct object-injection attacks and execute arbitrary code, or cause a denial of service (memory and CPU consumption) involving nested XML entity references, by leveraging Action Pack support for (1) YAML type conversion or (2) Symbol type conversion.
Affected versions:
["3.2.10", "3.2.9", "3.2.9.rc3", "3.2.9.rc2", "3.2.9.rc1", "3.2.8", "3.2.8.rc2", "3.2.8.rc1", "3.2.7", "3.2.7.rc1", "3.2.6", "3.2.5", "3.2.4", "3.2.4.rc1", "3.2.3", "3.2.3.rc2", "3.2.3.rc1", "3.2.2", "3.2.2.rc1", "3.2.1", "3.2.0", "3.1.9", "3.1.8", "3.1.7", "3.1.6", "3.1.5", "3.1.5.rc1", "3.1.4", "3.1.4.rc1", "3.1.3", "3.1.2", "3.1.2.rc2", "3.1.2.rc1", "3.1.1", "3.1.1.rc3", "3.1.1.rc2", "3.1.1.rc1", "3.1.0", "3.0.18", "3.0.17", "3.0.16", "3.0.15", "3.0.14", "3.0.13", "3.0.13.rc1", "3.0.12", "3.0.12.rc1", "3.0.11", "3.0.10", "3.0.10.rc1", "3.0.9", "3.0.9.rc5", "3.0.9.rc4", "3.0.9.rc3", "3.0.9.rc1", "3.0.8", "3.0.8.rc4", "3.0.8.rc2", "3.0.8.rc1", "3.0.7", "3.0.7.rc2", "3.0.7.rc1", "3.0.6", "3.0.6.rc2", "3.0.6.rc1", "3.0.5", "3.0.5.rc1", "3.0.4", "3.0.4.rc1", "3.0.3", "3.0.2", "3.0.1", "3.0.0", "2.3.14", "2.3.12", "2.3.11", "2.3.10", "2.3.9", "2.3.9.pre", "2.3.8", "2.3.8.pre1", "2.3.7", "2.3.6", "2.3.5", "2.3.4", "2.3.3", "2.3.2", "2.2.3", "2.2.2", "2.1.2", "2.1.1", "2.1.0", "2.0.5", "2.0.4", "2.0.2", "2.0.1", "2.0.0", "1.13.6", "1.13.5", "1.13.4", "1.13.3", "1.13.2", "1.13.1", "1.13.0", "1.12.5", "1.12.4", "1.12.3", "1.12.2", "1.12.1", "1.12.0", "1.11.2", "1.11.1", "1.11.0", "1.10.2", "1.10.1", "1.9.1", "1.9.0", "1.8.1", "1.8.0", "1.7.0", "1.6.0", "1.5.1", "1.5.0", "1.4.0", "1.3.1", "1.3.0", "1.2.0", "1.1.0", "1.0.1", "1.0.0", "0.9.5", "0.9.0"]
Secure versions:
[7.2.0.beta2, 7.1.3.4, 7.0.8.4, 7.2.0.beta3, 7.2.0.rc1, 7.2.0, 7.2.1, 7.1.4, 8.0.0.beta1]
Recommendation:
Update to version 7.2.1.
Published date: 2018-09-17T21:55:03Z
CVE: CVE-2016-0751
Withdrawn, accidental duplicate publish.
actionpack/lib/actiondispatch/http/mime type.rb in Action Pack in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 does not properly restrict use of the MIME type cache, which allows remote attackers to cause a denial of service (memory consumption) via a crafted HTTP Accept header.
Affected versions:
["4.2.5", "4.2.5.rc2", "4.2.5.rc1", "4.2.4", "4.2.4.rc1", "4.2.3", "4.2.3.rc1", "4.2.2", "4.2.1", "4.2.1.rc4", "4.2.1.rc3", "4.2.1.rc2", "4.2.1.rc1", "4.2.0", "4.1.14", "4.1.14.rc2", "4.1.14.rc1", "4.1.13", "4.1.13.rc1", "4.1.12", "4.1.12.rc1", "4.1.11", "4.1.10", "4.1.10.rc4", "4.1.10.rc3", "4.1.10.rc2", "4.1.10.rc1", "4.1.9", "4.1.9.rc1", "4.1.8", "4.1.7.1", "4.1.7", "4.1.6", "4.1.6.rc2", "4.1.6.rc1", "4.1.5", "4.1.4", "4.1.3", "4.1.2", "4.1.2.rc3", "4.1.2.rc2", "4.1.2.rc1", "4.1.1", "4.1.0", "4.1.0.rc2", "4.1.0.rc1", "4.1.0.beta2", "4.1.0.beta1", "4.0.13", "4.0.13.rc1", "4.0.12", "4.0.11.1", "4.0.11", "4.0.10", "4.0.10.rc2", "4.0.10.rc1", "4.0.9", "4.0.8", "4.0.7", "4.0.6", "4.0.6.rc3", "4.0.6.rc2", "4.0.6.rc1", "4.0.5", "4.0.4", "4.0.4.rc1", "4.0.3", "4.0.2", "4.0.1", "4.0.1.rc4", "4.0.1.rc3", "4.0.1.rc2", "4.0.1.rc1", "4.0.0", "3.2.22", "3.2.21", "3.2.20", "3.2.19", "3.2.18", "3.2.17", "3.2.16", "3.2.15", "3.2.15.rc3", "3.2.15.rc2", "3.2.15.rc1", "3.2.14", "3.2.14.rc2", "3.2.14.rc1", "3.2.13", "3.2.13.rc2", "3.2.13.rc1", "3.2.12", "3.2.11", "3.2.10", "3.2.9", "3.2.9.rc3", "3.2.9.rc2", "3.2.9.rc1", "3.2.8", "3.2.8.rc2", "3.2.8.rc1", "3.2.7", "3.2.7.rc1", "3.2.6", "3.2.5", "3.2.4", "3.2.4.rc1", "3.2.3", "3.2.3.rc2", "3.2.3.rc1", "3.2.2", "3.2.2.rc1", "3.2.1", "3.2.0", "3.2.0.rc2", "3.2.0.rc1", "3.1.12", "3.1.11", "3.1.10", "3.1.9", "3.1.8", "3.1.7", "3.1.6", "3.1.5", "3.1.5.rc1", "3.1.4", "3.1.4.rc1", "3.1.3", "3.1.2", "3.1.2.rc2", "3.1.2.rc1", "3.1.1", "3.1.1.rc3", "3.1.1.rc2", "3.1.1.rc1", "3.1.0", "3.1.0.rc8", "3.1.0.rc6", "3.1.0.rc5", "3.1.0.rc4", "3.1.0.rc3", "3.1.0.rc2", "3.1.0.rc1", "3.1.0.beta1", "3.0.20", "3.0.19", "3.0.18", "3.0.17", "3.0.16", "3.0.15", "3.0.14", "3.0.13", "3.0.13.rc1", "3.0.12", "3.0.12.rc1", "3.0.11", "3.0.10", "3.0.10.rc1", "3.0.9", "3.0.9.rc5", "3.0.9.rc4", "3.0.9.rc3", "3.0.9.rc1", "3.0.8", "3.0.8.rc4", "3.0.8.rc2", "3.0.8.rc1", "3.0.7", "3.0.7.rc2", "3.0.7.rc1", "3.0.6", "3.0.6.rc2", "3.0.6.rc1", "3.0.5", "3.0.5.rc1", "3.0.4", "3.0.4.rc1", "3.0.3", "3.0.2", "3.0.1", "3.0.0", "3.0.0.rc2", "3.0.0.rc", "3.0.0.beta4", "3.0.0.beta3", "3.0.0.beta2", "3.0.0.beta", "2.3.18", "2.3.17", "2.3.16", "2.3.15", "2.3.14", "2.3.12", "2.3.11", "2.3.10", "2.3.9", "2.3.9.pre", "2.3.8", "2.3.8.pre1", "2.3.7", "2.3.6", "2.3.5", "2.3.4", "2.3.3", "2.3.2", "2.2.3", "2.2.2", "2.1.2", "2.1.1", "2.1.0", "2.0.5", "2.0.4", "2.0.2", "2.0.1", "2.0.0", "1.13.6", "1.13.5", "1.13.4", "1.13.3", "1.13.2", "1.13.1", "1.13.0", "1.12.5", "1.12.4", "1.12.3", "1.12.2", "1.12.1", "1.12.0", "1.11.2", "1.11.1", "1.11.0", "1.10.2", "1.10.1", "1.9.1", "1.9.0", "1.8.1", "1.8.0", "1.7.0", "1.6.0", "1.5.1", "1.5.0", "1.4.0", "1.3.1", "1.3.0", "1.2.0", "1.1.0", "1.0.1", "1.0.0", "0.9.5", "0.9.0"]
Secure versions:
[7.2.0.beta2, 7.1.3.4, 7.0.8.4, 7.2.0.beta3, 7.2.0.rc1, 7.2.0, 7.2.1, 7.1.4, 8.0.0.beta1]
Recommendation:
Update to version 7.2.1.
Published date: 2017-10-24T18:33:38Z
CVE: CVE-2012-2694
actionpack/lib/action_dispatch/http/request.rb
in Ruby on Rails before 3.0.14, 3.1.x before 3.1.6, and 3.2.x before 3.2.6 does not properly consider differences in parameter handling between the Active Record component and the Rack interface, which allows remote attackers to bypass intended database-query restrictions and perform NULL checks via a crafted request, as demonstrated by certain ['xyz', nil]
values, a related issue to CVE-2012-2660.
Affected versions:
["3.2.5", "3.2.4", "3.2.4.rc1", "3.2.3", "3.2.3.rc2", "3.2.3.rc1", "3.2.2", "3.2.2.rc1", "3.2.1", "3.2.0", "3.1.5", "3.1.5.rc1", "3.1.4", "3.1.4.rc1", "3.1.3", "3.1.2", "3.1.2.rc2", "3.1.2.rc1", "3.1.1", "3.1.1.rc3", "3.1.1.rc2", "3.1.1.rc1", "3.1.0", "3.0.13", "3.0.13.rc1", "3.0.12", "3.0.12.rc1", "3.0.11", "3.0.10", "3.0.10.rc1", "3.0.9", "3.0.9.rc5", "3.0.9.rc4", "3.0.9.rc3", "3.0.9.rc1", "3.0.8", "3.0.8.rc4", "3.0.8.rc2", "3.0.8.rc1", "3.0.7", "3.0.7.rc2", "3.0.7.rc1", "3.0.6", "3.0.6.rc2", "3.0.6.rc1", "3.0.5", "3.0.5.rc1", "3.0.4", "3.0.4.rc1", "3.0.3", "3.0.2", "3.0.1", "3.0.0", "3.0.0.rc2", "3.0.0.rc", "3.0.0.beta4", "3.0.0.beta3", "3.0.0.beta2", "3.0.0.beta", "2.3.18", "2.3.17", "2.3.16", "2.3.15", "2.3.14", "2.3.12", "2.3.11", "2.3.10", "2.3.9", "2.3.9.pre", "2.3.8", "2.3.8.pre1", "2.3.7", "2.3.6", "2.3.5", "2.3.4", "2.3.3", "2.3.2", "2.2.3", "2.2.2", "2.1.2", "2.1.1", "2.1.0", "2.0.5", "2.0.4", "2.0.2", "2.0.1", "2.0.0", "1.13.6", "1.13.5", "1.13.4", "1.13.3", "1.13.2", "1.13.1", "1.13.0", "1.12.5", "1.12.4", "1.12.3", "1.12.2", "1.12.1", "1.12.0", "1.11.2", "1.11.1", "1.11.0", "1.10.2", "1.10.1", "1.9.1", "1.9.0", "1.8.1", "1.8.0", "1.7.0", "1.6.0", "1.5.1", "1.5.0", "1.4.0", "1.3.1", "1.3.0", "1.2.0", "1.1.0", "1.0.1", "1.0.0", "0.9.5", "0.9.0"]
Secure versions:
[7.2.0.beta2, 7.1.3.4, 7.0.8.4, 7.2.0.beta3, 7.2.0.rc1, 7.2.0, 7.2.1, 7.1.4, 8.0.0.beta1]
Recommendation:
Update to version 7.2.1.
Published date: 2022-04-22T00:24:28Z
CVE: CVE-2011-1497
A cross-site scripting vulnerability flaw was found in the auto_link
function in Rails before version 3.0.6.
Affected versions:
["3.0.6.rc2", "3.0.6.rc1", "3.0.5", "3.0.5.rc1", "3.0.4", "3.0.4.rc1", "3.0.3", "3.0.2", "3.0.1", "3.0.0", "3.0.0.rc2", "3.0.0.rc", "3.0.0.beta4", "3.0.0.beta3", "3.0.0.beta2", "3.0.0.beta", "2.3.18", "2.3.17", "2.3.16", "2.3.15", "2.3.14", "2.3.12", "2.3.11", "2.3.10", "2.3.9", "2.3.9.pre", "2.3.8", "2.3.8.pre1", "2.3.7", "2.3.6", "2.3.5", "2.3.4", "2.3.3", "2.3.2", "2.2.3", "2.2.2", "2.1.2", "2.1.1", "2.1.0", "2.0.5", "2.0.4", "2.0.2", "2.0.1", "2.0.0", "1.13.6", "1.13.5", "1.13.4", "1.13.3", "1.13.2", "1.13.1", "1.13.0", "1.12.5", "1.12.4", "1.12.3", "1.12.2", "1.12.1", "1.12.0", "1.11.2", "1.11.1", "1.11.0", "1.10.2", "1.10.1", "1.9.1", "1.9.0", "1.8.1", "1.8.0", "1.7.0", "1.6.0", "1.5.1", "1.5.0", "1.4.0", "1.3.1", "1.3.0", "1.2.0", "1.1.0", "1.0.1", "1.0.0", "0.9.5", "0.9.0"]
Secure versions:
[7.2.0.beta2, 7.1.3.4, 7.0.8.4, 7.2.0.beta3, 7.2.0.rc1, 7.2.0, 7.2.1, 7.1.4, 8.0.0.beta1]
Recommendation:
Update to version 7.2.1.
Published date: 2017-10-24T18:33:37Z
CVE: CVE-2013-1855
The sanitize_css
method in lib/action_controller/vendor/html-scanner/html/sanitizer.rb
in the Action Pack component in Ruby on Rails before 2.3.18, 3.0.x and 3.1.x before 3.1.12, and 3.2.x before 3.2.13 does not properly handle \n
(newline) characters, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via crafted Cascading Style Sheets (CSS) token sequences.
Affected versions:
["3.2.13.rc2", "3.2.13.rc1", "3.2.12", "3.2.11", "3.2.10", "3.2.9", "3.2.9.rc3", "3.2.9.rc2", "3.2.9.rc1", "3.2.8", "3.2.8.rc2", "3.2.8.rc1", "3.2.7", "3.2.7.rc1", "3.2.6", "3.2.5", "3.2.4", "3.2.4.rc1", "3.2.3", "3.2.3.rc2", "3.2.3.rc1", "3.2.2", "3.2.2.rc1", "3.2.1", "3.2.0", "3.1.11", "3.1.10", "3.1.9", "3.1.8", "3.1.7", "3.1.6", "3.1.5", "3.1.5.rc1", "3.1.4", "3.1.4.rc1", "3.1.3", "3.1.2", "3.1.2.rc2", "3.1.2.rc1", "3.1.1", "3.1.1.rc3", "3.1.1.rc2", "3.1.1.rc1", "3.1.0", "3.1.0.rc8", "3.1.0.rc6", "3.1.0.rc5", "3.1.0.rc4", "3.1.0.rc3", "3.1.0.rc2", "3.1.0.rc1", "3.1.0.beta1", "3.0.20", "3.0.19", "3.0.18", "3.0.17", "3.0.16", "3.0.15", "3.0.14", "3.0.13", "3.0.13.rc1", "3.0.12", "3.0.12.rc1", "3.0.11", "3.0.10", "3.0.10.rc1", "3.0.9", "3.0.9.rc5", "3.0.9.rc4", "3.0.9.rc3", "3.0.9.rc1", "3.0.8", "3.0.8.rc4", "3.0.8.rc2", "3.0.8.rc1", "3.0.7", "3.0.7.rc2", "3.0.7.rc1", "3.0.6", "3.0.6.rc2", "3.0.6.rc1", "3.0.5", "3.0.5.rc1", "3.0.4", "3.0.4.rc1", "3.0.3", "3.0.2", "3.0.1", "3.0.0", "2.3.17", "2.3.16", "2.3.15", "2.3.14", "2.3.12", "2.3.11", "2.3.10", "2.3.9", "2.3.9.pre", "2.3.8", "2.3.8.pre1", "2.3.7", "2.3.6", "2.3.5", "2.3.4", "2.3.3", "2.3.2", "2.2.3", "2.2.2", "2.1.2", "2.1.1", "2.1.0", "2.0.5", "2.0.4", "2.0.2", "2.0.1", "2.0.0", "1.13.6", "1.13.5", "1.13.4", "1.13.3", "1.13.2", "1.13.1", "1.13.0", "1.12.5", "1.12.4", "1.12.3", "1.12.2", "1.12.1", "1.12.0", "1.11.2", "1.11.1", "1.11.0", "1.10.2", "1.10.1", "1.9.1", "1.9.0", "1.8.1", "1.8.0", "1.7.0", "1.6.0", "1.5.1", "1.5.0", "1.4.0", "1.3.1", "1.3.0", "1.2.0", "1.1.0", "1.0.1", "1.0.0", "0.9.5", "0.9.0"]
Secure versions:
[7.2.0.beta2, 7.1.3.4, 7.0.8.4, 7.2.0.beta3, 7.2.0.rc1, 7.2.0, 7.2.1, 7.1.4, 8.0.0.beta1]
Recommendation:
Update to version 7.2.1.
Published date: 2018-09-17T21:54:11Z
CVE: CVE-2014-0130
Withdrawn, accidental duplicate publish.
Directory traversal vulnerability in actionpack/lib/abstract_controller/base.rb in the implicit-render implementation in Ruby on Rails before 3.2.18, 4.0.x before 4.0.5, and 4.1.x before 4.1.1, when certain route globbing configurations are enabled, allows remote attackers to read arbitrary files via a crafted request.
Affected versions:
["4.1.0", "4.0.4", "4.0.4.rc1", "4.0.3", "4.0.2", "4.0.1", "4.0.1.rc4", "4.0.1.rc3", "4.0.1.rc2", "4.0.1.rc1", "4.0.0", "3.2.17", "3.2.16", "3.2.15", "3.2.15.rc3", "3.2.15.rc2", "3.2.15.rc1", "3.2.14", "3.2.14.rc2", "3.2.14.rc1", "3.2.13", "3.2.13.rc2", "3.2.13.rc1", "3.2.12", "3.2.11", "3.2.10", "3.2.9", "3.2.9.rc3", "3.2.9.rc2", "3.2.9.rc1", "3.2.8", "3.2.8.rc2", "3.2.8.rc1", "3.2.7", "3.2.7.rc1", "3.2.6", "3.2.5", "3.2.4", "3.2.4.rc1", "3.2.3", "3.2.3.rc2", "3.2.3.rc1", "3.2.2", "3.2.2.rc1", "3.2.1", "3.2.0", "3.2.0.rc2", "3.2.0.rc1", "3.1.12", "3.1.11", "3.1.10", "3.1.9", "3.1.8", "3.1.7", "3.1.6", "3.1.5", "3.1.5.rc1", "3.1.4", "3.1.4.rc1", "3.1.3", "3.1.2", "3.1.2.rc2", "3.1.2.rc1", "3.1.1", "3.1.1.rc3", "3.1.1.rc2", "3.1.1.rc1", "3.1.0", "3.1.0.rc8", "3.1.0.rc6", "3.1.0.rc5", "3.1.0.rc4", "3.1.0.rc3", "3.1.0.rc2", "3.1.0.rc1", "3.1.0.beta1", "3.0.20", "3.0.19", "3.0.18", "3.0.17", "3.0.16", "3.0.15", "3.0.14", "3.0.13", "3.0.13.rc1", "3.0.12", "3.0.12.rc1", "3.0.11", "3.0.10", "3.0.10.rc1", "3.0.9", "3.0.9.rc5", "3.0.9.rc4", "3.0.9.rc3", "3.0.9.rc1", "3.0.8", "3.0.8.rc4", "3.0.8.rc2", "3.0.8.rc1", "3.0.7", "3.0.7.rc2", "3.0.7.rc1", "3.0.6", "3.0.6.rc2", "3.0.6.rc1", "3.0.5", "3.0.5.rc1", "3.0.4", "3.0.4.rc1", "3.0.3", "3.0.2", "3.0.1", "3.0.0", "3.0.0.rc2", "3.0.0.rc", "3.0.0.beta4", "3.0.0.beta3", "3.0.0.beta2", "3.0.0.beta", "2.3.18", "2.3.17", "2.3.16", "2.3.15", "2.3.14", "2.3.12", "2.3.11", "2.3.10", "2.3.9", "2.3.9.pre", "2.3.8", "2.3.8.pre1", "2.3.7", "2.3.6", "2.3.5", "2.3.4", "2.3.3", "2.3.2", "2.2.3", "2.2.2", "2.1.2", "2.1.1", "2.1.0", "2.0.5", "2.0.4", "2.0.2", "2.0.1", "2.0.0", "1.13.6", "1.13.5", "1.13.4", "1.13.3", "1.13.2", "1.13.1", "1.13.0", "1.12.5", "1.12.4", "1.12.3", "1.12.2", "1.12.1", "1.12.0", "1.11.2", "1.11.1", "1.11.0", "1.10.2", "1.10.1", "1.9.1", "1.9.0", "1.8.1", "1.8.0", "1.7.0", "1.6.0", "1.5.1", "1.5.0", "1.4.0", "1.3.1", "1.3.0", "1.2.0", "1.1.0", "1.0.1", "1.0.0", "0.9.5", "0.9.0"]
Secure versions:
[7.2.0.beta2, 7.1.3.4, 7.0.8.4, 7.2.0.beta3, 7.2.0.rc1, 7.2.0, 7.2.1, 7.1.4, 8.0.0.beta1]
Recommendation:
Update to version 7.2.1.
Published date: 2018-09-17T21:57:47Z
CVE: CVE-2015-7576
Withdrawn, accidental duplicate publish.
The httpbasic authenticatewith method in actionpack/lib/action controller/metal/http_authentication.rb in the Basic Authentication implementation in Action Controller in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 does not use a constant-time algorithm for verifying credentials, which makes it easier for remote attackers to bypass authentication by measuring timing differences.
Affected versions:
["4.1.14", "4.1.14.rc2", "4.1.14.rc1", "4.1.13", "4.1.13.rc1", "4.1.12", "4.1.12.rc1", "4.1.11", "4.1.10", "4.1.10.rc4", "4.1.10.rc3", "4.1.10.rc2", "4.1.10.rc1", "4.1.9", "4.1.9.rc1", "4.1.8", "4.1.7.1", "4.1.7", "4.1.6", "4.1.6.rc2", "4.1.6.rc1", "4.1.5", "4.1.4", "4.1.3", "4.1.2", "4.1.2.rc3", "4.1.2.rc2", "4.1.2.rc1", "4.1.1", "4.1.0", "4.1.0.rc2", "4.1.0.rc1", "4.1.0.beta2", "4.1.0.beta1", "4.0.13", "4.0.13.rc1", "4.0.12", "4.0.11.1", "4.0.11", "4.0.10", "4.0.10.rc2", "4.0.10.rc1", "4.0.9", "4.0.8", "4.0.7", "4.0.6", "4.0.6.rc3", "4.0.6.rc2", "4.0.6.rc1", "4.0.5", "4.0.4", "4.0.4.rc1", "4.0.3", "4.0.2", "4.0.1", "4.0.1.rc4", "4.0.1.rc3", "4.0.1.rc2", "4.0.1.rc1", "4.0.0", "3.2.22", "3.2.21", "3.2.20", "3.2.19", "3.2.18", "3.2.17", "3.2.16", "3.2.15", "3.2.15.rc3", "3.2.15.rc2", "3.2.15.rc1", "3.2.14", "3.2.14.rc2", "3.2.14.rc1", "3.2.13", "3.2.13.rc2", "3.2.13.rc1", "3.2.12", "3.2.11", "3.2.10", "3.2.9", "3.2.9.rc3", "3.2.9.rc2", "3.2.9.rc1", "3.2.8", "3.2.8.rc2", "3.2.8.rc1", "3.2.7", "3.2.7.rc1", "3.2.6", "3.2.5", "3.2.4", "3.2.4.rc1", "3.2.3", "3.2.3.rc2", "3.2.3.rc1", "3.2.2", "3.2.2.rc1", "3.2.1", "3.2.0", "3.2.0.rc2", "3.2.0.rc1", "3.1.12", "3.1.11", "3.1.10", "3.1.9", "3.1.8", "3.1.7", "3.1.6", "3.1.5", "3.1.5.rc1", "3.1.4", "3.1.4.rc1", "3.1.3", "3.1.2", "3.1.2.rc2", "3.1.2.rc1", "3.1.1", "3.1.1.rc3", "3.1.1.rc2", "3.1.1.rc1", "3.1.0", "3.1.0.rc8", "3.1.0.rc6", "3.1.0.rc5", "3.1.0.rc4", "3.1.0.rc3", "3.1.0.rc2", "3.1.0.rc1", "3.1.0.beta1", "3.0.20", "3.0.19", "3.0.18", "3.0.17", "3.0.16", "3.0.15", "3.0.14", "3.0.13", "3.0.13.rc1", "3.0.12", "3.0.12.rc1", "3.0.11", "3.0.10", "3.0.10.rc1", "3.0.9", "3.0.9.rc5", "3.0.9.rc4", "3.0.9.rc3", "3.0.9.rc1", "3.0.8", "3.0.8.rc4", "3.0.8.rc2", "3.0.8.rc1", "3.0.7", "3.0.7.rc2", "3.0.7.rc1", "3.0.6", "3.0.6.rc2", "3.0.6.rc1", "3.0.5", "3.0.5.rc1", "3.0.4", "3.0.4.rc1", "3.0.3", "3.0.2", "3.0.1", "3.0.0", "3.0.0.rc2", "3.0.0.rc", "3.0.0.beta4", "3.0.0.beta3", "3.0.0.beta2", "3.0.0.beta", "2.3.18", "2.3.17", "2.3.16", "2.3.15", "2.3.14", "2.3.12", "2.3.11", "2.3.10", "2.3.9", "2.3.9.pre", "2.3.8", "2.3.8.pre1", "2.3.7", "2.3.6", "2.3.5", "2.3.4", "2.3.3", "2.3.2", "2.2.3", "2.2.2", "2.1.2", "2.1.1", "2.1.0", "2.0.5", "2.0.4", "2.0.2", "2.0.1", "2.0.0", "1.13.6", "1.13.5", "1.13.4", "1.13.3", "1.13.2", "1.13.1", "1.13.0", "1.12.5", "1.12.4", "1.12.3", "1.12.2", "1.12.1", "1.12.0", "1.11.2", "1.11.1", "1.11.0", "1.10.2", "1.10.1", "1.9.1", "1.9.0", "1.8.1", "1.8.0", "1.7.0", "1.6.0", "1.5.1", "1.5.0", "1.4.0", "1.3.1", "1.3.0", "1.2.0", "1.1.0", "1.0.1", "1.0.0", "0.9.5", "0.9.0", "4.2.5", "4.2.5.rc2", "4.2.5.rc1", "4.2.4", "4.2.4.rc1", "4.2.3", "4.2.3.rc1", "4.2.2", "4.2.1", "4.2.1.rc4", "4.2.1.rc3", "4.2.1.rc2", "4.2.1.rc1", "4.2.0"]
Secure versions:
[7.2.0.beta2, 7.1.3.4, 7.0.8.4, 7.2.0.beta3, 7.2.0.rc1, 7.2.0, 7.2.1, 7.1.4, 8.0.0.beta1]
Recommendation:
Update to version 7.2.1.
Published date: 2017-10-24T18:33:35Z
CVE: CVE-2016-0752
Directory traversal vulnerability in Action View in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 allows remote attackers to read arbitrary files by leveraging an application's unrestricted use of the render method and providing a ..
(dot dot) in a pathname.
Affected versions:
["3.2.22", "3.2.21", "3.2.20", "3.2.19", "3.2.18", "3.2.17", "3.2.16", "3.2.15", "3.2.15.rc3", "3.2.15.rc2", "3.2.15.rc1", "3.2.14", "3.2.14.rc2", "3.2.14.rc1", "3.2.13", "3.2.13.rc2", "3.2.13.rc1", "3.2.12", "3.2.11", "3.2.10", "3.2.9", "3.2.9.rc3", "3.2.9.rc2", "3.2.9.rc1", "3.2.8", "3.2.8.rc2", "3.2.8.rc1", "3.2.7", "3.2.7.rc1", "3.2.6", "3.2.5", "3.2.4", "3.2.4.rc1", "3.2.3", "3.2.3.rc2", "3.2.3.rc1", "3.2.2", "3.2.2.rc1", "3.2.1", "3.2.0", "3.2.0.rc2", "3.2.0.rc1", "3.1.12", "3.1.11", "3.1.10", "3.1.9", "3.1.8", "3.1.7", "3.1.6", "3.1.5", "3.1.5.rc1", "3.1.4", "3.1.4.rc1", "3.1.3", "3.1.2", "3.1.2.rc2", "3.1.2.rc1", "3.1.1", "3.1.1.rc3", "3.1.1.rc2", "3.1.1.rc1", "3.1.0", "3.1.0.rc8", "3.1.0.rc6", "3.1.0.rc5", "3.1.0.rc4", "3.1.0.rc3", "3.1.0.rc2", "3.1.0.rc1", "3.1.0.beta1", "3.0.20", "3.0.19", "3.0.18", "3.0.17", "3.0.16", "3.0.15", "3.0.14", "3.0.13", "3.0.13.rc1", "3.0.12", "3.0.12.rc1", "3.0.11", "3.0.10", "3.0.10.rc1", "3.0.9", "3.0.9.rc5", "3.0.9.rc4", "3.0.9.rc3", "3.0.9.rc1", "3.0.8", "3.0.8.rc4", "3.0.8.rc2", "3.0.8.rc1", "3.0.7", "3.0.7.rc2", "3.0.7.rc1", "3.0.6", "3.0.6.rc2", "3.0.6.rc1", "3.0.5", "3.0.5.rc1", "3.0.4", "3.0.4.rc1", "3.0.3", "3.0.2", "3.0.1", "3.0.0", "3.0.0.rc2", "3.0.0.rc", "3.0.0.beta4", "3.0.0.beta3", "3.0.0.beta2", "3.0.0.beta", "2.3.18", "2.3.17", "2.3.16", "2.3.15", "2.3.14", "2.3.12", "2.3.11", "2.3.10", "2.3.9", "2.3.9.pre", "2.3.8", "2.3.8.pre1", "2.3.7", "2.3.6", "2.3.5", "2.3.4", "2.3.3", "2.3.2", "2.2.3", "2.2.2", "2.1.2", "2.1.1", "2.1.0", "2.0.5", "2.0.4", "2.0.2", "2.0.1", "2.0.0", "1.13.6", "1.13.5", "1.13.4", "1.13.3", "1.13.2", "1.13.1", "1.13.0", "1.12.5", "1.12.4", "1.12.3", "1.12.2", "1.12.1", "1.12.0", "1.11.2", "1.11.1", "1.11.0", "1.10.2", "1.10.1", "1.9.1", "1.9.0", "1.8.1", "1.8.0", "1.7.0", "1.6.0", "1.5.1", "1.5.0", "1.4.0", "1.3.1", "1.3.0", "1.2.0", "1.1.0", "1.0.1", "1.0.0", "0.9.5", "0.9.0", "4.2.5", "4.2.5.rc2", "4.2.5.rc1", "4.2.4", "4.2.4.rc1", "4.2.3", "4.2.3.rc1", "4.2.2", "4.2.1", "4.2.1.rc4", "4.2.1.rc3", "4.2.1.rc2", "4.2.1.rc1", "4.2.0", "4.1.14", "4.1.14.rc2", "4.1.14.rc1", "4.1.13", "4.1.13.rc1", "4.1.12", "4.1.12.rc1", "4.1.11", "4.1.10", "4.1.10.rc4", "4.1.10.rc3", "4.1.10.rc2", "4.1.10.rc1", "4.1.9", "4.1.9.rc1", "4.1.8", "4.1.7.1", "4.1.7", "4.1.6", "4.1.6.rc2", "4.1.6.rc1", "4.1.5", "4.1.4", "4.1.3", "4.1.2", "4.1.2.rc3", "4.1.2.rc2", "4.1.2.rc1", "4.1.1", "4.1.0", "4.1.0.rc2", "4.1.0.rc1", "4.1.0.beta2", "4.1.0.beta1", "4.0.13", "4.0.13.rc1", "4.0.12", "4.0.11.1", "4.0.11", "4.0.10", "4.0.10.rc2", "4.0.10.rc1", "4.0.9", "4.0.8", "4.0.7", "4.0.6", "4.0.6.rc3", "4.0.6.rc2", "4.0.6.rc1", "4.0.5", "4.0.4", "4.0.4.rc1", "4.0.3", "4.0.2", "4.0.1", "4.0.1.rc4", "4.0.1.rc3", "4.0.1.rc2", "4.0.1.rc1", "4.0.0"]
Secure versions:
[7.2.0.beta2, 7.1.3.4, 7.0.8.4, 7.2.0.beta3, 7.2.0.rc1, 7.2.0, 7.2.1, 7.1.4, 8.0.0.beta1]
Recommendation:
Update to version 7.2.1.
Published date: 2017-10-24
Framework: rails
CVE: 2011-0446
CVSS V2: 4.3
Multiple cross-site scripting (XSS) vulnerabilities in the mail_to
helper in Ruby on Rails before 2.3.11, and 3.x before 3.0.4, when
javascript encoding is used, allow remote attackers to inject
arbitrary web script or HTML via a crafted (1) name or (2) email value.
Affected versions:
["3.0.4.rc1", "3.0.3", "3.0.2", "3.0.1", "3.0.0", "3.0.0.rc2", "3.0.0.rc", "3.0.0.beta4", "3.0.0.beta3", "3.0.0.beta2", "3.0.0.beta", "2.2.3", "2.2.2", "2.1.2", "2.1.1", "2.1.0", "2.0.5", "2.0.4", "2.0.2", "2.0.1", "2.0.0", "1.13.6", "1.13.5", "1.13.4", "1.13.3", "1.13.2", "1.13.1", "1.13.0", "1.12.5", "1.12.4", "1.12.3", "1.12.2", "1.12.1", "1.12.0", "1.11.2", "1.11.1", "1.11.0", "1.10.2", "1.10.1", "1.9.1", "1.9.0", "1.8.1", "1.8.0", "1.7.0", "1.6.0", "1.5.1", "1.5.0", "1.4.0", "1.3.1", "1.3.0", "1.2.0", "1.1.0", "1.0.1", "1.0.0", "0.9.5", "0.9.0"]
Secure versions:
[7.2.0.beta2, 7.1.3.4, 7.0.8.4, 7.2.0.beta3, 7.2.0.rc1, 7.2.0, 7.2.1, 7.1.4, 8.0.0.beta1]
Recommendation:
Update to version 7.2.1.
Published date: 2022-04-22
Framework: rails
CVE: 2011-1497
CVSS V2: 4.3
CVSS V3: 6.1
A cross-site scripting vulnerability flaw was found in
the auto_link function in Rails before version 3.0.6.
Affected versions:
["3.0.6.rc2", "3.0.6.rc1", "3.0.5", "3.0.5.rc1", "3.0.4", "3.0.4.rc1", "3.0.3", "3.0.2", "3.0.1", "3.0.0", "3.0.0.rc2", "3.0.0.rc", "3.0.0.beta4", "3.0.0.beta3", "3.0.0.beta2", "3.0.0.beta", "2.3.18", "2.3.17", "2.3.16", "2.3.15", "2.3.14", "2.3.12", "2.3.11", "2.3.10", "2.3.9", "2.3.9.pre", "2.3.8", "2.3.8.pre1", "2.3.7", "2.3.6", "2.3.5", "2.3.4", "2.3.3", "2.3.2", "2.2.3", "2.2.2", "2.1.2", "2.1.1", "2.1.0", "2.0.5", "2.0.4", "2.0.2", "2.0.1", "2.0.0", "1.13.6", "1.13.5", "1.13.4", "1.13.3", "1.13.2", "1.13.1", "1.13.0", "1.12.5", "1.12.4", "1.12.3", "1.12.2", "1.12.1", "1.12.0", "1.11.2", "1.11.1", "1.11.0", "1.10.2", "1.10.1", "1.9.1", "1.9.0", "1.8.1", "1.8.0", "1.7.0", "1.6.0", "1.5.1", "1.5.0", "1.4.0", "1.3.1", "1.3.0", "1.2.0", "1.1.0", "1.0.1", "1.0.0", "0.9.5", "0.9.0"]
Secure versions:
[7.2.0.beta2, 7.1.3.4, 7.0.8.4, 7.2.0.beta3, 7.2.0.rc1, 7.2.0, 7.2.1, 7.1.4, 8.0.0.beta1]
Recommendation:
Update to version 7.2.1.
Published date: 2017-10-24
Framework: rails
CVE: 2011-2197
CVSS V2: 4.3
The cross-site scripting (XSS) prevention feature in Ruby on Rails 2.x
before 2.3.12, 3.0.x before 3.0.8, and 3.1.x before 3.1.0.rc2 does
not properly handle mutation of safe buffers, which makes it easier
for remote attackers to conduct XSS attacks via crafted strings to an
application that uses a problematic string method, as demonstrated
by the sub method.
Affected versions:
["3.0.8.rc4", "3.0.8.rc2", "3.0.8.rc1", "3.0.7", "3.0.7.rc2", "3.0.7.rc1", "3.0.6", "3.0.6.rc2", "3.0.6.rc1", "3.0.5", "3.0.5.rc1", "3.0.4", "3.0.4.rc1", "3.0.3", "3.0.2", "3.0.1", "3.0.0", "3.0.0.rc2", "3.0.0.rc", "3.0.0.beta4", "3.0.0.beta3", "3.0.0.beta2", "3.0.0.beta", "2.2.3", "2.2.2", "2.1.2", "2.1.1", "2.1.0", "2.0.5", "2.0.4", "2.0.2", "2.0.1", "2.0.0", "1.13.6", "1.13.5", "1.13.4", "1.13.3", "1.13.2", "1.13.1", "1.13.0", "1.12.5", "1.12.4", "1.12.3", "1.12.2", "1.12.1", "1.12.0", "1.11.2", "1.11.1", "1.11.0", "1.10.2", "1.10.1", "1.9.1", "1.9.0", "1.8.1", "1.8.0", "1.7.0", "1.6.0", "1.5.1", "1.5.0", "1.4.0", "1.3.1", "1.3.0", "1.2.0", "1.1.0", "1.0.1", "1.0.0", "0.9.5", "0.9.0"]
Secure versions:
[7.2.0.beta2, 7.1.3.4, 7.0.8.4, 7.2.0.beta3, 7.2.0.rc1, 7.2.0, 7.2.1, 7.1.4, 8.0.0.beta1]
Recommendation:
Update to version 7.2.1.
Published date: 2011-08-16
Framework: rails
CVE: 2011-3186
CVSS V2: 4.3
A response splitting flaw in Ruby on Rails 2.3.x was reported that could allow
a remote attacker to inject arbitrary HTTP headers into a response due to
insufficient sanitization of the values provided for response content types.
Affected versions:
["2.3.12", "2.3.11", "2.3.10", "2.3.9", "2.3.9.pre", "2.3.8", "2.3.8.pre1", "2.3.7", "2.3.6", "2.3.5", "2.3.4", "2.3.3", "2.3.2", "2.2.3", "2.2.2", "2.1.2", "2.1.1", "2.1.0", "2.0.5", "2.0.4", "2.0.2", "2.0.1", "2.0.0", "1.13.6", "1.13.5", "1.13.4", "1.13.3", "1.13.2", "1.13.1", "1.13.0", "1.12.5", "1.12.4", "1.12.3", "1.12.2", "1.12.1", "1.12.0", "1.11.2", "1.11.1", "1.11.0", "1.10.2", "1.10.1", "1.9.1", "1.9.0", "1.8.1", "1.8.0", "1.7.0", "1.6.0", "1.5.1", "1.5.0", "1.4.0", "1.3.1", "1.3.0", "1.2.0", "1.1.0", "1.0.1", "1.0.0", "0.9.5", "0.9.0"]
Secure versions:
[7.2.0.beta2, 7.1.3.4, 7.0.8.4, 7.2.0.beta3, 7.2.0.rc1, 7.2.0, 7.2.1, 7.1.4, 8.0.0.beta1]
Recommendation:
Update to version 7.2.1.
Published date: 2012-03-01
Framework: rails
CVE: 2012-1099
CVSS V2: 4.3
Cross-site scripting (XSS) vulnerability in actionpack/lib/actionview/helpers/form options_helper.rb
in the select helper in Ruby on Rails 3.0.x before 3.0.12, 3.1.x before 3.1.4, and
3.2.x before 3.2.2 allows remote attackers to inject arbitrary web script or HTML
via vectors involving certain generation of OPTION elements within SELECT elements.
Affected versions:
["3.2.2.rc1", "3.2.1", "3.2.0", "3.2.0.rc2", "3.2.0.rc1", "2.3.18", "2.3.17", "2.3.16", "2.3.15", "2.3.14", "2.3.12", "2.3.11", "2.3.10", "2.3.9", "2.3.9.pre", "2.3.8", "2.3.8.pre1", "2.3.7", "2.3.6", "2.3.5", "2.3.4", "2.3.3", "2.3.2", "2.2.3", "2.2.2", "2.1.2", "2.1.1", "2.1.0", "2.0.5", "2.0.4", "2.0.2", "2.0.1", "2.0.0", "1.13.6", "1.13.5", "1.13.4", "1.13.3", "1.13.2", "1.13.1", "1.13.0", "1.12.5", "1.12.4", "1.12.3", "1.12.2", "1.12.1", "1.12.0", "1.11.2", "1.11.1", "1.11.0", "1.10.2", "1.10.1", "1.9.1", "1.9.0", "1.8.1", "1.8.0", "1.7.0", "1.6.0", "1.5.1", "1.5.0", "1.4.0", "1.3.1", "1.3.0", "1.2.0", "1.1.0", "1.0.1", "1.0.0", "0.9.5", "0.9.0"]
Secure versions:
[7.2.0.beta2, 7.1.3.4, 7.0.8.4, 7.2.0.beta3, 7.2.0.rc1, 7.2.0, 7.2.1, 7.1.4, 8.0.0.beta1]
Recommendation:
Update to version 7.2.1.
Published date: 2017-10-24
Framework: rails
CVE: 2012-2660
CVSS V2: 6.4
actionpack/lib/action_dispatch/http/request.rb in Ruby on Rails
before 3.0.13, 3.1.x before 3.1.5, and 3.2.x before 3.2.4 does not
properly consider differences in parameter handling between the
Active Record component and the Rack interface, which allows remote
attackers to bypass intended database-query restrictions and perform
NULL checks via a crafted request, as demonstrated by certain
[nil] values, a related issue to CVE-2012-2694.
Affected versions:
["3.2.4.rc1", "3.2.3", "3.2.3.rc2", "3.2.3.rc1", "3.2.2", "3.2.2.rc1", "3.2.1", "3.2.0", "3.2.0.rc2", "3.2.0.rc1", "2.3.18", "2.3.17", "2.3.16", "2.3.15", "2.3.14", "2.3.12", "2.3.11", "2.3.10", "2.3.9", "2.3.9.pre", "2.3.8", "2.3.8.pre1", "2.3.7", "2.3.6", "2.3.5", "2.3.4", "2.3.3", "2.3.2", "2.2.3", "2.2.2", "2.1.2", "2.1.1", "2.1.0", "2.0.5", "2.0.4", "2.0.2", "2.0.1", "2.0.0", "1.13.6", "1.13.5", "1.13.4", "1.13.3", "1.13.2", "1.13.1", "1.13.0", "1.12.5", "1.12.4", "1.12.3", "1.12.2", "1.12.1", "1.12.0", "1.11.2", "1.11.1", "1.11.0", "1.10.2", "1.10.1", "1.9.1", "1.9.0", "1.8.1", "1.8.0", "1.7.0", "1.6.0", "1.5.1", "1.5.0", "1.4.0", "1.3.1", "1.3.0", "1.2.0", "1.1.0", "1.0.1", "1.0.0", "0.9.5", "0.9.0"]
Secure versions:
[7.2.0.beta2, 7.1.3.4, 7.0.8.4, 7.2.0.beta3, 7.2.0.rc1, 7.2.0, 7.2.1, 7.1.4, 8.0.0.beta1]
Recommendation:
Update to version 7.2.1.
Published date: 2017-10-24
Framework: rails
CVE: 2012-2694
CVSS V2: 4.3
actionpack/lib/action_dispatch/http/request.rb in Ruby on Rails
before 3.0.14, 3.1.x before 3.1.6, and 3.2.x before 3.2.6 does not
properly consider differences in parameter handling between the
Active Record component and the Rack interface, which allows remote
attackers to bypass intended database-query restrictions and perform
NULL checks via a crafted request, as demonstrated by certain
['xyz', nil] values, a related issue to CVE-2012-2660.
Affected versions:
["3.2.5", "3.2.4", "3.2.4.rc1", "3.2.3", "3.2.3.rc2", "3.2.3.rc1", "3.2.2", "3.2.2.rc1", "3.2.1", "3.2.0", "3.2.0.rc2", "3.2.0.rc1", "2.3.18", "2.3.17", "2.3.16", "2.3.15", "2.3.14", "2.3.12", "2.3.11", "2.3.10", "2.3.9", "2.3.9.pre", "2.3.8", "2.3.8.pre1", "2.3.7", "2.3.6", "2.3.5", "2.3.4", "2.3.3", "2.3.2", "2.2.3", "2.2.2", "2.1.2", "2.1.1", "2.1.0", "2.0.5", "2.0.4", "2.0.2", "2.0.1", "2.0.0", "1.13.6", "1.13.5", "1.13.4", "1.13.3", "1.13.2", "1.13.1", "1.13.0", "1.12.5", "1.12.4", "1.12.3", "1.12.2", "1.12.1", "1.12.0", "1.11.2", "1.11.1", "1.11.0", "1.10.2", "1.10.1", "1.9.1", "1.9.0", "1.8.1", "1.8.0", "1.7.0", "1.6.0", "1.5.1", "1.5.0", "1.4.0", "1.3.1", "1.3.0", "1.2.0", "1.1.0", "1.0.1", "1.0.0", "0.9.5", "0.9.0"]
Secure versions:
[7.2.0.beta2, 7.1.3.4, 7.0.8.4, 7.2.0.beta3, 7.2.0.rc1, 7.2.0, 7.2.1, 7.1.4, 8.0.0.beta1]
Recommendation:
Update to version 7.2.1.
Published date: 2012-07-26
Framework: rails
CVE: 2012-3424
CVSS V2: 5.0
The decodecredentials method in actionpack/lib/action controller/metal/httpauthentication.rb
in Ruby on Rails 3.x before 3.0.16, 3.1.x before 3.1.7, and 3.2.x before 3.2.7 converts
Digest Authentication strings to symbols, which allows remote attackers to cause
a denial of service by leveraging access to an application that uses a with httpdigest
helper method, as demonstrated by the authenticate orrequest withhttp digest method.
Affected versions:
["2.3.4", "2.3.3", "2.3.2", "2.2.3", "2.2.2", "2.1.2", "2.1.1", "2.1.0", "2.0.5", "2.0.4", "2.0.2", "2.0.1", "2.0.0", "1.13.6", "1.13.5", "1.13.4", "1.13.3", "1.13.2", "1.13.1", "1.13.0", "1.12.5", "1.12.4", "1.12.3", "1.12.2", "1.12.1", "1.12.0", "1.11.2", "1.11.1", "1.11.0", "1.10.2", "1.10.1", "1.9.1", "1.9.0", "1.8.1", "1.8.0", "1.7.0", "1.6.0", "1.5.1", "1.5.0", "1.4.0", "1.3.1", "1.3.0", "1.2.0", "1.1.0", "1.0.1", "1.0.0", "0.9.5", "0.9.0"]
Secure versions:
[7.2.0.beta2, 7.1.3.4, 7.0.8.4, 7.2.0.beta3, 7.2.0.rc1, 7.2.0, 7.2.1, 7.1.4, 8.0.0.beta1]
Recommendation:
Update to version 7.2.1.
Published date: 2012-08-09
Framework: rails
CVE: 2012-3463
CVSS V2: 4.3
Cross-site scripting (XSS) vulnerability in actionpack/lib/actionview/helpers/form taghelper.rb
in Ruby on Rails 3.x before 3.0.17, 3.1.x before 3.1.8, and 3.2.x before 3.2.8 allows
remote attackers to inject arbitrary web script or HTML via the prompt field to
the select tag helper.
Affected versions:
["3.2.8.rc2", "3.2.8.rc1", "3.2.7", "3.2.7.rc1", "3.2.6", "3.2.5", "3.2.4", "3.2.4.rc1", "3.2.3", "3.2.3.rc2", "3.2.3.rc1", "3.2.2", "3.2.2.rc1", "3.2.1", "3.2.0", "3.2.0.rc2", "3.2.0.rc1", "2.2.3", "2.2.2", "2.1.2", "2.1.1", "2.1.0", "2.0.5", "2.0.4", "2.0.2", "2.0.1", "2.0.0", "1.13.6", "1.13.5", "1.13.4", "1.13.3", "1.13.2", "1.13.1", "1.13.0", "1.12.5", "1.12.4", "1.12.3", "1.12.2", "1.12.1", "1.12.0", "1.11.2", "1.11.1", "1.11.0", "1.10.2", "1.10.1", "1.9.1", "1.9.0", "1.8.1", "1.8.0", "1.7.0", "1.6.0", "1.5.1", "1.5.0", "1.4.0", "1.3.1", "1.3.0", "1.2.0", "1.1.0", "1.0.1", "1.0.0", "0.9.5", "0.9.0"]
Secure versions:
[7.2.0.beta2, 7.1.3.4, 7.0.8.4, 7.2.0.beta3, 7.2.0.rc1, 7.2.0, 7.2.1, 7.1.4, 8.0.0.beta1]
Recommendation:
Update to version 7.2.1.
Published date: 2012-08-09
Framework: rails
CVE: 2012-3465
CVSS V2: 4.3
Cross-site scripting (XSS) vulnerability in actionpack/lib/actionview/helpers/sanitize helper.rb
in the strip_tags helper in Ruby on Rails before 3.0.17, 3.1.x before 3.1.8, and
3.2.x before 3.2.8 allows remote attackers to inject arbitrary web script or HTML
via malformed HTML markup.
Affected versions:
["3.2.8.rc2", "3.2.8.rc1", "3.2.7", "3.2.7.rc1", "3.2.6", "3.2.5", "3.2.4", "3.2.4.rc1", "3.2.3", "3.2.3.rc2", "3.2.3.rc1", "3.2.2", "3.2.2.rc1", "3.2.1", "3.2.0", "3.2.0.rc2", "3.2.0.rc1", "2.3.18", "2.3.17", "2.3.16", "2.3.15", "2.3.14", "2.3.12", "2.3.11", "2.3.10", "2.3.9", "2.3.9.pre", "2.3.8", "2.3.8.pre1", "2.3.7", "2.3.6", "2.3.5", "2.3.4", "2.3.3", "2.3.2", "2.2.3", "2.2.2", "2.1.2", "2.1.1", "2.1.0", "2.0.5", "2.0.4", "2.0.2", "2.0.1", "2.0.0", "1.13.6", "1.13.5", "1.13.4", "1.13.3", "1.13.2", "1.13.1", "1.13.0", "1.12.5", "1.12.4", "1.12.3", "1.12.2", "1.12.1", "1.12.0", "1.11.2", "1.11.1", "1.11.0", "1.10.2", "1.10.1", "1.9.1", "1.9.0", "1.8.1", "1.8.0", "1.7.0", "1.6.0", "1.5.1", "1.5.0", "1.4.0", "1.3.1", "1.3.0", "1.2.0", "1.1.0", "1.0.1", "1.0.0", "0.9.5", "0.9.0"]
Secure versions:
[7.2.0.beta2, 7.1.3.4, 7.0.8.4, 7.2.0.beta3, 7.2.0.rc1, 7.2.0, 7.2.1, 7.1.4, 8.0.0.beta1]
Recommendation:
Update to version 7.2.1.
Published date: 2013-01-08
Framework: rails
CVE: 2013-0156
CVSS V2: 10.0
activesupport/core ext/hash/conversions.rb in Ruby on Rails before 2.3.15,
3.0.x before 3.0.19, 3.1.x before 3.1.10, and 3.2.x before 3.2.11 does not properly
restrict casts of string values, which allows remote attackers to conduct object-injection
attacks and execute arbitrary code, or cause a denial of service (memory and CPU
consumption) involving nested XML entity references, by leveraging Action Pack support
for (1) YAML type conversion or (2) Symbol type conversion.
Affected versions:
["3.2.10", "3.2.9", "3.2.9.rc3", "3.2.9.rc2", "3.2.9.rc1", "3.2.8", "3.2.8.rc2", "3.2.8.rc1", "3.2.7", "3.2.7.rc1", "3.2.6", "3.2.5", "3.2.4", "3.2.4.rc1", "3.2.3", "3.2.3.rc2", "3.2.3.rc1", "3.2.2", "3.2.2.rc1", "3.2.1", "3.2.0", "3.2.0.rc2", "3.2.0.rc1", "2.2.3", "2.2.2", "2.1.2", "2.1.1", "2.1.0", "2.0.5", "2.0.4", "2.0.2", "2.0.1", "2.0.0", "1.13.6", "1.13.5", "1.13.4", "1.13.3", "1.13.2", "1.13.1", "1.13.0", "1.12.5", "1.12.4", "1.12.3", "1.12.2", "1.12.1", "1.12.0", "1.11.2", "1.11.1", "1.11.0", "1.10.2", "1.10.1", "1.9.1", "1.9.0", "1.8.1", "1.8.0", "1.7.0", "1.6.0", "1.5.1", "1.5.0", "1.4.0", "1.3.1", "1.3.0", "1.2.0", "1.1.0", "1.0.1", "1.0.0", "0.9.5", "0.9.0"]
Secure versions:
[7.2.0.beta2, 7.1.3.4, 7.0.8.4, 7.2.0.beta3, 7.2.0.rc1, 7.2.0, 7.2.1, 7.1.4, 8.0.0.beta1]
Recommendation:
Update to version 7.2.1.
Published date: 2013-03-19
Framework: rails
CVE: 2013-1855
CVSS V2: 4.3
The sanitizecss method in lib/action controller/vendor/html-scanner/html/sanitizer.rb
in the Action Pack component in Ruby on Rails before 2.3.18, 3.0.x and 3.1.x before
3.1.12, and 3.2.x before 3.2.13 does not properly handle \n (newline) characters,
which makes it easier for remote attackers to conduct cross-site scripting (XSS)
attacks via crafted Cascading Style Sheets (CSS) token sequences. A cross-site scripting
(XSS) flaw was found in Action Pack. A remote attacker could use this flaw to conduct
XSS attacks against users of an application using Action Pack.
Affected versions:
["3.2.13.rc2", "3.2.13.rc1", "3.2.12", "3.2.11", "3.2.10", "3.2.9", "3.2.9.rc3", "3.2.9.rc2", "3.2.9.rc1", "3.2.8", "3.2.8.rc2", "3.2.8.rc1", "3.2.7", "3.2.7.rc1", "3.2.6", "3.2.5", "3.2.4", "3.2.4.rc1", "3.2.3", "3.2.3.rc2", "3.2.3.rc1", "3.2.2", "3.2.2.rc1", "3.2.1", "3.2.0", "3.2.0.rc2", "3.2.0.rc1", "3.0.20", "3.0.19", "3.0.18", "3.0.17", "3.0.16", "3.0.15", "3.0.14", "3.0.13", "3.0.13.rc1", "3.0.12", "3.0.12.rc1", "3.0.11", "3.0.10", "3.0.10.rc1", "3.0.9", "3.0.9.rc5", "3.0.9.rc4", "3.0.9.rc3", "3.0.9.rc1", "3.0.8", "3.0.8.rc4", "3.0.8.rc2", "3.0.8.rc1", "3.0.7", "3.0.7.rc2", "3.0.7.rc1", "3.0.6", "3.0.6.rc2", "3.0.6.rc1", "3.0.5", "3.0.5.rc1", "3.0.4", "3.0.4.rc1", "3.0.3", "3.0.2", "3.0.1", "3.0.0", "3.0.0.rc2", "3.0.0.rc", "3.0.0.beta4", "3.0.0.beta3", "3.0.0.beta2", "3.0.0.beta", "2.2.3", "2.2.2", "2.1.2", "2.1.1", "2.1.0", "2.0.5", "2.0.4", "2.0.2", "2.0.1", "2.0.0", "1.13.6", "1.13.5", "1.13.4", "1.13.3", "1.13.2", "1.13.1", "1.13.0", "1.12.5", "1.12.4", "1.12.3", "1.12.2", "1.12.1", "1.12.0", "1.11.2", "1.11.1", "1.11.0", "1.10.2", "1.10.1", "1.9.1", "1.9.0", "1.8.1", "1.8.0", "1.7.0", "1.6.0", "1.5.1", "1.5.0", "1.4.0", "1.3.1", "1.3.0", "1.2.0", "1.1.0", "1.0.1", "1.0.0", "0.9.5", "0.9.0"]
Secure versions:
[7.2.0.beta2, 7.1.3.4, 7.0.8.4, 7.2.0.beta3, 7.2.0.rc1, 7.2.0, 7.2.1, 7.1.4, 8.0.0.beta1]
Recommendation:
Update to version 7.2.1.
Published date: 2013-03-19
Framework: rails
CVE: 2013-1857
CVSS V2: 4.3
'The sanitize helper in lib/action_controller/vendor/html-scanner/html/sanitizer.rb
in the Action Pack component in Ruby on Rails before 2.3.18, 3.0.x and 3.1.x before
3.1.12, and 3.2.x before 3.2.13 does not properly handle encoded : (colon) characters
in URLs, which makes it easier for remote attackers to conduct cross-site scripting
(XSS) attacks via a crafted scheme name, as demonstrated by including a : sequence.
A cross-site scripting (XSS) flaw was found in Action Pack. A remote attacker could
use this flaw to conduct XSS attacks against users of an application using Action
Pack.'
Affected versions:
["3.2.13.rc2", "3.2.13.rc1", "3.2.12", "3.2.11", "3.2.10", "3.2.9", "3.2.9.rc3", "3.2.9.rc2", "3.2.9.rc1", "3.2.8", "3.2.8.rc2", "3.2.8.rc1", "3.2.7", "3.2.7.rc1", "3.2.6", "3.2.5", "3.2.4", "3.2.4.rc1", "3.2.3", "3.2.3.rc2", "3.2.3.rc1", "3.2.2", "3.2.2.rc1", "3.2.1", "3.2.0", "3.2.0.rc2", "3.2.0.rc1", "3.0.20", "3.0.19", "3.0.18", "3.0.17", "3.0.16", "3.0.15", "3.0.14", "3.0.13", "3.0.13.rc1", "3.0.12", "3.0.12.rc1", "3.0.11", "3.0.10", "3.0.10.rc1", "3.0.9", "3.0.9.rc5", "3.0.9.rc4", "3.0.9.rc3", "3.0.9.rc1", "3.0.8", "3.0.8.rc4", "3.0.8.rc2", "3.0.8.rc1", "3.0.7", "3.0.7.rc2", "3.0.7.rc1", "3.0.6", "3.0.6.rc2", "3.0.6.rc1", "3.0.5", "3.0.5.rc1", "3.0.4", "3.0.4.rc1", "3.0.3", "3.0.2", "3.0.1", "3.0.0", "3.0.0.rc2", "3.0.0.rc", "3.0.0.beta4", "3.0.0.beta3", "3.0.0.beta2", "3.0.0.beta", "2.2.3", "2.2.2", "2.1.2", "2.1.1", "2.1.0", "2.0.5", "2.0.4", "2.0.2", "2.0.1", "2.0.0", "1.13.6", "1.13.5", "1.13.4", "1.13.3", "1.13.2", "1.13.1", "1.13.0", "1.12.5", "1.12.4", "1.12.3", "1.12.2", "1.12.1", "1.12.0", "1.11.2", "1.11.1", "1.11.0", "1.10.2", "1.10.1", "1.9.1", "1.9.0", "1.8.1", "1.8.0", "1.7.0", "1.6.0", "1.5.1", "1.5.0", "1.4.0", "1.3.1", "1.3.0", "1.2.0", "1.1.0", "1.0.1", "1.0.0", "0.9.5", "0.9.0"]
Secure versions:
[7.2.0.beta2, 7.1.3.4, 7.0.8.4, 7.2.0.beta3, 7.2.0.rc1, 7.2.0, 7.2.1, 7.1.4, 8.0.0.beta1]
Recommendation:
Update to version 7.2.1.
Published date: 2013-12-03
Framework: rails
CVE: 2013-4491
CVSS V2: 4.3
There is a vulnerability in the internationalization component of Ruby on
Rails. Under certain common configurations an attacker can provide specially
crafted input which will execute a reflective XSS attack.
The root cause of this issue is a vulnerability in the i18n gem which has
been assigned the identifier CVE-2013-4492.
Affected versions:
["4.0.1", "4.0.1.rc4", "4.0.1.rc3", "4.0.1.rc2", "4.0.1.rc1", "4.0.0", "4.0.0.rc2", "4.0.0.rc1", "4.0.0.beta1", "3.1.12", "3.1.11", "3.1.10", "3.1.9", "3.1.8", "3.1.7", "3.1.6", "3.1.5", "3.1.5.rc1", "3.1.4", "3.1.4.rc1", "3.1.3", "3.1.2", "3.1.2.rc2", "3.1.2.rc1", "3.1.1", "3.1.1.rc3", "3.1.1.rc2", "3.1.1.rc1", "3.1.0", "3.1.0.rc8", "3.1.0.rc6", "3.1.0.rc5", "3.1.0.rc4", "3.1.0.rc3", "3.1.0.rc2", "3.1.0.rc1", "3.1.0.beta1", "3.0.20", "3.0.19", "3.0.18", "3.0.17", "3.0.16", "3.0.15", "3.0.14", "3.0.13", "3.0.13.rc1", "3.0.12", "3.0.12.rc1", "3.0.11", "3.0.10", "3.0.10.rc1", "3.0.9", "3.0.9.rc5", "3.0.9.rc4", "3.0.9.rc3", "3.0.9.rc1", "3.0.8", "3.0.8.rc4", "3.0.8.rc2", "3.0.8.rc1", "3.0.7", "3.0.7.rc2", "3.0.7.rc1", "3.0.6", "3.0.6.rc2", "3.0.6.rc1", "3.0.5", "3.0.5.rc1", "3.0.4", "3.0.4.rc1", "3.0.3", "3.0.2", "3.0.1", "3.0.0", "3.0.0.rc2", "3.0.0.rc", "3.0.0.beta4", "3.0.0.beta3", "3.0.0.beta2", "3.0.0.beta", "2.3.18", "2.3.17", "2.3.16", "2.3.15", "2.3.14", "2.3.12", "2.3.11", "2.3.10", "2.3.9", "2.3.9.pre", "2.3.8", "2.3.8.pre1", "2.3.7", "2.3.6", "2.3.5", "2.3.4", "2.3.3", "2.3.2", "2.2.3", "2.2.2", "2.1.2", "2.1.1", "2.1.0", "2.0.5", "2.0.4", "2.0.2", "2.0.1", "2.0.0", "1.13.6", "1.13.5", "1.13.4", "1.13.3", "1.13.2", "1.13.1", "1.13.0", "1.12.5", "1.12.4", "1.12.3", "1.12.2", "1.12.1", "1.12.0", "1.11.2", "1.11.1", "1.11.0", "1.10.2", "1.10.1", "1.9.1", "1.9.0", "1.8.1", "1.8.0", "1.7.0", "1.6.0", "1.5.1", "1.5.0", "1.4.0", "1.3.1", "1.3.0", "1.2.0", "1.1.0", "1.0.1", "1.0.0", "0.9.5", "0.9.0"]
Secure versions:
[7.2.0.beta2, 7.1.3.4, 7.0.8.4, 7.2.0.beta3, 7.2.0.rc1, 7.2.0, 7.2.1, 7.1.4, 8.0.0.beta1]
Recommendation:
Update to version 7.2.1.
Published date: 2013-12-03
Framework: rails
CVE: 2013-6414
CVSS V2: 5.0
There is a denial of service vulnerability in the header handling component of
Action View.
Affected versions:
["4.0.1", "4.0.1.rc4", "4.0.1.rc3", "4.0.1.rc2", "4.0.1.rc1", "4.0.0", "4.0.0.rc2", "4.0.0.rc1", "4.0.0.beta1", "3.1.12", "3.1.11", "3.1.10", "3.1.9", "3.1.8", "3.1.7", "3.1.6", "3.1.5", "3.1.5.rc1", "3.1.4", "3.1.4.rc1", "3.1.3", "3.1.2", "3.1.2.rc2", "3.1.2.rc1", "3.1.1", "3.1.1.rc3", "3.1.1.rc2", "3.1.1.rc1", "3.1.0", "3.1.0.rc8", "3.1.0.rc6", "3.1.0.rc5", "3.1.0.rc4", "3.1.0.rc3", "3.1.0.rc2", "3.1.0.rc1", "3.1.0.beta1", "3.0.20", "3.0.19", "3.0.18", "3.0.17", "3.0.16", "3.0.15", "3.0.14", "3.0.13", "3.0.13.rc1", "3.0.12", "3.0.12.rc1", "3.0.11", "3.0.10", "3.0.10.rc1", "3.0.9", "3.0.9.rc5", "3.0.9.rc4", "3.0.9.rc3", "3.0.9.rc1", "3.0.8", "3.0.8.rc4", "3.0.8.rc2", "3.0.8.rc1", "3.0.7", "3.0.7.rc2", "3.0.7.rc1", "3.0.6", "3.0.6.rc2", "3.0.6.rc1", "3.0.5", "3.0.5.rc1", "3.0.4", "3.0.4.rc1", "3.0.3", "3.0.2", "3.0.1", "3.0.0", "3.0.0.rc2", "3.0.0.rc", "3.0.0.beta4", "3.0.0.beta3", "3.0.0.beta2", "3.0.0.beta", "2.2.3", "2.2.2", "2.1.2", "2.1.1", "2.1.0", "2.0.5", "2.0.4", "2.0.2", "2.0.1", "2.0.0", "1.13.6", "1.13.5", "1.13.4", "1.13.3", "1.13.2", "1.13.1", "1.13.0", "1.12.5", "1.12.4", "1.12.3", "1.12.2", "1.12.1", "1.12.0", "1.11.2", "1.11.1", "1.11.0", "1.10.2", "1.10.1", "1.9.1", "1.9.0", "1.8.1", "1.8.0", "1.7.0", "1.6.0", "1.5.1", "1.5.0", "1.4.0", "1.3.1", "1.3.0", "1.2.0", "1.1.0", "1.0.1", "1.0.0", "0.9.5", "0.9.0"]
Secure versions:
[7.2.0.beta2, 7.1.3.4, 7.0.8.4, 7.2.0.beta3, 7.2.0.rc1, 7.2.0, 7.2.1, 7.1.4, 8.0.0.beta1]
Recommendation:
Update to version 7.2.1.
Published date: 2013-12-03
Framework: rails
CVE: 2013-6415
CVSS V2: 4.3
There is an XSS vulnerability in the numberto currency helper in Ruby on Raile.
The numberto currency helper allows users to nicely format a numeric value. One
of the parameters to the helper (unit) is not escaped correctly. Applications
which pass user controlled data as the unit parameter are vulnerable to an XSS attack.
Affected versions:
["4.0.1", "4.0.1.rc4", "4.0.1.rc3", "4.0.1.rc2", "4.0.1.rc1", "4.0.0", "4.0.0.rc2", "4.0.0.rc1", "4.0.0.beta1", "3.1.12", "3.1.11", "3.1.10", "3.1.9", "3.1.8", "3.1.7", "3.1.6", "3.1.5", "3.1.5.rc1", "3.1.4", "3.1.4.rc1", "3.1.3", "3.1.2", "3.1.2.rc2", "3.1.2.rc1", "3.1.1", "3.1.1.rc3", "3.1.1.rc2", "3.1.1.rc1", "3.1.0", "3.1.0.rc8", "3.1.0.rc6", "3.1.0.rc5", "3.1.0.rc4", "3.1.0.rc3", "3.1.0.rc2", "3.1.0.rc1", "3.1.0.beta1", "3.0.20", "3.0.19", "3.0.18", "3.0.17", "3.0.16", "3.0.15", "3.0.14", "3.0.13", "3.0.13.rc1", "3.0.12", "3.0.12.rc1", "3.0.11", "3.0.10", "3.0.10.rc1", "3.0.9", "3.0.9.rc5", "3.0.9.rc4", "3.0.9.rc3", "3.0.9.rc1", "3.0.8", "3.0.8.rc4", "3.0.8.rc2", "3.0.8.rc1", "3.0.7", "3.0.7.rc2", "3.0.7.rc1", "3.0.6", "3.0.6.rc2", "3.0.6.rc1", "3.0.5", "3.0.5.rc1", "3.0.4", "3.0.4.rc1", "3.0.3", "3.0.2", "3.0.1", "3.0.0", "3.0.0.rc2", "3.0.0.rc", "3.0.0.beta4", "3.0.0.beta3", "3.0.0.beta2", "3.0.0.beta", "2.3.18", "2.3.17", "2.3.16", "2.3.15", "2.3.14", "2.3.12", "2.3.11", "2.3.10", "2.3.9", "2.3.9.pre", "2.3.8", "2.3.8.pre1", "2.3.7", "2.3.6", "2.3.5", "2.3.4", "2.3.3", "2.3.2", "2.2.3", "2.2.2", "2.1.2", "2.1.1", "2.1.0", "2.0.5", "2.0.4", "2.0.2", "2.0.1", "2.0.0", "1.13.6", "1.13.5", "1.13.4", "1.13.3", "1.13.2", "1.13.1", "1.13.0", "1.12.5", "1.12.4", "1.12.3", "1.12.2", "1.12.1", "1.12.0", "1.11.2", "1.11.1", "1.11.0", "1.10.2", "1.10.1", "1.9.1", "1.9.0", "1.8.1", "1.8.0", "1.7.0", "1.6.0", "1.5.1", "1.5.0", "1.4.0", "1.3.1", "1.3.0", "1.2.0", "1.1.0", "1.0.1", "1.0.0", "0.9.5", "0.9.0"]
Secure versions:
[7.2.0.beta2, 7.1.3.4, 7.0.8.4, 7.2.0.beta3, 7.2.0.rc1, 7.2.0, 7.2.1, 7.1.4, 8.0.0.beta1]
Recommendation:
Update to version 7.2.1.
Published date: 2013-12-03
Framework: rails
CVE: 2013-6416
CVSS V2: 4.3
There is a vulnerability in the simpleformat helper in Ruby on Rails.
The simple format helper converts user supplied text into html text
which is intended to be safe for display. A change made to the
implementation of this helper means that any user provided HTML
attributes will not be escaped correctly. As a result of this error,
applications which pass user-controlled data to be included as html
attributes will be vulnerable to an XSS attack.
Affected versions:
["4.0.1", "4.0.1.rc4", "4.0.1.rc3", "4.0.1.rc2", "4.0.1.rc1", "4.0.0", "4.0.0.rc2", "4.0.0.rc1", "4.0.0.beta1", "3.0.20", "3.0.19", "3.0.18", "3.0.17", "3.0.16", "3.0.15", "3.0.14", "3.0.13", "3.0.13.rc1", "3.0.12", "3.0.12.rc1", "3.0.11", "3.0.10", "3.0.10.rc1", "3.0.9", "3.0.9.rc5", "3.0.9.rc4", "3.0.9.rc3", "3.0.9.rc1", "3.0.8", "3.0.8.rc4", "3.0.8.rc2", "3.0.8.rc1", "3.0.7", "3.0.7.rc2", "3.0.7.rc1", "3.0.6", "3.0.6.rc2", "3.0.6.rc1", "3.0.5", "3.0.5.rc1", "3.0.4", "3.0.4.rc1", "3.0.3", "3.0.2", "3.0.1", "3.0.0", "3.0.0.rc2", "3.0.0.rc", "3.0.0.beta4", "3.0.0.beta3", "3.0.0.beta2", "3.0.0.beta", "2.2.3", "2.2.2", "2.1.2", "2.1.1", "2.1.0", "2.0.5", "2.0.4", "2.0.2", "2.0.1", "2.0.0", "1.13.6", "1.13.5", "1.13.4", "1.13.3", "1.13.2", "1.13.1", "1.13.0", "1.12.5", "1.12.4", "1.12.3", "1.12.2", "1.12.1", "1.12.0", "1.11.2", "1.11.1", "1.11.0", "1.10.2", "1.10.1", "1.9.1", "1.9.0", "1.8.1", "1.8.0", "1.7.0", "1.6.0", "1.5.1", "1.5.0", "1.4.0", "1.3.1", "1.3.0", "1.2.0", "1.1.0", "1.0.1", "1.0.0", "0.9.5", "0.9.0"]
Secure versions:
[7.2.0.beta2, 7.1.3.4, 7.0.8.4, 7.2.0.beta3, 7.2.0.rc1, 7.2.0, 7.2.1, 7.1.4, 8.0.0.beta1]
Recommendation:
Update to version 7.2.1.
Published date: 2013-12-03
Framework: rails
CVE: 2013-6417
CVSS V2: 6.4
The prior fix to CVE-2013-0155 was incomplete and the use of common
3rd party libraries can accidentally circumvent the protection. Due
to the way that Rack::Request and Rails::Request interact, it is
possible for a 3rd party or custom rack middleware to parse the
parameters insecurely and store them in the same key that Rails uses
for its own parameters. In the event that happens the application
will receive unsafe parameters and could be vulnerable to the earlier
vulnerability.
Affected versions:
["4.0.1", "4.0.1.rc4", "4.0.1.rc3", "4.0.1.rc2", "4.0.1.rc1", "4.0.0", "4.0.0.rc2", "4.0.0.rc1", "4.0.0.beta1", "3.1.12", "3.1.11", "3.1.10", "3.1.9", "3.1.8", "3.1.7", "3.1.6", "3.1.5", "3.1.5.rc1", "3.1.4", "3.1.4.rc1", "3.1.3", "3.1.2", "3.1.2.rc2", "3.1.2.rc1", "3.1.1", "3.1.1.rc3", "3.1.1.rc2", "3.1.1.rc1", "3.1.0", "3.1.0.rc8", "3.1.0.rc6", "3.1.0.rc5", "3.1.0.rc4", "3.1.0.rc3", "3.1.0.rc2", "3.1.0.rc1", "3.1.0.beta1", "3.0.20", "3.0.19", "3.0.18", "3.0.17", "3.0.16", "3.0.15", "3.0.14", "3.0.13", "3.0.13.rc1", "3.0.12", "3.0.12.rc1", "3.0.11", "3.0.10", "3.0.10.rc1", "3.0.9", "3.0.9.rc5", "3.0.9.rc4", "3.0.9.rc3", "3.0.9.rc1", "3.0.8", "3.0.8.rc4", "3.0.8.rc2", "3.0.8.rc1", "3.0.7", "3.0.7.rc2", "3.0.7.rc1", "3.0.6", "3.0.6.rc2", "3.0.6.rc1", "3.0.5", "3.0.5.rc1", "3.0.4", "3.0.4.rc1", "3.0.3", "3.0.2", "3.0.1", "3.0.0", "3.0.0.rc2", "3.0.0.rc", "3.0.0.beta4", "3.0.0.beta3", "3.0.0.beta2", "3.0.0.beta", "2.3.18", "2.3.17", "2.3.16", "2.3.15", "2.3.14", "2.3.12", "2.3.11", "2.3.10", "2.3.9", "2.3.9.pre", "2.3.8", "2.3.8.pre1", "2.3.7", "2.3.6", "2.3.5", "2.3.4", "2.3.3", "2.3.2", "2.2.3", "2.2.2", "2.1.2", "2.1.1", "2.1.0", "2.0.5", "2.0.4", "2.0.2", "2.0.1", "2.0.0", "1.13.6", "1.13.5", "1.13.4", "1.13.3", "1.13.2", "1.13.1", "1.13.0", "1.12.5", "1.12.4", "1.12.3", "1.12.2", "1.12.1", "1.12.0", "1.11.2", "1.11.1", "1.11.0", "1.10.2", "1.10.1", "1.9.1", "1.9.0", "1.8.1", "1.8.0", "1.7.0", "1.6.0", "1.5.1", "1.5.0", "1.4.0", "1.3.1", "1.3.0", "1.2.0", "1.1.0", "1.0.1", "1.0.0", "0.9.5", "0.9.0"]
Secure versions:
[7.2.0.beta2, 7.1.3.4, 7.0.8.4, 7.2.0.beta3, 7.2.0.rc1, 7.2.0, 7.2.1, 7.1.4, 8.0.0.beta1]
Recommendation:
Update to version 7.2.1.
Published date: 2014-02-18
Framework: rails
CVE: 2014-0081
CVSS V2: 4.3
Multiple cross-site scripting (XSS) vulnerabilities in actionview/lib/actionview/helpers/number helper.rb
in Ruby on Rails before 3.2.17, 4.0.x before 4.0.3, and 4.1.x before 4.1.0.beta2
allow remote attackers to inject arbitrary web script or HTML via the (1) format,
(2) negativeformat, or (3) units parameter to the (a) number tocurrency, (b) number topercentage,
or (c) number to_human helper.
Affected versions:
["4.1.0.beta1", "3.1.12", "3.1.11", "3.1.10", "3.1.9", "3.1.8", "3.1.7", "3.1.6", "3.1.5", "3.1.5.rc1", "3.1.4", "3.1.4.rc1", "3.1.3", "3.1.2", "3.1.2.rc2", "3.1.2.rc1", "3.1.1", "3.1.1.rc3", "3.1.1.rc2", "3.1.1.rc1", "3.1.0", "3.1.0.rc8", "3.1.0.rc6", "3.1.0.rc5", "3.1.0.rc4", "3.1.0.rc3", "3.1.0.rc2", "3.1.0.rc1", "3.1.0.beta1", "3.0.20", "3.0.19", "3.0.18", "3.0.17", "3.0.16", "3.0.15", "3.0.14", "3.0.13", "3.0.13.rc1", "3.0.12", "3.0.12.rc1", "3.0.11", "3.0.10", "3.0.10.rc1", "3.0.9", "3.0.9.rc5", "3.0.9.rc4", "3.0.9.rc3", "3.0.9.rc1", "3.0.8", "3.0.8.rc4", "3.0.8.rc2", "3.0.8.rc1", "3.0.7", "3.0.7.rc2", "3.0.7.rc1", "3.0.6", "3.0.6.rc2", "3.0.6.rc1", "3.0.5", "3.0.5.rc1", "3.0.4", "3.0.4.rc1", "3.0.3", "3.0.2", "3.0.1", "3.0.0", "3.0.0.rc2", "3.0.0.rc", "3.0.0.beta4", "3.0.0.beta3", "3.0.0.beta2", "3.0.0.beta", "2.3.18", "2.3.17", "2.3.16", "2.3.15", "2.3.14", "2.3.12", "2.3.11", "2.3.10", "2.3.9", "2.3.9.pre", "2.3.8", "2.3.8.pre1", "2.3.7", "2.3.6", "2.3.5", "2.3.4", "2.3.3", "2.3.2", "2.2.3", "2.2.2", "2.1.2", "2.1.1", "2.1.0", "2.0.5", "2.0.4", "2.0.2", "2.0.1", "2.0.0", "1.13.6", "1.13.5", "1.13.4", "1.13.3", "1.13.2", "1.13.1", "1.13.0", "1.12.5", "1.12.4", "1.12.3", "1.12.2", "1.12.1", "1.12.0", "1.11.2", "1.11.1", "1.11.0", "1.10.2", "1.10.1", "1.9.1", "1.9.0", "1.8.1", "1.8.0", "1.7.0", "1.6.0", "1.5.1", "1.5.0", "1.4.0", "1.3.1", "1.3.0", "1.2.0", "1.1.0", "1.0.1", "1.0.0", "0.9.5", "0.9.0"]
Secure versions:
[7.2.0.beta2, 7.1.3.4, 7.0.8.4, 7.2.0.beta3, 7.2.0.rc1, 7.2.0, 7.2.1, 7.1.4, 8.0.0.beta1]
Recommendation:
Update to version 7.2.1.
Published date: 2014-02-18
Framework: rails
CVE: 2014-0082
CVSS V2: 5.0
actionpack/lib/action_view/template/text.rb in Action View in Ruby on
Rails 3.x before 3.2.17 converts MIME type strings to symbols during use of the
:text option to the render method, which allows remote attackers to cause a denial
of service (memory consumption) by including these strings in headers.
Affected versions:
["3.2.16", "3.2.15", "3.2.15.rc3", "3.2.15.rc2", "3.2.15.rc1", "3.2.14", "3.2.14.rc2", "3.2.14.rc1", "3.2.13", "3.2.13.rc2", "3.2.13.rc1", "3.2.12", "3.2.11", "3.2.10", "3.2.9", "3.2.9.rc3", "3.2.9.rc2", "3.2.9.rc1", "3.2.8", "3.2.8.rc2", "3.2.8.rc1", "3.2.7", "3.2.7.rc1", "3.2.6", "3.2.5", "3.2.4", "3.2.4.rc1", "3.2.3", "3.2.3.rc2", "3.2.3.rc1", "3.2.2", "3.2.2.rc1", "3.2.1", "3.2.0", "3.2.0.rc2", "3.2.0.rc1", "3.1.12", "3.1.11", "3.1.10", "3.1.9", "3.1.8", "3.1.7", "3.1.6", "3.1.5", "3.1.5.rc1", "3.1.4", "3.1.4.rc1", "3.1.3", "3.1.2", "3.1.2.rc2", "3.1.2.rc1", "3.1.1", "3.1.1.rc3", "3.1.1.rc2", "3.1.1.rc1", "3.1.0", "3.1.0.rc8", "3.1.0.rc6", "3.1.0.rc5", "3.1.0.rc4", "3.1.0.rc3", "3.1.0.rc2", "3.1.0.rc1", "3.1.0.beta1", "3.0.20", "3.0.19", "3.0.18", "3.0.17", "3.0.16", "3.0.15", "3.0.14", "3.0.13", "3.0.13.rc1", "3.0.12", "3.0.12.rc1", "3.0.11", "3.0.10", "3.0.10.rc1", "3.0.9", "3.0.9.rc5", "3.0.9.rc4", "3.0.9.rc3", "3.0.9.rc1", "3.0.8", "3.0.8.rc4", "3.0.8.rc2", "3.0.8.rc1", "3.0.7", "3.0.7.rc2", "3.0.7.rc1", "3.0.6", "3.0.6.rc2", "3.0.6.rc1", "3.0.5", "3.0.5.rc1", "3.0.4", "3.0.4.rc1", "3.0.3", "3.0.2", "3.0.1", "3.0.0", "3.0.0.rc2", "3.0.0.rc", "3.0.0.beta4", "3.0.0.beta3", "3.0.0.beta2", "3.0.0.beta", "2.3.18", "2.3.17", "2.3.16", "2.3.15", "2.3.14", "2.3.12", "2.3.11", "2.3.10", "2.3.9", "2.3.9.pre", "2.3.8", "2.3.8.pre1", "2.3.7", "2.3.6", "2.3.5", "2.3.4", "2.3.3", "2.3.2", "2.2.3", "2.2.2", "2.1.2", "2.1.1", "2.1.0", "2.0.5", "2.0.4", "2.0.2", "2.0.1", "2.0.0", "1.13.6", "1.13.5", "1.13.4", "1.13.3", "1.13.2", "1.13.1", "1.13.0", "1.12.5", "1.12.4", "1.12.3", "1.12.2", "1.12.1", "1.12.0", "1.11.2", "1.11.1", "1.11.0", "1.10.2", "1.10.1", "1.9.1", "1.9.0", "1.8.1", "1.8.0", "1.7.0", "1.6.0", "1.5.1", "1.5.0", "1.4.0", "1.3.1", "1.3.0", "1.2.0", "1.1.0", "1.0.1", "1.0.0", "0.9.5", "0.9.0"]
Secure versions:
[7.2.0.beta2, 7.1.3.4, 7.0.8.4, 7.2.0.beta3, 7.2.0.rc1, 7.2.0, 7.2.1, 7.1.4, 8.0.0.beta1]
Recommendation:
Update to version 7.2.1.
Published date: 2014-05-06
Framework: rails
CVE: 2014-0130
CVSS V2: 4.3
There is a vulnerability in the 'implicit render'
functionality in Ruby on Rails.The implicit render functionality
allows controllers to render a template, even if there is no
explicit action with the corresponding name. This module does not
perform adequate input sanitization which could allow an attacker to
use a specially crafted request to retrieve arbitrary files from the
rails application server.
Affected versions:
["4.1.0", "4.1.0.rc2", "4.1.0.rc1", "4.1.0.beta2", "4.1.0.beta1", "3.1.12", "3.1.11", "3.1.10", "3.1.9", "3.1.8", "3.1.7", "3.1.6", "3.1.5", "3.1.5.rc1", "3.1.4", "3.1.4.rc1", "3.1.3", "3.1.2", "3.1.2.rc2", "3.1.2.rc1", "3.1.1", "3.1.1.rc3", "3.1.1.rc2", "3.1.1.rc1", "3.1.0", "3.1.0.rc8", "3.1.0.rc6", "3.1.0.rc5", "3.1.0.rc4", "3.1.0.rc3", "3.1.0.rc2", "3.1.0.rc1", "3.1.0.beta1", "3.0.20", "3.0.19", "3.0.18", "3.0.17", "3.0.16", "3.0.15", "3.0.14", "3.0.13", "3.0.13.rc1", "3.0.12", "3.0.12.rc1", "3.0.11", "3.0.10", "3.0.10.rc1", "3.0.9", "3.0.9.rc5", "3.0.9.rc4", "3.0.9.rc3", "3.0.9.rc1", "3.0.8", "3.0.8.rc4", "3.0.8.rc2", "3.0.8.rc1", "3.0.7", "3.0.7.rc2", "3.0.7.rc1", "3.0.6", "3.0.6.rc2", "3.0.6.rc1", "3.0.5", "3.0.5.rc1", "3.0.4", "3.0.4.rc1", "3.0.3", "3.0.2", "3.0.1", "3.0.0", "3.0.0.rc2", "3.0.0.rc", "3.0.0.beta4", "3.0.0.beta3", "3.0.0.beta2", "3.0.0.beta", "2.3.18", "2.3.17", "2.3.16", "2.3.15", "2.3.14", "2.3.12", "2.3.11", "2.3.10", "2.3.9", "2.3.9.pre", "2.3.8", "2.3.8.pre1", "2.3.7", "2.3.6", "2.3.5", "2.3.4", "2.3.3", "2.3.2", "2.2.3", "2.2.2", "2.1.2", "2.1.1", "2.1.0", "2.0.5", "2.0.4", "2.0.2", "2.0.1", "2.0.0", "1.13.6", "1.13.5", "1.13.4", "1.13.3", "1.13.2", "1.13.1", "1.13.0", "1.12.5", "1.12.4", "1.12.3", "1.12.2", "1.12.1", "1.12.0", "1.11.2", "1.11.1", "1.11.0", "1.10.2", "1.10.1", "1.9.1", "1.9.0", "1.8.1", "1.8.0", "1.7.0", "1.6.0", "1.5.1", "1.5.0", "1.4.0", "1.3.1", "1.3.0", "1.2.0", "1.1.0", "1.0.1", "1.0.0", "0.9.5", "0.9.0"]
Secure versions:
[7.2.0.beta2, 7.1.3.4, 7.0.8.4, 7.2.0.beta3, 7.2.0.rc1, 7.2.0, 7.2.1, 7.1.4, 8.0.0.beta1]
Recommendation:
Update to version 7.2.1.
Published date: 2016-01-25
Framework: rails
CVE: 2015-7576
CVSS V2: 4.3
CVSS V3: 3.7
There is a timing attack vulnerability in the basic authentication support
in Action Controller. This vulnerability has been assigned the CVE
identifier CVE-2015-7576.
Versions Affected: All.
Not affected: None.
Fixed Versions: 5.0.0.beta1.1, 4.2.5.1, 4.1.14.1, 3.2.22.1
Impact
Due to the way that Action Controller compares user names and passwords in
basic authentication authorization code, it is possible for an attacker to
analyze the time taken by a response and intuit the password.
For example, this string comparison:
foo == bar
is possibly faster than this comparison:
foo == fo1
Attackers can use this information to attempt to guess the username and
password used in the basic authentication system.
You can tell you application is vulnerable to this attack by looking for
http_basic_authenticate_with
method calls in your application.
All users running an affected release should either upgrade or use one of
the workarounds immediately.
Releases
The FIXED releases are available at the normal locations.
Workarounds
If you can't upgrade, please use the following monkey patch in an initializer
that is loaded before your application:
$ cat config/initializers/basic_auth_fix.rb
module ActiveSupport
module SecurityUtils
def secure_compare(a, b)
return false unless a.bytesize == b.bytesize
l = a.unpack "C#{a.bytesize}"
res = 0
b.each_byte { |byte| res |= byte ^ l.shift }
res == 0
end
module_function :secure_compare
def variable_size_secure_compare(a, b)
secure_compare(::Digest::SHA256.hexdigest(a), ::Digest::SHA256.hexdigest(b))
end
module_function :variable_size_secure_compare
end
end
module ActionController
class Base
def self.http_basic_authenticate_with(options = {})
before_action(options.except(:name, :password, :realm)) do
authenticate_or_request_with_http_basic(options[:realm] || "Application") do |name, password|
# This comparison uses & so that it doesn't short circuit and
# uses `variable_size_secure_compare` so that length information
# isn't leaked.
ActiveSupport::SecurityUtils.variable_size_secure_compare(name, options[:name]) &
ActiveSupport::SecurityUtils.variable_size_secure_compare(password, options[:password])
end
end
end
end
end
Patches
To aid users who aren't able to upgrade immediately we have provided patches for
the two supported release series. They are in git-am format and consist of a
single changeset.
4-1-basic_auth.patch - Patch for 4.1 series
4-2-basic_auth.patch - Patch for 4.2 series
5-0-basic_auth.patch - Patch for 5.0 series
Please note that only the 4.1.x and 4.2.x series are supported at present. Users
of earlier unsupported releases are advised to upgrade as soon as possible as we
cannot guarantee the continued availability of security fixes for unsupported
releases.
Credits
Thank you to Daniel Waterworth for reporting the problem and working with us to
fix it.
Affected versions:
["5.0.0.racecar1", "4.0.13", "4.0.13.rc1", "4.0.12", "4.0.11.1", "4.0.11", "4.0.10", "4.0.10.rc2", "4.0.10.rc1", "4.0.9", "4.0.8", "4.0.7", "4.0.6", "4.0.6.rc3", "4.0.6.rc2", "4.0.6.rc1", "4.0.5", "4.0.4", "4.0.4.rc1", "4.0.3", "4.0.2", "4.0.1", "4.0.1.rc4", "4.0.1.rc3", "4.0.1.rc2", "4.0.1.rc1", "4.0.0", "4.0.0.rc2", "4.0.0.rc1", "4.0.0.beta1", "3.2.22", "3.2.21", "3.2.20", "3.2.19", "3.2.18", "3.2.17", "3.2.16", "3.2.15", "3.2.15.rc3", "3.2.15.rc2", "3.2.15.rc1", "3.2.14", "3.2.14.rc2", "3.2.14.rc1", "3.2.13", "3.2.13.rc2", "3.2.13.rc1", "3.2.12", "3.2.11", "3.2.10", "3.2.9", "3.2.9.rc3", "3.2.9.rc2", "3.2.9.rc1", "3.2.8", "3.2.8.rc2", "3.2.8.rc1", "3.2.7", "3.2.7.rc1", "3.2.6", "3.2.5", "3.2.4", "3.2.4.rc1", "3.2.3", "3.2.3.rc2", "3.2.3.rc1", "3.2.2", "3.2.2.rc1", "3.2.1", "3.2.0", "3.2.0.rc2", "3.2.0.rc1", "3.1.12", "3.1.11", "3.1.10", "3.1.9", "3.1.8", "3.1.7", "3.1.6", "3.1.5", "3.1.5.rc1", "3.1.4", "3.1.4.rc1", "3.1.3", "3.1.2", "3.1.2.rc2", "3.1.2.rc1", "3.1.1", "3.1.1.rc3", "3.1.1.rc2", "3.1.1.rc1", "3.1.0", "3.1.0.rc8", "3.1.0.rc6", "3.1.0.rc5", "3.1.0.rc4", "3.1.0.rc3", "3.1.0.rc2", "3.1.0.rc1", "3.1.0.beta1", "3.0.20", "3.0.19", "3.0.18", "3.0.17", "3.0.16", "3.0.15", "3.0.14", "3.0.13", "3.0.13.rc1", "3.0.12", "3.0.12.rc1", "3.0.11", "3.0.10", "3.0.10.rc1", "3.0.9", "3.0.9.rc5", "3.0.9.rc4", "3.0.9.rc3", "3.0.9.rc1", "3.0.8", "3.0.8.rc4", "3.0.8.rc2", "3.0.8.rc1", "3.0.7", "3.0.7.rc2", "3.0.7.rc1", "3.0.6", "3.0.6.rc2", "3.0.6.rc1", "3.0.5", "3.0.5.rc1", "3.0.4", "3.0.4.rc1", "3.0.3", "3.0.2", "3.0.1", "3.0.0", "3.0.0.rc2", "3.0.0.rc", "3.0.0.beta4", "3.0.0.beta3", "3.0.0.beta2", "3.0.0.beta", "2.3.18", "2.3.17", "2.3.16", "2.3.15", "2.3.14", "2.3.12", "2.3.11", "2.3.10", "2.3.9", "2.3.9.pre", "2.3.8", "2.3.8.pre1", "2.3.7", "2.3.6", "2.3.5", "2.3.4", "2.3.3", "2.3.2", "2.2.3", "2.2.2", "2.1.2", "2.1.1", "2.1.0", "2.0.5", "2.0.4", "2.0.2", "2.0.1", "2.0.0", "1.13.6", "1.13.5", "1.13.4", "1.13.3", "1.13.2", "1.13.1", "1.13.0", "1.12.5", "1.12.4", "1.12.3", "1.12.2", "1.12.1", "1.12.0", "1.11.2", "1.11.1", "1.11.0", "1.10.2", "1.10.1", "1.9.1", "1.9.0", "1.8.1", "1.8.0", "1.7.0", "1.6.0", "1.5.1", "1.5.0", "1.4.0", "1.3.1", "1.3.0", "1.2.0", "1.1.0", "1.0.1", "1.0.0", "0.9.5", "0.9.0"]
Secure versions:
[7.2.0.beta2, 7.1.3.4, 7.0.8.4, 7.2.0.beta3, 7.2.0.rc1, 7.2.0, 7.2.1, 7.1.4, 8.0.0.beta1]
Recommendation:
Update to version 7.2.1.
Published date: 2016-01-25
Framework: rails
CVE: 2016-0751
CVSS V2: 5.0
CVSS V3: 7.5
There is a possible object leak which can lead to a denial of service
vulnerability in Action Pack. This vulnerability has been
assigned the CVE identifier CVE-2016-0751.
Versions Affected: All.
Not affected: None.
Fixed Versions: 5.0.0.beta1.1, 4.2.5.1, 4.1.14.1, 3.2.22.1
Impact
A carefully crafted accept header can cause a global cache of mime types to
grow indefinitely which can lead to a possible denial of service attack in
Action Pack.
All users running an affected release should either upgrade or use one of the
workarounds immediately.
Releases
The FIXED releases are available at the normal locations.
Workarounds
This attack can be mitigated by a proxy that only allows known mime types in
the Accept header.
Placing the following code in an initializer will also mitigate the issue:
require 'action_dispatch/http/mime_type'
Mime.const_set :LOOKUP, Hash.new { |h,k|
Mime::Type.new(k) unless k.blank?
}
Patches
To aid users who aren't able to upgrade immediately we have provided patches for
the two supported release series. They are in git-am format and consist of a
single changeset.
5-0-mimetypes leak.patch - Patch for 5.0 series
4-2-mimetypes leak.patch - Patch for 4.2 series
4-1-mimetypes leak.patch - Patch for 4.1 series
3-2-mimetypes leak.patch - Patch for 3.2 series
Please note that only the 4.1.x and 4.2.x series are supported at present. Users
of earlier unsupported releases are advised to upgrade as soon as possible as we
cannot guarantee the continued availability of security fixes for unsupported
releases.
Credits
Aaron Patterson <3<3
Affected versions:
["5.0.0.racecar1", "4.0.13", "4.0.13.rc1", "4.0.12", "4.0.11.1", "4.0.11", "4.0.10", "4.0.10.rc2", "4.0.10.rc1", "4.0.9", "4.0.8", "4.0.7", "4.0.6", "4.0.6.rc3", "4.0.6.rc2", "4.0.6.rc1", "4.0.5", "4.0.4", "4.0.4.rc1", "4.0.3", "4.0.2", "4.0.1", "4.0.1.rc4", "4.0.1.rc3", "4.0.1.rc2", "4.0.1.rc1", "4.0.0", "4.0.0.rc2", "4.0.0.rc1", "4.0.0.beta1", "3.2.22", "3.2.21", "3.2.20", "3.2.19", "3.2.18", "3.2.17", "3.2.16", "3.2.15", "3.2.15.rc3", "3.2.15.rc2", "3.2.15.rc1", "3.2.14", "3.2.14.rc2", "3.2.14.rc1", "3.2.13", "3.2.13.rc2", "3.2.13.rc1", "3.2.12", "3.2.11", "3.2.10", "3.2.9", "3.2.9.rc3", "3.2.9.rc2", "3.2.9.rc1", "3.2.8", "3.2.8.rc2", "3.2.8.rc1", "3.2.7", "3.2.7.rc1", "3.2.6", "3.2.5", "3.2.4", "3.2.4.rc1", "3.2.3", "3.2.3.rc2", "3.2.3.rc1", "3.2.2", "3.2.2.rc1", "3.2.1", "3.2.0", "3.2.0.rc2", "3.2.0.rc1", "3.1.12", "3.1.11", "3.1.10", "3.1.9", "3.1.8", "3.1.7", "3.1.6", "3.1.5", "3.1.5.rc1", "3.1.4", "3.1.4.rc1", "3.1.3", "3.1.2", "3.1.2.rc2", "3.1.2.rc1", "3.1.1", "3.1.1.rc3", "3.1.1.rc2", "3.1.1.rc1", "3.1.0", "3.1.0.rc8", "3.1.0.rc6", "3.1.0.rc5", "3.1.0.rc4", "3.1.0.rc3", "3.1.0.rc2", "3.1.0.rc1", "3.1.0.beta1", "3.0.20", "3.0.19", "3.0.18", "3.0.17", "3.0.16", "3.0.15", "3.0.14", "3.0.13", "3.0.13.rc1", "3.0.12", "3.0.12.rc1", "3.0.11", "3.0.10", "3.0.10.rc1", "3.0.9", "3.0.9.rc5", "3.0.9.rc4", "3.0.9.rc3", "3.0.9.rc1", "3.0.8", "3.0.8.rc4", "3.0.8.rc2", "3.0.8.rc1", "3.0.7", "3.0.7.rc2", "3.0.7.rc1", "3.0.6", "3.0.6.rc2", "3.0.6.rc1", "3.0.5", "3.0.5.rc1", "3.0.4", "3.0.4.rc1", "3.0.3", "3.0.2", "3.0.1", "3.0.0", "3.0.0.rc2", "3.0.0.rc", "3.0.0.beta4", "3.0.0.beta3", "3.0.0.beta2", "3.0.0.beta", "2.3.18", "2.3.17", "2.3.16", "2.3.15", "2.3.14", "2.3.12", "2.3.11", "2.3.10", "2.3.9", "2.3.9.pre", "2.3.8", "2.3.8.pre1", "2.3.7", "2.3.6", "2.3.5", "2.3.4", "2.3.3", "2.3.2", "2.2.3", "2.2.2", "2.1.2", "2.1.1", "2.1.0", "2.0.5", "2.0.4", "2.0.2", "2.0.1", "2.0.0", "1.13.6", "1.13.5", "1.13.4", "1.13.3", "1.13.2", "1.13.1", "1.13.0", "1.12.5", "1.12.4", "1.12.3", "1.12.2", "1.12.1", "1.12.0", "1.11.2", "1.11.1", "1.11.0", "1.10.2", "1.10.1", "1.9.1", "1.9.0", "1.8.1", "1.8.0", "1.7.0", "1.6.0", "1.5.1", "1.5.0", "1.4.0", "1.3.1", "1.3.0", "1.2.0", "1.1.0", "1.0.1", "1.0.0", "0.9.5", "0.9.0"]
Secure versions:
[7.2.0.beta2, 7.1.3.4, 7.0.8.4, 7.2.0.beta3, 7.2.0.rc1, 7.2.0, 7.2.1, 7.1.4, 8.0.0.beta1]
Recommendation:
Update to version 7.2.1.
Published date: 2016-01-25
Framework: rails
CVE: 2016-0752
CVSS V3: 7.5
There is a possible directory traversal and information leak vulnerability in
Action View. This vulnerability has been assigned the CVE identifier
CVE-2016-0752.
Versions Affected: All.
Not affected: None.
Fixed Versions: 5.0.0.beta1.1, 4.2.5.1, 4.1.14.1, 3.2.22.1
Impact
Applications that pass unverified user input to the render
method in a
controller may be vulnerable to an information leak vulnerability.
Impacted code will look something like this:
def index
render params[:id]
end
Carefully crafted requests can cause the above code to render files from
unexpected places like outside the application's view directory, and can
possibly escalate this to a remote code execution attack.
All users running an affected release should either upgrade or use one of the
workarounds immediately.
Releases
The FIXED releases are available at the normal locations.
Workarounds
A workaround to this issue is to not pass arbitrary user input to the render
method. Instead, verify that data before passing it to the render
method.
For example, change this:
def index
render params[:id]
end
To this:
def index
render verify_template(params[:id])
end
private
def verify_template(name)
# add verification logic particular to your application here
end
Patches
To aid users who aren't able to upgrade immediately we have provided patches for
the two supported release series. They are in git-am format and consist of a
single changeset.
3-2-renderdata leak.patch - Patch for 3.2 series
4-1-renderdata leak.patch - Patch for 4.1 series
4-2-renderdata leak.patch - Patch for 4.2 series
5-0-renderdata leak.patch - Patch for 5.0 series
Please note that only the 4.1.x and 4.2.x series are supported at present. Users
of earlier unsupported releases are advised to upgrade as soon as possible as we
cannot guarantee the continued availability of security fixes for unsupported
releases.
Credits
Thanks John Poulin for reporting this!
Affected versions:
["4.0.13", "4.0.13.rc1", "4.0.12", "4.0.11.1", "4.0.11", "4.0.10", "4.0.10.rc2", "4.0.10.rc1", "4.0.9", "4.0.8", "4.0.7", "4.0.6", "4.0.6.rc3", "4.0.6.rc2", "4.0.6.rc1", "4.0.5", "4.0.4", "4.0.4.rc1", "4.0.3", "4.0.2", "4.0.1", "4.0.1.rc4", "4.0.1.rc3", "4.0.1.rc2", "4.0.1.rc1", "4.0.0", "4.0.0.rc2", "4.0.0.rc1", "4.0.0.beta1", "3.2.22", "3.2.21", "3.2.20", "3.2.19", "3.2.18", "3.2.17", "3.2.16", "3.2.15", "3.2.15.rc3", "3.2.15.rc2", "3.2.15.rc1", "3.2.14", "3.2.14.rc2", "3.2.14.rc1", "3.2.13", "3.2.13.rc2", "3.2.13.rc1", "3.2.12", "3.2.11", "3.2.10", "3.2.9", "3.2.9.rc3", "3.2.9.rc2", "3.2.9.rc1", "3.2.8", "3.2.8.rc2", "3.2.8.rc1", "3.2.7", "3.2.7.rc1", "3.2.6", "3.2.5", "3.2.4", "3.2.4.rc1", "3.2.3", "3.2.3.rc2", "3.2.3.rc1", "3.2.2", "3.2.2.rc1", "3.2.1", "3.2.0", "3.2.0.rc2", "3.2.0.rc1", "3.1.12", "3.1.11", "3.1.10", "3.1.9", "3.1.8", "3.1.7", "3.1.6", "3.1.5", "3.1.5.rc1", "3.1.4", "3.1.4.rc1", "3.1.3", "3.1.2", "3.1.2.rc2", "3.1.2.rc1", "3.1.1", "3.1.1.rc3", "3.1.1.rc2", "3.1.1.rc1", "3.1.0", "3.1.0.rc8", "3.1.0.rc6", "3.1.0.rc5", "3.1.0.rc4", "3.1.0.rc3", "3.1.0.rc2", "3.1.0.rc1", "3.1.0.beta1", "3.0.20", "3.0.19", "3.0.18", "3.0.17", "3.0.16", "3.0.15", "3.0.14", "3.0.13", "3.0.13.rc1", "3.0.12", "3.0.12.rc1", "3.0.11", "3.0.10", "3.0.10.rc1", "3.0.9", "3.0.9.rc5", "3.0.9.rc4", "3.0.9.rc3", "3.0.9.rc1", "3.0.8", "3.0.8.rc4", "3.0.8.rc2", "3.0.8.rc1", "3.0.7", "3.0.7.rc2", "3.0.7.rc1", "3.0.6", "3.0.6.rc2", "3.0.6.rc1", "3.0.5", "3.0.5.rc1", "3.0.4", "3.0.4.rc1", "3.0.3", "3.0.2", "3.0.1", "3.0.0", "3.0.0.rc2", "3.0.0.rc", "3.0.0.beta4", "3.0.0.beta3", "3.0.0.beta2", "3.0.0.beta", "2.3.18", "2.3.17", "2.3.16", "2.3.15", "2.3.14", "2.3.12", "2.3.11", "2.3.10", "2.3.9", "2.3.9.pre", "2.3.8", "2.3.8.pre1", "2.3.7", "2.3.6", "2.3.5", "2.3.4", "2.3.3", "2.3.2", "2.2.3", "2.2.2", "2.1.2", "2.1.1", "2.1.0", "2.0.5", "2.0.4", "2.0.2", "2.0.1", "2.0.0", "1.13.6", "1.13.5", "1.13.4", "1.13.3", "1.13.2", "1.13.1", "1.13.0", "1.12.5", "1.12.4", "1.12.3", "1.12.2", "1.12.1", "1.12.0", "1.11.2", "1.11.1", "1.11.0", "1.10.2", "1.10.1", "1.9.1", "1.9.0", "1.8.1", "1.8.0", "1.7.0", "1.6.0", "1.5.1", "1.5.0", "1.4.0", "1.3.1", "1.3.0", "1.2.0", "1.1.0", "1.0.1", "1.0.0", "0.9.5", "0.9.0"]
Secure versions:
[7.2.0.beta2, 7.1.3.4, 7.0.8.4, 7.2.0.beta3, 7.2.0.rc1, 7.2.0, 7.2.1, 7.1.4, 8.0.0.beta1]
Recommendation:
Update to version 7.2.1.
Published date: 2016-02-29
Framework: rails
CVE: 2016-2097
CVSS V3: 5.3
There is a possible directory traversal and information leak vulnerability
in Action View. This was meant to be fixed on CVE-2016-0752. However the 3.2
patch was not covering all the scenarios. This vulnerability has been
assigned the CVE identifier CVE-2016-2097.
Versions Affected: 3.2.x, 4.0.x, 4.1.x
Not affected: 4.2+
Fixed Versions: 3.2.22.2, 4.1.14.2
Impact
Applications that pass unverified user input to the render
method in a
controller may be vulnerable to an information leak vulnerability.
Impacted code will look something like this:
def index
render params[:id]
end
Carefully crafted requests can cause the above code to render files from
unexpected places like outside the application's view directory, and can
possibly escalate this to a remote code execution attack.
All users running an affected release should either upgrade or use one of the
workarounds immediately.
Releases
The FIXED releases are available at the normal locations.
Workarounds
A workaround to this issue is to not pass arbitrary user input to the render
method. Instead, verify that data before passing it to the render
method.
For example, change this:
def index
render params[:id]
end
To this:
def index
render verify_template(params[:id])
end
private
def verify_template(name)
# add verification logic particular to your application here
end
Patches
To aid users who aren't able to upgrade immediately we have provided patches
for it. It is in git-am format and consist of a single changeset.
3-2-renderdata leak_2.patch - Patch for 3.2 series
4-1-renderdata leak_2.patch - Patch for 4.1 series
Credits
Thanks to both Jyoti Singh and Tobias Kraze from makandra for reporting this
and working with us in the patch!
Affected versions:
["4.0.13", "4.0.13.rc1", "4.0.12", "4.0.11.1", "4.0.11", "4.0.10", "4.0.10.rc2", "4.0.10.rc1", "4.0.9", "4.0.8", "4.0.7", "4.0.6", "4.0.6.rc3", "4.0.6.rc2", "4.0.6.rc1", "4.0.5", "4.0.4", "4.0.4.rc1", "4.0.3", "4.0.2", "4.0.1", "4.0.1.rc4", "4.0.1.rc3", "4.0.1.rc2", "4.0.1.rc1", "4.0.0", "4.0.0.rc2", "4.0.0.rc1", "4.0.0.beta1", "3.2.22", "3.2.21", "3.2.20", "3.2.19", "3.2.18", "3.2.17", "3.2.16", "3.2.15", "3.2.15.rc3", "3.2.15.rc2", "3.2.15.rc1", "3.2.14", "3.2.14.rc2", "3.2.14.rc1", "3.2.13", "3.2.13.rc2", "3.2.13.rc1", "3.2.12", "3.2.11", "3.2.10", "3.2.9", "3.2.9.rc3", "3.2.9.rc2", "3.2.9.rc1", "3.2.8", "3.2.8.rc2", "3.2.8.rc1", "3.2.7", "3.2.7.rc1", "3.2.6", "3.2.5", "3.2.4", "3.2.4.rc1", "3.2.3", "3.2.3.rc2", "3.2.3.rc1", "3.2.2", "3.2.2.rc1", "3.2.1", "3.2.0", "3.2.0.rc2", "3.2.0.rc1", "3.1.12", "3.1.11", "3.1.10", "3.1.9", "3.1.8", "3.1.7", "3.1.6", "3.1.5", "3.1.5.rc1", "3.1.4", "3.1.4.rc1", "3.1.3", "3.1.2", "3.1.2.rc2", "3.1.2.rc1", "3.1.1", "3.1.1.rc3", "3.1.1.rc2", "3.1.1.rc1", "3.1.0", "3.1.0.rc8", "3.1.0.rc6", "3.1.0.rc5", "3.1.0.rc4", "3.1.0.rc3", "3.1.0.rc2", "3.1.0.rc1", "3.1.0.beta1", "3.0.20", "3.0.19", "3.0.18", "3.0.17", "3.0.16", "3.0.15", "3.0.14", "3.0.13", "3.0.13.rc1", "3.0.12", "3.0.12.rc1", "3.0.11", "3.0.10", "3.0.10.rc1", "3.0.9", "3.0.9.rc5", "3.0.9.rc4", "3.0.9.rc3", "3.0.9.rc1", "3.0.8", "3.0.8.rc4", "3.0.8.rc2", "3.0.8.rc1", "3.0.7", "3.0.7.rc2", "3.0.7.rc1", "3.0.6", "3.0.6.rc2", "3.0.6.rc1", "3.0.5", "3.0.5.rc1", "3.0.4", "3.0.4.rc1", "3.0.3", "3.0.2", "3.0.1", "3.0.0", "3.0.0.rc2", "3.0.0.rc", "3.0.0.beta4", "3.0.0.beta3", "3.0.0.beta2", "3.0.0.beta", "2.3.18", "2.3.17", "2.3.16", "2.3.15", "2.3.14", "2.3.12", "2.3.11", "2.3.10", "2.3.9", "2.3.9.pre", "2.3.8", "2.3.8.pre1", "2.3.7", "2.3.6", "2.3.5", "2.3.4", "2.3.3", "2.3.2", "2.2.3", "2.2.2", "2.1.2", "2.1.1", "2.1.0", "2.0.5", "2.0.4", "2.0.2", "2.0.1", "2.0.0", "1.13.6", "1.13.5", "1.13.4", "1.13.3", "1.13.2", "1.13.1", "1.13.0", "1.12.5", "1.12.4", "1.12.3", "1.12.2", "1.12.1", "1.12.0", "1.11.2", "1.11.1", "1.11.0", "1.10.2", "1.10.1", "1.9.1", "1.9.0", "1.8.1", "1.8.0", "1.7.0", "1.6.0", "1.5.1", "1.5.0", "1.4.0", "1.3.1", "1.3.0", "1.2.0", "1.1.0", "1.0.1", "1.0.0", "0.9.5", "0.9.0"]
Secure versions:
[7.2.0.beta2, 7.1.3.4, 7.0.8.4, 7.2.0.beta3, 7.2.0.rc1, 7.2.0, 7.2.1, 7.1.4, 8.0.0.beta1]
Recommendation:
Update to version 7.2.1.
Published date: 2016-02-29
Framework: rails
CVE: 2016-2098
CVSS V3: 7.3
There is a possible remote code execution vulnerability in Action Pack.
This vulnerability has been assigned the CVE identifier CVE-2016-2098.
Versions Affected: 3.2.x, 4.0.x, 4.1.x, 4.2.x
Not affected: 5.0+
Fixed Versions: 3.2.22.2, 4.1.14.2, 4.2.5.2
Impact
Applications that pass unverified user input to the render
method in a
controller or a view may be vulnerable to a code injection.
Impacted code will look like this:
class TestController < ApplicationController
def show
render params[:id]
end
end
An attacker could use the request parameters to coerce the above example
to execute arbitrary ruby code.
All users running an affected release should either upgrade or use one of
the workarounds immediately.
Releases
The FIXED releases are available at the normal locations.
Workarounds
A workaround to this issue is to not pass arbitrary user input to the render
method. Instead, verify that data before passing it to the render
method.
For example, change this:
def index
render params[:id]
end
To this:
def index
render verify_template(params[:id])
end
private
def verify_template(name)
# add verification logic particular to your application here
end
Patches
To aid users who aren't able to upgrade immediately we have provided a
patch for it. It is in git-am format and consist of a single changeset.
3-2-secureinline with_params.patch - Patch for 3.2 series
4-1-secureinline with_params.patch - Patch for 4.1 series
4-2-secureinline with_params.patch - Patch for 4.2 series
Credits
Thanks to both Tobias Kraze from makandra and joernchen of Phenoelit for
reporting this!
Affected versions:
["5.0.0.racecar1", "4.0.13", "4.0.13.rc1", "4.0.12", "4.0.11.1", "4.0.11", "4.0.10", "4.0.10.rc2", "4.0.10.rc1", "4.0.9", "4.0.8", "4.0.7", "4.0.6", "4.0.6.rc3", "4.0.6.rc2", "4.0.6.rc1", "4.0.5", "4.0.4", "4.0.4.rc1", "4.0.3", "4.0.2", "4.0.1", "4.0.1.rc4", "4.0.1.rc3", "4.0.1.rc2", "4.0.1.rc1", "4.0.0", "4.0.0.rc2", "4.0.0.rc1", "4.0.0.beta1", "3.2.22", "3.2.21", "3.2.20", "3.2.19", "3.2.18", "3.2.17", "3.2.16", "3.2.15", "3.2.15.rc3", "3.2.15.rc2", "3.2.15.rc1", "3.2.14", "3.2.14.rc2", "3.2.14.rc1", "3.2.13", "3.2.13.rc2", "3.2.13.rc1", "3.2.12", "3.2.11", "3.2.10", "3.2.9", "3.2.9.rc3", "3.2.9.rc2", "3.2.9.rc1", "3.2.8", "3.2.8.rc2", "3.2.8.rc1", "3.2.7", "3.2.7.rc1", "3.2.6", "3.2.5", "3.2.4", "3.2.4.rc1", "3.2.3", "3.2.3.rc2", "3.2.3.rc1", "3.2.2", "3.2.2.rc1", "3.2.1", "3.2.0", "3.2.0.rc2", "3.2.0.rc1", "3.1.12", "3.1.11", "3.1.10", "3.1.9", "3.1.8", "3.1.7", "3.1.6", "3.1.5", "3.1.5.rc1", "3.1.4", "3.1.4.rc1", "3.1.3", "3.1.2", "3.1.2.rc2", "3.1.2.rc1", "3.1.1", "3.1.1.rc3", "3.1.1.rc2", "3.1.1.rc1", "3.1.0", "3.1.0.rc8", "3.1.0.rc6", "3.1.0.rc5", "3.1.0.rc4", "3.1.0.rc3", "3.1.0.rc2", "3.1.0.rc1", "3.1.0.beta1", "3.0.20", "3.0.19", "3.0.18", "3.0.17", "3.0.16", "3.0.15", "3.0.14", "3.0.13", "3.0.13.rc1", "3.0.12", "3.0.12.rc1", "3.0.11", "3.0.10", "3.0.10.rc1", "3.0.9", "3.0.9.rc5", "3.0.9.rc4", "3.0.9.rc3", "3.0.9.rc1", "3.0.8", "3.0.8.rc4", "3.0.8.rc2", "3.0.8.rc1", "3.0.7", "3.0.7.rc2", "3.0.7.rc1", "3.0.6", "3.0.6.rc2", "3.0.6.rc1", "3.0.5", "3.0.5.rc1", "3.0.4", "3.0.4.rc1", "3.0.3", "3.0.2", "3.0.1", "3.0.0", "3.0.0.rc2", "3.0.0.rc", "3.0.0.beta4", "3.0.0.beta3", "3.0.0.beta2", "3.0.0.beta", "2.3.18", "2.3.17", "2.3.16", "2.3.15", "2.3.14", "2.3.12", "2.3.11", "2.3.10", "2.3.9", "2.3.9.pre", "2.3.8", "2.3.8.pre1", "2.3.7", "2.3.6", "2.3.5", "2.3.4", "2.3.3", "2.3.2", "2.2.3", "2.2.2", "2.1.2", "2.1.1", "2.1.0", "2.0.5", "2.0.4", "2.0.2", "2.0.1", "2.0.0", "1.13.6", "1.13.5", "1.13.4", "1.13.3", "1.13.2", "1.13.1", "1.13.0", "1.12.5", "1.12.4", "1.12.3", "1.12.2", "1.12.1", "1.12.0", "1.11.2", "1.11.1", "1.11.0", "1.10.2", "1.10.1", "1.9.1", "1.9.0", "1.8.1", "1.8.0", "1.7.0", "1.6.0", "1.5.1", "1.5.0", "1.4.0", "1.3.1", "1.3.0", "1.2.0", "1.1.0", "1.0.1", "1.0.0", "0.9.5", "0.9.0"]
Secure versions:
[7.2.0.beta2, 7.1.3.4, 7.0.8.4, 7.2.0.beta3, 7.2.0.rc1, 7.2.0, 7.2.1, 7.1.4, 8.0.0.beta1]
Recommendation:
Update to version 7.2.1.
Published date: 2020-05-18
Framework: rails
CVE: 2020-8166
CVSS V3: 4.3
It is possible to possible to, given a global CSRF token such as the one
present in the authenticity_token meta tag, forge a per-form CSRF token for
any action for that session.
Versions Affected: rails < 5.2.5, rails < 6.0.4
Not affected: Applications without existing HTML injection vulnerabilities.
Fixed Versions: rails >= 5.2.4.3, rails >= 6.0.3.1
Impact
Given the ability to extract the global CSRF token, an attacker would be able to
construct a per-form CSRF token for that session.
Workarounds
This is a low-severity security issue. As such, no workaround is necessarily
until such time as the application can be upgraded.
Affected versions:
["6.0.3", "6.0.3.rc1", "6.0.2.2", "6.0.2.1", "6.0.2", "6.0.2.rc2", "6.0.2.rc1", "6.0.1", "6.0.1.rc1", "6.0.0", "6.0.0.rc2", "6.0.0.rc1", "6.0.0.beta3", "6.0.0.beta2", "6.0.0.beta1", "5.1.7", "5.1.7.rc1", "5.1.6.2", "5.1.6.1", "5.1.6", "5.1.5", "5.1.5.rc1", "5.1.4", "5.1.4.rc1", "5.1.3", "5.1.3.rc3", "5.1.3.rc2", "5.1.3.rc1", "5.1.2", "5.1.2.rc1", "5.1.1", "5.1.0", "5.1.0.rc2", "5.1.0.rc1", "5.1.0.beta1", "5.0.7.2", "5.0.7.1", "5.0.7", "5.0.6", "5.0.6.rc1", "5.0.5", "5.0.5.rc2", "5.0.5.rc1", "5.0.4", "5.0.4.rc1", "5.0.3", "5.0.2", "5.0.2.rc1", "5.0.1", "5.0.1.rc2", "5.0.1.rc1", "5.0.0.1", "5.0.0", "5.0.0.rc2", "5.0.0.rc1", "5.0.0.racecar1", "5.0.0.beta4", "5.0.0.beta3", "5.0.0.beta2", "5.0.0.beta1.1", "5.0.0.beta1", "4.2.11.3", "4.2.11.2", "4.2.11.1", "4.2.11", "4.2.10", "4.2.10.rc1", "4.2.9", "4.2.9.rc2", "4.2.9.rc1", "4.2.8", "4.2.8.rc1", "4.2.7.1", "4.2.7", "4.2.7.rc1", "4.2.6", "4.2.6.rc1", "4.2.5.2", "4.2.5.1", "4.2.5", "4.2.5.rc2", "4.2.5.rc1", "4.2.4", "4.2.4.rc1", "4.2.3", "4.2.3.rc1", "4.2.2", "4.2.1", "4.2.1.rc4", "4.2.1.rc3", "4.2.1.rc2", "4.2.1.rc1", "4.2.0", "4.2.0.rc3", "4.2.0.rc2", "4.2.0.rc1", "4.2.0.beta4", "4.2.0.beta3", "4.2.0.beta2", "4.2.0.beta1", "4.1.16", "4.1.16.rc1", "4.1.15", "4.1.15.rc1", "4.1.14.2", "4.1.14.1", "4.1.14", "4.1.14.rc2", "4.1.14.rc1", "4.1.13", "4.1.13.rc1", "4.1.12", "4.1.12.rc1", "4.1.11", "4.1.10", "4.1.10.rc4", "4.1.10.rc3", "4.1.10.rc2", "4.1.10.rc1", "4.1.9", "4.1.9.rc1", "4.1.8", "4.1.7.1", "4.1.7", "4.1.6", "4.1.6.rc2", "4.1.6.rc1", "4.1.5", "4.1.4", "4.1.3", "4.1.2", "4.1.2.rc3", "4.1.2.rc2", "4.1.2.rc1", "4.1.1", "4.1.0", "4.1.0.rc2", "4.1.0.rc1", "4.1.0.beta2", "4.1.0.beta1", "4.0.13", "4.0.13.rc1", "4.0.12", "4.0.11.1", "4.0.11", "4.0.10", "4.0.10.rc2", "4.0.10.rc1", "4.0.9", "4.0.8", "4.0.7", "4.0.6", "4.0.6.rc3", "4.0.6.rc2", "4.0.6.rc1", "4.0.5", "4.0.4", "4.0.4.rc1", "4.0.3", "4.0.2", "4.0.1", "4.0.1.rc4", "4.0.1.rc3", "4.0.1.rc2", "4.0.1.rc1", "4.0.0", "4.0.0.rc2", "4.0.0.rc1", "4.0.0.beta1", "3.2.22.5", "3.2.22.4", "3.2.22.3", "3.2.22.2", "3.2.22.1", "3.2.22", "3.2.21", "3.2.20", "3.2.19", "3.2.18", "3.2.17", "3.2.16", "3.2.15", "3.2.15.rc3", "3.2.15.rc2", "3.2.15.rc1", "3.2.14", "3.2.14.rc2", "3.2.14.rc1", "3.2.13", "3.2.13.rc2", "3.2.13.rc1", "3.2.12", "3.2.11", "3.2.10", "3.2.9", "3.2.9.rc3", "3.2.9.rc2", "3.2.9.rc1", "3.2.8", "3.2.8.rc2", "3.2.8.rc1", "3.2.7", "3.2.7.rc1", "3.2.6", "3.2.5", "3.2.4", "3.2.4.rc1", "3.2.3", "3.2.3.rc2", "3.2.3.rc1", "3.2.2", "3.2.2.rc1", "3.2.1", "3.2.0", "3.2.0.rc2", "3.2.0.rc1", "3.1.12", "3.1.11", "3.1.10", "3.1.9", "3.1.8", "3.1.7", "3.1.6", "3.1.5", "3.1.5.rc1", "3.1.4", "3.1.4.rc1", "3.1.3", "3.1.2", "3.1.2.rc2", "3.1.2.rc1", "3.1.1", "3.1.1.rc3", "3.1.1.rc2", "3.1.1.rc1", "3.1.0", "3.1.0.rc8", "3.1.0.rc6", "3.1.0.rc5", "3.1.0.rc4", "3.1.0.rc3", "3.1.0.rc2", "3.1.0.rc1", "3.1.0.beta1", "3.0.20", "3.0.19", "3.0.18", "3.0.17", "3.0.16", "3.0.15", "3.0.14", "3.0.13", "3.0.13.rc1", "3.0.12", "3.0.12.rc1", "3.0.11", "3.0.10", "3.0.10.rc1", "3.0.9", "3.0.9.rc5", "3.0.9.rc4", "3.0.9.rc3", "3.0.9.rc1", "3.0.8", "3.0.8.rc4", "3.0.8.rc2", "3.0.8.rc1", "3.0.7", "3.0.7.rc2", "3.0.7.rc1", "3.0.6", "3.0.6.rc2", "3.0.6.rc1", "3.0.5", "3.0.5.rc1", "3.0.4", "3.0.4.rc1", "3.0.3", "3.0.2", "3.0.1", "3.0.0", "3.0.0.rc2", "3.0.0.rc", "3.0.0.beta4", "3.0.0.beta3", "3.0.0.beta2", "3.0.0.beta", "2.3.18", "2.3.17", "2.3.16", "2.3.15", "2.3.14", "2.3.12", "2.3.11", "2.3.10", "2.3.9", "2.3.9.pre", "2.3.8", "2.3.8.pre1", "2.3.7", "2.3.6", "2.3.5", "2.3.4", "2.3.3", "2.3.2", "2.2.3", "2.2.2", "2.1.2", "2.1.1", "2.1.0", "2.0.5", "2.0.4", "2.0.2", "2.0.1", "2.0.0", "1.13.6", "1.13.5", "1.13.4", "1.13.3", "1.13.2", "1.13.1", "1.13.0", "1.12.5", "1.12.4", "1.12.3", "1.12.2", "1.12.1", "1.12.0", "1.11.2", "1.11.1", "1.11.0", "1.10.2", "1.10.1", "1.9.1", "1.9.0", "1.8.1", "1.8.0", "1.7.0", "1.6.0", "1.5.1", "1.5.0", "1.4.0", "1.3.1", "1.3.0", "1.2.0", "1.1.0", "1.0.1", "1.0.0", "0.9.5", "0.9.0"]
Secure versions:
[7.2.0.beta2, 7.1.3.4, 7.0.8.4, 7.2.0.beta3, 7.2.0.rc1, 7.2.0, 7.2.1, 7.1.4, 8.0.0.beta1]
Recommendation:
Update to version 7.2.1.
Published date: 2023-01-18
Framework: rails
CVE: 2023-22795
There is a possible regular expression based DoS vulnerability in Action
Dispatch related to the If-None-Match header. This vulnerability has been
assigned the CVE identifier CVE-2023-22795.
Versions Affected: All
Not affected: None
Fixed Versions: 5.2.8.15 (Rails LTS), 6.1.7.1, 7.0.4.1
Impact
A specially crafted HTTP If-None-Match header can cause the regular
expression engine to enter a state of catastrophic backtracking, when on a
version of Ruby below 3.2.0. This can cause the process to use large amounts
of CPU and memory, leading to a possible DoS vulnerability All users running
an affected release should either upgrade or use one of the workarounds
immediately.
Workarounds
We recommend that all users upgrade to one of the FIXED versions. In the
meantime, users can mitigate this vulnerability by using a load balancer or
other device to filter out malicious If-None-Match headers before they reach
the application.
Users on Ruby 3.2.0 or greater are not affected by this vulnerability.
Affected versions:
["6.0.3.4", "6.0.3.3", "6.0.3.2", "6.0.3.1", "6.0.3", "6.0.3.rc1", "6.0.2.2", "6.0.2.1", "6.0.2", "6.0.2.rc2", "6.0.2.rc1", "6.0.1", "6.0.1.rc1", "6.0.0", "6.0.0.rc2", "6.0.0.rc1", "6.0.0.beta3", "6.0.0.beta2", "6.0.0.beta1", "5.1.7", "5.1.7.rc1", "5.1.6.2", "5.1.6.1", "5.1.6", "5.1.5", "5.1.5.rc1", "5.1.4", "5.1.4.rc1", "5.1.3", "5.1.3.rc3", "5.1.3.rc2", "5.1.3.rc1", "5.1.2", "5.1.2.rc1", "5.1.1", "5.1.0", "5.1.0.rc2", "5.1.0.rc1", "5.1.0.beta1", "5.0.7.2", "5.0.7.1", "5.0.7", "5.0.6", "5.0.6.rc1", "5.0.5", "5.0.5.rc2", "5.0.5.rc1", "5.0.4", "5.0.4.rc1", "5.0.3", "5.0.2", "5.0.2.rc1", "5.0.1", "5.0.1.rc2", "5.0.1.rc1", "5.0.0.1", "5.0.0", "5.0.0.rc2", "5.0.0.rc1", "5.0.0.racecar1", "5.0.0.beta4", "5.0.0.beta3", "5.0.0.beta2", "5.0.0.beta1.1", "5.0.0.beta1", "4.2.11.3", "4.2.11.2", "4.2.11.1", "4.2.11", "4.2.10", "4.2.10.rc1", "4.2.9", "4.2.9.rc2", "4.2.9.rc1", "4.2.8", "4.2.8.rc1", "4.2.7.1", "4.2.7", "4.2.7.rc1", "4.2.6", "4.2.6.rc1", "4.2.5.2", "4.2.5.1", "4.2.5", "4.2.5.rc2", "4.2.5.rc1", "4.2.4", "4.2.4.rc1", "4.2.3", "4.2.3.rc1", "4.2.2", "4.2.1", "4.2.1.rc4", "4.2.1.rc3", "4.2.1.rc2", "4.2.1.rc1", "4.2.0", "4.2.0.rc3", "4.2.0.rc2", "4.2.0.rc1", "4.2.0.beta4", "4.2.0.beta3", "4.2.0.beta2", "4.2.0.beta1", "4.1.16", "4.1.16.rc1", "4.1.15", "4.1.15.rc1", "4.1.14.2", "4.1.14.1", "4.1.14", "4.1.14.rc2", "4.1.14.rc1", "4.1.13", "4.1.13.rc1", "4.1.12", "4.1.12.rc1", "4.1.11", "4.1.10", "4.1.10.rc4", "4.1.10.rc3", "4.1.10.rc2", "4.1.10.rc1", "4.1.9", "4.1.9.rc1", "4.1.8", "4.1.7.1", "4.1.7", "4.1.6", "4.1.6.rc2", "4.1.6.rc1", "4.1.5", "4.1.4", "4.1.3", "4.1.2", "4.1.2.rc3", "4.1.2.rc2", "4.1.2.rc1", "4.1.1", "4.1.0", "4.1.0.rc2", "4.1.0.rc1", "4.1.0.beta2", "4.1.0.beta1", "4.0.13", "4.0.13.rc1", "4.0.12", "4.0.11.1", "4.0.11", "4.0.10", "4.0.10.rc2", "4.0.10.rc1", "4.0.9", "4.0.8", "4.0.7", "4.0.6", "4.0.6.rc3", "4.0.6.rc2", "4.0.6.rc1", "4.0.5", "4.0.4", "4.0.4.rc1", "4.0.3", "4.0.2", "4.0.1", "4.0.1.rc4", "4.0.1.rc3", "4.0.1.rc2", "4.0.1.rc1", "4.0.0", "4.0.0.rc2", "4.0.0.rc1", "4.0.0.beta1", "3.2.22.5", "3.2.22.4", "3.2.22.3", "3.2.22.2", "3.2.22.1", "3.2.22", "3.2.21", "3.2.20", "3.2.19", "3.2.18", "3.2.17", "3.2.16", "3.2.15", "3.2.15.rc3", "3.2.15.rc2", "3.2.15.rc1", "3.2.14", "3.2.14.rc2", "3.2.14.rc1", "3.2.13", "3.2.13.rc2", "3.2.13.rc1", "3.2.12", "3.2.11", "3.2.10", "3.2.9", "3.2.9.rc3", "3.2.9.rc2", "3.2.9.rc1", "3.2.8", "3.2.8.rc2", "3.2.8.rc1", "3.2.7", "3.2.7.rc1", "3.2.6", "3.2.5", "3.2.4", "3.2.4.rc1", "3.2.3", "3.2.3.rc2", "3.2.3.rc1", "3.2.2", "3.2.2.rc1", "3.2.1", "3.2.0", "3.2.0.rc2", "3.2.0.rc1", "3.1.12", "3.1.11", "3.1.10", "3.1.9", "3.1.8", "3.1.7", "3.1.6", "3.1.5", "3.1.5.rc1", "3.1.4", "3.1.4.rc1", "3.1.3", "3.1.2", "3.1.2.rc2", "3.1.2.rc1", "3.1.1", "3.1.1.rc3", "3.1.1.rc2", "3.1.1.rc1", "3.1.0", "3.1.0.rc8", "3.1.0.rc6", "3.1.0.rc5", "3.1.0.rc4", "3.1.0.rc3", "3.1.0.rc2", "3.1.0.rc1", "3.1.0.beta1", "3.0.20", "3.0.19", "3.0.18", "3.0.17", "3.0.16", "3.0.15", "3.0.14", "3.0.13", "3.0.13.rc1", "3.0.12", "3.0.12.rc1", "3.0.11", "3.0.10", "3.0.10.rc1", "3.0.9", "3.0.9.rc5", "3.0.9.rc4", "3.0.9.rc3", "3.0.9.rc1", "3.0.8", "3.0.8.rc4", "3.0.8.rc2", "3.0.8.rc1", "3.0.7", "3.0.7.rc2", "3.0.7.rc1", "3.0.6", "3.0.6.rc2", "3.0.6.rc1", "3.0.5", "3.0.5.rc1", "3.0.4", "3.0.4.rc1", "3.0.3", "3.0.2", "3.0.1", "3.0.0", "3.0.0.rc2", "3.0.0.rc", "3.0.0.beta4", "3.0.0.beta3", "3.0.0.beta2", "3.0.0.beta", "2.3.18", "2.3.17", "2.3.16", "2.3.15", "2.3.14", "2.3.12", "2.3.11", "2.3.10", "2.3.9", "2.3.9.pre", "2.3.8", "2.3.8.pre1", "2.3.7", "2.3.6", "2.3.5", "2.3.4", "2.3.3", "2.3.2", "2.2.3", "2.2.2", "2.1.2", "2.1.1", "2.1.0", "2.0.5", "2.0.4", "2.0.2", "2.0.1", "2.0.0", "1.13.6", "1.13.5", "1.13.4", "1.13.3", "1.13.2", "1.13.1", "1.13.0", "1.12.5", "1.12.4", "1.12.3", "1.12.2", "1.12.1", "1.12.0", "1.11.2", "1.11.1", "1.11.0", "1.10.2", "1.10.1", "1.9.1", "1.9.0", "1.8.1", "1.8.0", "1.7.0", "1.6.0", "1.5.1", "1.5.0", "1.4.0", "1.3.1", "1.3.0", "1.2.0", "1.1.0", "1.0.1", "1.0.0", "0.9.5", "0.9.0", "6.0.3.5", "6.0.3.6", "6.0.3.7", "6.0.4", "6.0.4.1", "7.0.0.alpha2", "7.0.0.alpha1", "7.0.0.rc1", "7.0.0.rc3", "7.0.0.rc2", "6.0.4.3", "6.0.4.2", "6.0.4.4", "7.0.0", "7.0.1", "7.0.2", "7.0.2.2", "7.0.2.1", "6.0.4.6", "6.0.4.5", "7.0.2.3", "6.0.4.7", "7.0.2.4", "6.0.4.8", "7.0.3", "6.0.5", "7.0.3.1", "6.0.5.1", "7.0.4", "6.0.6", "6.0.6.1"]
Secure versions:
[7.2.0.beta2, 7.1.3.4, 7.0.8.4, 7.2.0.beta3, 7.2.0.rc1, 7.2.0, 7.2.1, 7.1.4, 8.0.0.beta1]
Recommendation:
Update to version 7.2.1.
Published date: 2023-06-26
Framework: rails
CVE: 2023-28362
The redirect_to method in Rails allows provided values to contain characters
which are not legal in an HTTP header value. This results in the potential for
downstream services which enforce RFC compliance on HTTP response headers to
remove the assigned Location header. This vulnerability has been assigned the
CVE identifier CVE-2023-28362.
Versions Affected: All. Not affected: None Fixed Versions: 7.0.5.1, 6.1.7.4
Impact
This introduces the potential for a Cross-site-scripting (XSS) payload to be
delivered on the now static redirection page. Note that this both requires
user interaction and for a Rails app to be configured to allow redirects to
external hosts (defaults to false in Rails >= 7.0.x).
Releases
The FIXED releases are available at the normal locations.
Workarounds
Avoid providing user supplied URLs with arbitrary schemes to the redirect_to
method.
Affected versions:
["6.1.0.rc1", "6.0.3.4", "6.0.3.3", "6.0.3.2", "6.0.3.1", "6.0.3", "6.0.3.rc1", "6.0.2.2", "6.0.2.1", "6.0.2", "6.0.2.rc2", "6.0.2.rc1", "6.0.1", "6.0.1.rc1", "6.0.0", "6.0.0.rc2", "6.0.0.rc1", "6.0.0.beta3", "6.0.0.beta2", "6.0.0.beta1", "5.2.4.4", "5.2.4.3", "5.2.4.2", "5.2.4.1", "5.2.4", "5.2.4.rc1", "5.2.3", "5.2.3.rc1", "5.2.2.1", "5.2.2", "5.2.2.rc1", "5.2.1.1", "5.2.1", "5.2.1.rc1", "5.2.0", "5.2.0.rc2", "5.2.0.rc1", "5.2.0.beta2", "5.2.0.beta1", "5.1.7", "5.1.7.rc1", "5.1.6.2", "5.1.6.1", "5.1.6", "5.1.5", "5.1.5.rc1", "5.1.4", "5.1.4.rc1", "5.1.3", "5.1.3.rc3", "5.1.3.rc2", "5.1.3.rc1", "5.1.2", "5.1.2.rc1", "5.1.1", "5.1.0", "5.1.0.rc2", "5.1.0.rc1", "5.1.0.beta1", "5.0.7.2", "5.0.7.1", "5.0.7", "5.0.6", "5.0.6.rc1", "5.0.5", "5.0.5.rc2", "5.0.5.rc1", "5.0.4", "5.0.4.rc1", "5.0.3", "5.0.2", "5.0.2.rc1", "5.0.1", "5.0.1.rc2", "5.0.1.rc1", "5.0.0.1", "5.0.0", "5.0.0.rc2", "5.0.0.rc1", "5.0.0.racecar1", "5.0.0.beta4", "5.0.0.beta3", "5.0.0.beta2", "5.0.0.beta1.1", "5.0.0.beta1", "4.2.11.3", "4.2.11.2", "4.2.11.1", "4.2.11", "4.2.10", "4.2.10.rc1", "4.2.9", "4.2.9.rc2", "4.2.9.rc1", "4.2.8", "4.2.8.rc1", "4.2.7.1", "4.2.7", "4.2.7.rc1", "4.2.6", "4.2.6.rc1", "4.2.5.2", "4.2.5.1", "4.2.5", "4.2.5.rc2", "4.2.5.rc1", "4.2.4", "4.2.4.rc1", "4.2.3", "4.2.3.rc1", "4.2.2", "4.2.1", "4.2.1.rc4", "4.2.1.rc3", "4.2.1.rc2", "4.2.1.rc1", "4.2.0", "4.2.0.rc3", "4.2.0.rc2", "4.2.0.rc1", "4.2.0.beta4", "4.2.0.beta3", "4.2.0.beta2", "4.2.0.beta1", "4.1.16", "4.1.16.rc1", "4.1.15", "4.1.15.rc1", "4.1.14.2", "4.1.14.1", "4.1.14", "4.1.14.rc2", "4.1.14.rc1", "4.1.13", "4.1.13.rc1", "4.1.12", "4.1.12.rc1", "4.1.11", "4.1.10", "4.1.10.rc4", "4.1.10.rc3", "4.1.10.rc2", "4.1.10.rc1", "4.1.9", "4.1.9.rc1", "4.1.8", "4.1.7.1", "4.1.7", "4.1.6", "4.1.6.rc2", "4.1.6.rc1", "4.1.5", "4.1.4", "4.1.3", "4.1.2", "4.1.2.rc3", "4.1.2.rc2", "4.1.2.rc1", "4.1.1", "4.1.0", "4.1.0.rc2", "4.1.0.rc1", "4.1.0.beta2", "4.1.0.beta1", "4.0.13", "4.0.13.rc1", "4.0.12", "4.0.11.1", "4.0.11", "4.0.10", "4.0.10.rc2", "4.0.10.rc1", "4.0.9", "4.0.8", "4.0.7", "4.0.6", "4.0.6.rc3", "4.0.6.rc2", "4.0.6.rc1", "4.0.5", "4.0.4", "4.0.4.rc1", "4.0.3", "4.0.2", "4.0.1", "4.0.1.rc4", "4.0.1.rc3", "4.0.1.rc2", "4.0.1.rc1", "4.0.0", "4.0.0.rc2", "4.0.0.rc1", "4.0.0.beta1", "3.2.22.5", "3.2.22.4", "3.2.22.3", "3.2.22.2", "3.2.22.1", "3.2.22", "3.2.21", "3.2.20", "3.2.19", "3.2.18", "3.2.17", "3.2.16", "3.2.15", "3.2.15.rc3", "3.2.15.rc2", "3.2.15.rc1", "3.2.14", "3.2.14.rc2", "3.2.14.rc1", "3.2.13", "3.2.13.rc2", "3.2.13.rc1", "3.2.12", "3.2.11", "3.2.10", "3.2.9", "3.2.9.rc3", "3.2.9.rc2", "3.2.9.rc1", "3.2.8", "3.2.8.rc2", "3.2.8.rc1", "3.2.7", "3.2.7.rc1", "3.2.6", "3.2.5", "3.2.4", "3.2.4.rc1", "3.2.3", "3.2.3.rc2", "3.2.3.rc1", "3.2.2", "3.2.2.rc1", "3.2.1", "3.2.0", "3.2.0.rc2", "3.2.0.rc1", "3.1.12", "3.1.11", "3.1.10", "3.1.9", "3.1.8", "3.1.7", "3.1.6", "3.1.5", "3.1.5.rc1", "3.1.4", "3.1.4.rc1", "3.1.3", "3.1.2", "3.1.2.rc2", "3.1.2.rc1", "3.1.1", "3.1.1.rc3", "3.1.1.rc2", "3.1.1.rc1", "3.1.0", "3.1.0.rc8", "3.1.0.rc6", "3.1.0.rc5", "3.1.0.rc4", "3.1.0.rc3", "3.1.0.rc2", "3.1.0.rc1", "3.1.0.beta1", "3.0.20", "3.0.19", "3.0.18", "3.0.17", "3.0.16", "3.0.15", "3.0.14", "3.0.13", "3.0.13.rc1", "3.0.12", "3.0.12.rc1", "3.0.11", "3.0.10", "3.0.10.rc1", "3.0.9", "3.0.9.rc5", "3.0.9.rc4", "3.0.9.rc3", "3.0.9.rc1", "3.0.8", "3.0.8.rc4", "3.0.8.rc2", "3.0.8.rc1", "3.0.7", "3.0.7.rc2", "3.0.7.rc1", "3.0.6", "3.0.6.rc2", "3.0.6.rc1", "3.0.5", "3.0.5.rc1", "3.0.4", "3.0.4.rc1", "3.0.3", "3.0.2", "3.0.1", "3.0.0", "3.0.0.rc2", "3.0.0.rc", "3.0.0.beta4", "3.0.0.beta3", "3.0.0.beta2", "3.0.0.beta", "2.3.18", "2.3.17", "2.3.16", "2.3.15", "2.3.14", "2.3.12", "2.3.11", "2.3.10", "2.3.9", "2.3.9.pre", "2.3.8", "2.3.8.pre1", "2.3.7", "2.3.6", "2.3.5", "2.3.4", "2.3.3", "2.3.2", "2.2.3", "2.2.2", "2.1.2", "2.1.1", "2.1.0", "2.0.5", "2.0.4", "2.0.2", "2.0.1", "2.0.0", "1.13.6", "1.13.5", "1.13.4", "1.13.3", "1.13.2", "1.13.1", "1.13.0", "1.12.5", "1.12.4", "1.12.3", "1.12.2", "1.12.1", "1.12.0", "1.11.2", "1.11.1", "1.11.0", "1.10.2", "1.10.1", "1.9.1", "1.9.0", "1.8.1", "1.8.0", "1.7.0", "1.6.0", "1.5.1", "1.5.0", "1.4.0", "1.3.1", "1.3.0", "1.2.0", "1.1.0", "1.0.1", "1.0.0", "0.9.5", "0.9.0", "6.1.0.rc2", "6.1.0", "6.1.1", "6.1.2", "6.1.2.1", "6.0.3.5", "5.2.4.5", "6.1.3", "6.1.3.1", "6.0.3.6", "5.2.5", "6.1.3.2", "6.0.3.7", "5.2.6", "5.2.4.6", "6.0.4", "6.1.4", "6.1.4.1", "6.0.4.1", "7.0.0.alpha2", "7.0.0.alpha1", "7.0.0.rc1", "7.0.0.rc3", "7.0.0.rc2", "6.1.4.3", "6.1.4.2", "6.0.4.3", "6.0.4.2", "6.1.4.4", "6.0.4.4", "7.0.0", "7.0.1", "7.0.2", "7.0.2.2", "7.0.2.1", "6.1.4.6", "6.1.4.5", "6.0.4.6", "6.0.4.5", "5.2.6.2", "5.2.6.1", "7.0.2.3", "6.1.4.7", "6.0.4.7", "5.2.6.3", "6.1.5", "5.2.7", "7.0.2.4", "6.1.5.1", "6.0.4.8", "5.2.7.1", "7.0.3", "6.1.6", "6.0.5", "5.2.8", "7.0.3.1", "6.1.6.1", "6.0.5.1", "5.2.8.1", "7.0.4", "6.1.7", "6.0.6", "7.0.4.1", "6.0.6.1", "7.0.4.2", "7.0.4.3", "7.0.5"]
Secure versions:
[7.2.0.beta2, 7.1.3.4, 7.0.8.4, 7.2.0.beta3, 7.2.0.rc1, 7.2.0, 7.2.1, 7.1.4, 8.0.0.beta1]
Recommendation:
Update to version 7.2.1.
Published date: 2013-12-03
Framework: rails
CVE: 2013-6415
CVSS V2: 4.3
There is an XSS vulnerability in the numberto currency helper in Ruby on Raile.
The numberto currency helper allows users to nicely format a numeric value. One
of the parameters to the helper (unit) is not escaped correctly. Applications
which pass user controlled data as the unit parameter are vulnerable to an XSS attack.
Affected versions:
["4.0.1", "4.0.1.rc4", "4.0.1.rc3", "4.0.1.rc2", "4.0.1.rc1", "4.0.0", "4.0.0.rc2", "4.0.0.rc1", "4.0.0.beta1", "3.1.12", "3.1.11", "3.1.10", "3.1.9", "3.1.8", "3.1.7", "3.1.6", "3.1.5", "3.1.5.rc1", "3.1.4", "3.1.4.rc1", "3.1.3", "3.1.2", "3.1.2.rc2", "3.1.2.rc1", "3.1.1", "3.1.1.rc3", "3.1.1.rc2", "3.1.1.rc1", "3.1.0", "3.1.0.rc8", "3.1.0.rc6", "3.1.0.rc5", "3.1.0.rc4", "3.1.0.rc3", "3.1.0.rc2", "3.1.0.rc1", "3.1.0.beta1", "3.0.20", "3.0.19", "3.0.18", "3.0.17", "3.0.16", "3.0.15", "3.0.14", "3.0.13", "3.0.13.rc1", "3.0.12", "3.0.12.rc1", "3.0.11", "3.0.10", "3.0.10.rc1", "3.0.9", "3.0.9.rc5", "3.0.9.rc4", "3.0.9.rc3", "3.0.9.rc1", "3.0.8", "3.0.8.rc4", "3.0.8.rc2", "3.0.8.rc1", "3.0.7", "3.0.7.rc2", "3.0.7.rc1", "3.0.6", "3.0.6.rc2", "3.0.6.rc1", "3.0.5", "3.0.5.rc1", "3.0.4", "3.0.4.rc1", "3.0.3", "3.0.2", "3.0.1", "3.0.0", "3.0.0.rc2", "3.0.0.rc", "3.0.0.beta4", "3.0.0.beta3", "3.0.0.beta2", "3.0.0.beta", "2.3.18", "2.3.17", "2.3.16", "2.3.15", "2.3.14", "2.3.12", "2.3.11", "2.3.10", "2.3.9", "2.3.9.pre", "2.3.8", "2.3.8.pre1", "2.3.7", "2.3.6", "2.3.5", "2.3.4", "2.3.3", "2.3.2", "2.2.3", "2.2.2", "2.1.2", "2.1.1", "2.1.0", "2.0.5", "2.0.4", "2.0.2", "2.0.1", "2.0.0", "1.13.6", "1.13.5", "1.13.4", "1.13.3", "1.13.2", "1.13.1", "1.13.0", "1.12.5", "1.12.4", "1.12.3", "1.12.2", "1.12.1", "1.12.0", "1.11.2", "1.11.1", "1.11.0", "1.10.2", "1.10.1", "1.9.1", "1.9.0", "1.8.1", "1.8.0", "1.7.0", "1.6.0", "1.5.1", "1.5.0", "1.4.0", "1.3.1", "1.3.0", "1.2.0", "1.1.0", "1.0.1", "1.0.0", "0.9.5", "0.9.0"]
Secure versions:
[7.2.0.beta2, 7.1.3.4, 7.0.8.4, 7.2.0.beta3, 7.2.0.rc1, 7.2.0, 7.2.1, 7.1.4, 8.0.0.beta1]
Recommendation:
Update to version 7.2.1.
Published date: 2013-12-03
Framework: rails
CVE: 2013-6414
CVSS V2: 5.0
There is a denial of service vulnerability in the header handling component of
Action View.
Affected versions:
["4.0.1", "4.0.1.rc4", "4.0.1.rc3", "4.0.1.rc2", "4.0.1.rc1", "4.0.0", "4.0.0.rc2", "4.0.0.rc1", "4.0.0.beta1", "3.1.12", "3.1.11", "3.1.10", "3.1.9", "3.1.8", "3.1.7", "3.1.6", "3.1.5", "3.1.5.rc1", "3.1.4", "3.1.4.rc1", "3.1.3", "3.1.2", "3.1.2.rc2", "3.1.2.rc1", "3.1.1", "3.1.1.rc3", "3.1.1.rc2", "3.1.1.rc1", "3.1.0", "3.1.0.rc8", "3.1.0.rc6", "3.1.0.rc5", "3.1.0.rc4", "3.1.0.rc3", "3.1.0.rc2", "3.1.0.rc1", "3.1.0.beta1", "3.0.20", "3.0.19", "3.0.18", "3.0.17", "3.0.16", "3.0.15", "3.0.14", "3.0.13", "3.0.13.rc1", "3.0.12", "3.0.12.rc1", "3.0.11", "3.0.10", "3.0.10.rc1", "3.0.9", "3.0.9.rc5", "3.0.9.rc4", "3.0.9.rc3", "3.0.9.rc1", "3.0.8", "3.0.8.rc4", "3.0.8.rc2", "3.0.8.rc1", "3.0.7", "3.0.7.rc2", "3.0.7.rc1", "3.0.6", "3.0.6.rc2", "3.0.6.rc1", "3.0.5", "3.0.5.rc1", "3.0.4", "3.0.4.rc1", "3.0.3", "3.0.2", "3.0.1", "3.0.0", "3.0.0.rc2", "3.0.0.rc", "3.0.0.beta4", "3.0.0.beta3", "3.0.0.beta2", "3.0.0.beta", "2.2.3", "2.2.2", "2.1.2", "2.1.1", "2.1.0", "2.0.5", "2.0.4", "2.0.2", "2.0.1", "2.0.0", "1.13.6", "1.13.5", "1.13.4", "1.13.3", "1.13.2", "1.13.1", "1.13.0", "1.12.5", "1.12.4", "1.12.3", "1.12.2", "1.12.1", "1.12.0", "1.11.2", "1.11.1", "1.11.0", "1.10.2", "1.10.1", "1.9.1", "1.9.0", "1.8.1", "1.8.0", "1.7.0", "1.6.0", "1.5.1", "1.5.0", "1.4.0", "1.3.1", "1.3.0", "1.2.0", "1.1.0", "1.0.1", "1.0.0", "0.9.5", "0.9.0"]
Secure versions:
[7.2.0.beta2, 7.1.3.4, 7.0.8.4, 7.2.0.beta3, 7.2.0.rc1, 7.2.0, 7.2.1, 7.1.4, 8.0.0.beta1]
Recommendation:
Update to version 7.2.1.
Published date: 2013-12-03
Framework: rails
CVE: 2013-6416
CVSS V2: 4.3
There is a vulnerability in the simpleformat helper in Ruby on Rails.
The simple format helper converts user supplied text into html text
which is intended to be safe for display. A change made to the
implementation of this helper means that any user provided HTML
attributes will not be escaped correctly. As a result of this error,
applications which pass user-controlled data to be included as html
attributes will be vulnerable to an XSS attack.
Affected versions:
["4.0.1", "4.0.1.rc4", "4.0.1.rc3", "4.0.1.rc2", "4.0.1.rc1", "4.0.0", "4.0.0.rc2", "4.0.0.rc1", "4.0.0.beta1", "3.0.20", "3.0.19", "3.0.18", "3.0.17", "3.0.16", "3.0.15", "3.0.14", "3.0.13", "3.0.13.rc1", "3.0.12", "3.0.12.rc1", "3.0.11", "3.0.10", "3.0.10.rc1", "3.0.9", "3.0.9.rc5", "3.0.9.rc4", "3.0.9.rc3", "3.0.9.rc1", "3.0.8", "3.0.8.rc4", "3.0.8.rc2", "3.0.8.rc1", "3.0.7", "3.0.7.rc2", "3.0.7.rc1", "3.0.6", "3.0.6.rc2", "3.0.6.rc1", "3.0.5", "3.0.5.rc1", "3.0.4", "3.0.4.rc1", "3.0.3", "3.0.2", "3.0.1", "3.0.0", "3.0.0.rc2", "3.0.0.rc", "3.0.0.beta4", "3.0.0.beta3", "3.0.0.beta2", "3.0.0.beta", "2.2.3", "2.2.2", "2.1.2", "2.1.1", "2.1.0", "2.0.5", "2.0.4", "2.0.2", "2.0.1", "2.0.0", "1.13.6", "1.13.5", "1.13.4", "1.13.3", "1.13.2", "1.13.1", "1.13.0", "1.12.5", "1.12.4", "1.12.3", "1.12.2", "1.12.1", "1.12.0", "1.11.2", "1.11.1", "1.11.0", "1.10.2", "1.10.1", "1.9.1", "1.9.0", "1.8.1", "1.8.0", "1.7.0", "1.6.0", "1.5.1", "1.5.0", "1.4.0", "1.3.1", "1.3.0", "1.2.0", "1.1.0", "1.0.1", "1.0.0", "0.9.5", "0.9.0"]
Secure versions:
[7.2.0.beta2, 7.1.3.4, 7.0.8.4, 7.2.0.beta3, 7.2.0.rc1, 7.2.0, 7.2.1, 7.1.4, 8.0.0.beta1]
Recommendation:
Update to version 7.2.1.
Published date: 2013-12-03
Framework: rails
CVE: 2013-6417
CVSS V2: 6.4
The prior fix to CVE-2013-0155 was incomplete and the use of common
3rd party libraries can accidentally circumvent the protection. Due
to the way that Rack::Request and Rails::Request interact, it is
possible for a 3rd party or custom rack middleware to parse the
parameters insecurely and store them in the same key that Rails uses
for its own parameters. In the event that happens the application
will receive unsafe parameters and could be vulnerable to the earlier
vulnerability.
Affected versions:
["4.0.1", "4.0.1.rc4", "4.0.1.rc3", "4.0.1.rc2", "4.0.1.rc1", "4.0.0", "4.0.0.rc2", "4.0.0.rc1", "4.0.0.beta1", "3.1.12", "3.1.11", "3.1.10", "3.1.9", "3.1.8", "3.1.7", "3.1.6", "3.1.5", "3.1.5.rc1", "3.1.4", "3.1.4.rc1", "3.1.3", "3.1.2", "3.1.2.rc2", "3.1.2.rc1", "3.1.1", "3.1.1.rc3", "3.1.1.rc2", "3.1.1.rc1", "3.1.0", "3.1.0.rc8", "3.1.0.rc6", "3.1.0.rc5", "3.1.0.rc4", "3.1.0.rc3", "3.1.0.rc2", "3.1.0.rc1", "3.1.0.beta1", "3.0.20", "3.0.19", "3.0.18", "3.0.17", "3.0.16", "3.0.15", "3.0.14", "3.0.13", "3.0.13.rc1", "3.0.12", "3.0.12.rc1", "3.0.11", "3.0.10", "3.0.10.rc1", "3.0.9", "3.0.9.rc5", "3.0.9.rc4", "3.0.9.rc3", "3.0.9.rc1", "3.0.8", "3.0.8.rc4", "3.0.8.rc2", "3.0.8.rc1", "3.0.7", "3.0.7.rc2", "3.0.7.rc1", "3.0.6", "3.0.6.rc2", "3.0.6.rc1", "3.0.5", "3.0.5.rc1", "3.0.4", "3.0.4.rc1", "3.0.3", "3.0.2", "3.0.1", "3.0.0", "3.0.0.rc2", "3.0.0.rc", "3.0.0.beta4", "3.0.0.beta3", "3.0.0.beta2", "3.0.0.beta", "2.3.18", "2.3.17", "2.3.16", "2.3.15", "2.3.14", "2.3.12", "2.3.11", "2.3.10", "2.3.9", "2.3.9.pre", "2.3.8", "2.3.8.pre1", "2.3.7", "2.3.6", "2.3.5", "2.3.4", "2.3.3", "2.3.2", "2.2.3", "2.2.2", "2.1.2", "2.1.1", "2.1.0", "2.0.5", "2.0.4", "2.0.2", "2.0.1", "2.0.0", "1.13.6", "1.13.5", "1.13.4", "1.13.3", "1.13.2", "1.13.1", "1.13.0", "1.12.5", "1.12.4", "1.12.3", "1.12.2", "1.12.1", "1.12.0", "1.11.2", "1.11.1", "1.11.0", "1.10.2", "1.10.1", "1.9.1", "1.9.0", "1.8.1", "1.8.0", "1.7.0", "1.6.0", "1.5.1", "1.5.0", "1.4.0", "1.3.1", "1.3.0", "1.2.0", "1.1.0", "1.0.1", "1.0.0", "0.9.5", "0.9.0"]
Secure versions:
[7.2.0.beta2, 7.1.3.4, 7.0.8.4, 7.2.0.beta3, 7.2.0.rc1, 7.2.0, 7.2.1, 7.1.4, 8.0.0.beta1]
Recommendation:
Update to version 7.2.1.
Published date: 2013-12-03
Framework: rails
CVE: 2013-4491
CVSS V2: 4.3
There is a vulnerability in the internationalization component of Ruby on
Rails. Under certain common configurations an attacker can provide specially
crafted input which will execute a reflective XSS attack.
The root cause of this issue is a vulnerability in the i18n gem which has
been assigned the identifier CVE-2013-4492.
Affected versions:
["4.0.1", "4.0.1.rc4", "4.0.1.rc3", "4.0.1.rc2", "4.0.1.rc1", "4.0.0", "4.0.0.rc2", "4.0.0.rc1", "4.0.0.beta1", "3.1.12", "3.1.11", "3.1.10", "3.1.9", "3.1.8", "3.1.7", "3.1.6", "3.1.5", "3.1.5.rc1", "3.1.4", "3.1.4.rc1", "3.1.3", "3.1.2", "3.1.2.rc2", "3.1.2.rc1", "3.1.1", "3.1.1.rc3", "3.1.1.rc2", "3.1.1.rc1", "3.1.0", "3.1.0.rc8", "3.1.0.rc6", "3.1.0.rc5", "3.1.0.rc4", "3.1.0.rc3", "3.1.0.rc2", "3.1.0.rc1", "3.1.0.beta1", "3.0.20", "3.0.19", "3.0.18", "3.0.17", "3.0.16", "3.0.15", "3.0.14", "3.0.13", "3.0.13.rc1", "3.0.12", "3.0.12.rc1", "3.0.11", "3.0.10", "3.0.10.rc1", "3.0.9", "3.0.9.rc5", "3.0.9.rc4", "3.0.9.rc3", "3.0.9.rc1", "3.0.8", "3.0.8.rc4", "3.0.8.rc2", "3.0.8.rc1", "3.0.7", "3.0.7.rc2", "3.0.7.rc1", "3.0.6", "3.0.6.rc2", "3.0.6.rc1", "3.0.5", "3.0.5.rc1", "3.0.4", "3.0.4.rc1", "3.0.3", "3.0.2", "3.0.1", "3.0.0", "3.0.0.rc2", "3.0.0.rc", "3.0.0.beta4", "3.0.0.beta3", "3.0.0.beta2", "3.0.0.beta", "2.3.18", "2.3.17", "2.3.16", "2.3.15", "2.3.14", "2.3.12", "2.3.11", "2.3.10", "2.3.9", "2.3.9.pre", "2.3.8", "2.3.8.pre1", "2.3.7", "2.3.6", "2.3.5", "2.3.4", "2.3.3", "2.3.2", "2.2.3", "2.2.2", "2.1.2", "2.1.1", "2.1.0", "2.0.5", "2.0.4", "2.0.2", "2.0.1", "2.0.0", "1.13.6", "1.13.5", "1.13.4", "1.13.3", "1.13.2", "1.13.1", "1.13.0", "1.12.5", "1.12.4", "1.12.3", "1.12.2", "1.12.1", "1.12.0", "1.11.2", "1.11.1", "1.11.0", "1.10.2", "1.10.1", "1.9.1", "1.9.0", "1.8.1", "1.8.0", "1.7.0", "1.6.0", "1.5.1", "1.5.0", "1.4.0", "1.3.1", "1.3.0", "1.2.0", "1.1.0", "1.0.1", "1.0.0", "0.9.5", "0.9.0"]
Secure versions:
[7.2.0.beta2, 7.1.3.4, 7.0.8.4, 7.2.0.beta3, 7.2.0.rc1, 7.2.0, 7.2.1, 7.1.4, 8.0.0.beta1]
Recommendation:
Update to version 7.2.1.
Published date: 2011-08-16
Framework: rails
CVE: 2011-3186
CVSS V2: 4.3
A response splitting flaw in Ruby on Rails 2.3.x was reported that could allow
a remote attacker to inject arbitrary HTTP headers into a response due to
insufficient sanitization of the values provided for response content types.
Affected versions:
["2.3.12", "2.3.11", "2.3.10", "2.3.9", "2.3.9.pre", "2.3.8", "2.3.8.pre1", "2.3.7", "2.3.6", "2.3.5", "2.3.4", "2.3.3", "2.3.2", "2.2.3", "2.2.2", "2.1.2", "2.1.1", "2.1.0", "2.0.5", "2.0.4", "2.0.2", "2.0.1", "2.0.0", "1.13.6", "1.13.5", "1.13.4", "1.13.3", "1.13.2", "1.13.1", "1.13.0", "1.12.5", "1.12.4", "1.12.3", "1.12.2", "1.12.1", "1.12.0", "1.11.2", "1.11.1", "1.11.0", "1.10.2", "1.10.1", "1.9.1", "1.9.0", "1.8.1", "1.8.0", "1.7.0", "1.6.0", "1.5.1", "1.5.0", "1.4.0", "1.3.1", "1.3.0", "1.2.0", "1.1.0", "1.0.1", "1.0.0", "0.9.5", "0.9.0"]
Secure versions:
[7.2.0.beta2, 7.1.3.4, 7.0.8.4, 7.2.0.beta3, 7.2.0.rc1, 7.2.0, 7.2.1, 7.1.4, 8.0.0.beta1]
Recommendation:
Update to version 7.2.1.
Published date: 2011-11-17
Framework: rails
CVE: 2011-4319
CVSS V2: 4.3
A cross-site scripting (XSS) flaw was found in the way the 'translate' helper
method of the Ruby on Rails performed HTML escaping of interpolated user
input, when interpolation in combination with HTML-safe translations were
used. A remote attacker could use this flaw to execute arbitrary HTML or web
script by providing a specially-crafted input to Ruby on Rails application,
using the ActionPack module and its 'translate' helper method without explicit
(application specific) sanitization of user provided input.
Affected versions:
["3.1.2.rc2", "3.1.2.rc1", "3.1.1", "3.1.1.rc3", "3.1.1.rc2", "3.1.1.rc1", "3.1.0", "3.1.0.rc8", "3.1.0.rc6", "3.1.0.rc5", "3.1.0.rc4", "3.1.0.rc3", "3.1.0.rc2", "3.1.0.rc1", "3.1.0.beta1", "2.3.18", "2.3.17", "2.3.16", "2.3.15", "2.3.14", "2.3.12", "2.3.11", "2.3.10", "2.3.9", "2.3.9.pre", "2.3.8", "2.3.8.pre1", "2.3.7", "2.3.6", "2.3.5", "2.3.4", "2.3.3", "2.3.2", "2.2.3", "2.2.2", "2.1.2", "2.1.1", "2.1.0", "2.0.5", "2.0.4", "2.0.2", "2.0.1", "2.0.0", "1.13.6", "1.13.5", "1.13.4", "1.13.3", "1.13.2", "1.13.1", "1.13.0", "1.12.5", "1.12.4", "1.12.3", "1.12.2", "1.12.1", "1.12.0", "1.11.2", "1.11.1", "1.11.0", "1.10.2", "1.10.1", "1.9.1", "1.9.0", "1.8.1", "1.8.0", "1.7.0", "1.6.0", "1.5.1", "1.5.0", "1.4.0", "1.3.1", "1.3.0", "1.2.0", "1.1.0", "1.0.1", "1.0.0", "0.9.5", "0.9.0"]
Secure versions:
[7.2.0.beta2, 7.1.3.4, 7.0.8.4, 7.2.0.beta3, 7.2.0.rc1, 7.2.0, 7.2.1, 7.1.4, 8.0.0.beta1]
Recommendation:
Update to version 7.2.1.
478 Other Versions