CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-47887 – Action Controller has possible ReDoS vulnerability in HTTP Token authentication
https://notcve.org/view.php?id=CVE-2024-47887
16 Oct 2024 — Action Pack is a framework for handling and responding to web requests. Starting in version 4.0.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1, there is a possible ReDoS vulnerability in Action Controller's HTTP Token authentication. For applications using HTTP Token authentication via `authenticate_or_request_with_http_token` or similar, a carefully crafted header may cause header parsing to take an unexpected amount of time, possibly resulting in a DoS vulnerability. All users running an a... • https://github.com/rails/rails/commit/56b2fc3302836405b496e196a8d5fc0195e55049 • CWE-1333: Inefficient Regular Expression Complexity •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-41128 – Action Dispatch has possible ReDoS vulnerability in query parameter filtering
https://notcve.org/view.php?id=CVE-2024-41128
16 Oct 2024 — Action Pack is a framework for handling and responding to web requests. Starting in version 3.1.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1, there is a possible ReDoS vulnerability in the query parameter filtering routines of Action Dispatch. Carefully crafted query parameters can cause query parameter filtering to take an unexpected amount of time, possibly resulting in a DoS vulnerability. All users running an affected release should either upgrade to version 6.1.7.9, 7.0.8.5, 7.1.4.1, ... • https://access.redhat.com/security/cve/cve-2024-41128 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 5.3EPSS: 1%CPEs: 2EXPL: 1CVE-2024-26144 – Possible Sensitive Session Information Leak in Active Storage
https://notcve.org/view.php?id=CVE-2024-26144
27 Feb 2024 — Rails is a web-application framework. Starting with version 5.2.0, there is a possible sensitive session information leak in Active Storage. By default, Active Storage sends a Set-Cookie header along with the user's session cookie when serving blobs. It also sets Cache-Control to public. Certain proxies may cache the Set-Cookie, leading to an information leak. • https://github.com/gmo-ierae/CVE-2024-26144-test • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.4EPSS: 0%CPEs: 2EXPL: 0CVE-2024-26143 – Rails Possible XSS Vulnerability in Action Controller
https://notcve.org/view.php?id=CVE-2024-26143
27 Feb 2024 — Rails is a web-application framework. There is a possible XSS vulnerability when using the translation helpers in Action Controller. Applications using translation methods like translate, or t on a controller, with a key ending in "_html", a :default key which contains untrusted user input, and the resulting string is used in a view, may be susceptible to an XSS vulnerability. The vulnerability is fixed in 7.1.3.1 and 7.0.8.1. Rails es un framework de aplicación web. • https://discuss.rubyonrails.org/t/possible-xss-vulnerability-in-action-controller/84947 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 3%CPEs: 1EXPL: 0CVE-2024-26142 – Rails possible ReDoS vulnerability in Accept header parsing in Action Dispatch
https://notcve.org/view.php?id=CVE-2024-26142
27 Feb 2024 — Rails is a web-application framework. Starting in version 7.1.0, there is a possible ReDoS vulnerability in the Accept header parsing routines of Action Dispatch. This vulnerability is patched in 7.1.3.1. Ruby 3.2 has mitigations for this problem, so Rails applications using Ruby 3.2 or newer are unaffected. Rails es un framework de aplicación web. • https://discuss.rubyonrails.org/t/possible-redos-vulnerability-in-accept-header-parsing-in-action-dispatch/84946 • CWE-1333: Inefficient Regular Expression Complexity •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2015-2179
https://notcve.org/view.php?id=CVE-2015-2179
12 Dec 2023 — The xaviershay-dm-rails gem 0.10.3.8 for Ruby allows local users to discover MySQL credentials by listing a process and its arguments. xaviershay-dm-rails gem 0.10.3.8 para Ruby permite a los usuarios locales descubrir las credenciales de MySQL enumerando un proceso y sus argumentos. • http://www.vapid.dhs.org/advisory.php?v=115 •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2023-27539 – rubygem-rack: denial of service in header parsing
https://notcve.org/view.php?id=CVE-2023-27539
25 Apr 2023 — There is a denial of service vulnerability in the header parsing component of Rack. A denial of service vulnerability was found in rubygem-rack in how it parses headers. A carefully crafted input can cause header parsing to take an unexpected amount of time, possibly resulting in a denial of service. It was discovered that Rack was not properly parsing data when processing multipart POST requests. If a user or automated system were tricked into sending a specially crafted multipart POST request to an applic... • https://discuss.rubyonrails.org/t/cve-2023-27539-possible-denial-of-service-vulnerability-in-racks-header-parsing/82466 • CWE-1333: Inefficient Regular Expression Complexity •
CVSS: 10.0EPSS: 3%CPEs: 1EXPL: 1CVE-2023-27849
https://notcve.org/view.php?id=CVE-2023-27849
24 Apr 2023 — rails-routes-to-json v1.0.0 was discovered to contain a remote code execution (RCE) vulnerability via the child_process function. • https://github.com/omnitaint/Vulnerability-Reports/blob/2211ea4712f24d20b7f223fb737910fdfb041edb/reports/rails-routes-to-json/report.md • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-23913 – Debian Security Advisory 5389-1
https://notcve.org/view.php?id=CVE-2023-23913
17 Apr 2023 — There is a potential DOM based cross-site scripting issue in rails-ujs which leverages the Clipboard API to target HTML elements that are assigned the contenteditable attribute. This has the potential to occur when pasting malicious HTML content from the clipboard that includes a data-method, data-remote or data-disable-with attribute. Two vulnerabilities were discovered in rails, the Ruby based server-side MVC web application framework, which could lead to XSS and DOM based cross-site scripting (CRS). This... • https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033263 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.4EPSS: 0%CPEs: 2EXPL: 0CVE-2023-28120 – rubygem-activesupport: Possible XSS in SafeBuffer#bytesplice
https://notcve.org/view.php?id=CVE-2023-28120
17 Apr 2023 — There is a vulnerability in ActiveSupport if the new bytesplice method is called on a SafeBuffer with untrusted user input. A Cross-Site-Scripting vulnerability was found in rubygem ActiveSupport. If the new bytesplice method is called on a SafeBuffer with untrusted user input, malicious code could be executed. Two vulnerabilities were discovered in rails, the Ruby based server-side MVC web application framework, which could lead to XSS and DOM based cross-site scripting (CRS). This update also fixes a regr... • https://discuss.rubyonrails.org/t/cve-2023-28120-possible-xss-security-vulnerability-in-safebuffer-bytesplice/82469 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •