rails Summary
Latest vulnerabilities published by rails
Vulnerability Published:
ποΈ Published
- Anytime
Sort By:
ποΈ Published Date
- Descending
Unescaped ANSI Sequences Vulnerability in Active Record by Rails
CVE-2025-55193RailsRails2.7LOWDOM-based Cross-Site Scripting in Rails Framework Affecting Rails-ujs
CVE-2023-23913RailsRails-ujsDeserialization Vulnerability in Kredis by Ruby on Rails
CVE-2023-27531RailsKredis JsonDenial of Service Vulnerability in Rack's Header Parsing Component
CVE-2023-27539RailsRackHTTP Header Vulnerability in Ruby on Rails
CVE-2023-28362RailsAction PackFile Permission Vulnerability in ActiveSupport for Ruby on Rails
CVE-2023-38037RailsActivesupportXSS Vulnerability in ActiveSupport Affects Ruby on Rails
CVE-2023-28120RailsActivesupportPossible XSS vulnerability in Rails::HTML::Sanitizer
CVE-2024-53985RailsRails-html-sanitizerPossible XSS Vulnerability in Rails HTML Sanitizer
CVE-2024-53987RailsRails-html-sanitizerPossible XSS Vulnerability in Rails HTML Sanitizer
CVE-2024-53986RailsRails-html-sanitizerPossible XSS Vulnerability in Rails::HTML::Sanitizer 1.6.0
CVE-2024-53988RailsRails-html-sanitizerPossible XSS Vulnerability in Rails HTML Sanitizer
CVE-2024-53989RailsRails-html-sanitizerPossible ReDoS Vulnerability in Action Mailer's Block Format Helper
CVE-2024-47889RailsRailsPossible DoS Vulnerability in Action Controller's HTTP Token Authentication
CVE-2024-47887RailsRailsPossible DoS Vulnerability in Action Dispatch Due to Insufficient Filtering of Query Parameters
CVE-2024-41128RailsRailsAction Pack Fixes Permissions-Policy Vulnerability
CVE-2024-28103RailsRails9.8CRITICALPossible Sensitive Session Information Leak in Active Storage
CVE-2024-26144RailsRails5.3MEDIUMPossible XSS Vulnerability in Rails' Translation Helpers
CVE-2024-26143RailsRails6.1MEDIUMPossible ReDoS Vulnerability in Rails Accept Header Parsing
CVE-2024-26142RailsRails7.5HIGHRemote Code Execution Vulnerability in rails-routes-to-json by Omnitaint
CVE-2023-27849Rails-routes-to-j...Rails-routes-to-json9.8CRITICALImproper Neutralization of Script-Related HTML Tags in a Web Page in pay
CVE-2023-30614Pay-railsPay7.1HIGHrails-cv-app uploaded_files_controller.rb path traversal
CVE-2014-125033Rails-cv-app ProjectRails-cv-app3.5LOWrails-html-sanitizer contains an incomplete fix for an XSS vulnerability
CVE-2022-23520RailsRails-html-sanitizer6.1MEDIUMPossible XSS vulnerability with certain configurations of rails-html-sanitizer
CVE-2022-23519RailsRails-html-sanitizer6.1MEDIUMImproper neutralization of data URIs allows XSS in rails-html-sanitizer
CVE-2022-23518RailsRails-html-sanitizer6.1MEDIUM