Ruby on Rails: Security

Showing 1-20 of 69 topics
Denial of Service Vulnerability in Action View when using render :text (CVE-2014-0082) Aaron Patterson 2/18/14
Data Injection Vulnerability in Active Record (CVE-2014-0080) Aaron Patterson 2/18/14
XSS Vulnerability in number_to_currency, number_to_percentage and number_to_human (CVE-2014-0081) Aaron Patterson 2/18/14
[CVE-2013-6416] XSS Vulnerability in simple_format helper Aaron Patterson 12/3/13
[CVE-2013-6414] Denial of Service Vulnerability in Action View Aaron Patterson 12/3/13
[CVE-2013-6415] XSS Vulnerability in number_to_currency Aaron Patterson 12/3/13
[CVE-2013-6417] Incomplete fix to CVE-2013-0155 (Unsafe Query Generation Risk) Aaron Patterson 12/3/13
[CVE-2013-4491] Reflective XSS Vulnerability in Ruby on Rails Aaron Patterson 12/3/13
[CVE-2013-1854] Symbol DoS vulnerability in Active Record Aaron Patterson 3/18/13
[CVE-2013-1857] XSS Vulnerability in the `sanitize` helper of Ruby on Rails Aaron Patterson 3/18/13
[CVE-2013-1856] XML Parsing Vulnerability affecting JRuby users Aaron Patterson 3/18/13
[CVE-2013-1855] XSS vulnerability in sanitize_css in Action Pack Aaron Patterson 3/18/13
Upgrading the JSON gem Aaron Patterson 2/11/13
Patch update for [CVE-2013-0269] Aaron Patterson 2/11/13
Denial of Service and Unsafe Object Creation Vulnerability in JSON [CVE-2013-0269] Aaron Patterson 2/11/13
Serialized Attributes YAML Vulnerability with Rails 2.3 and 3.0 [CVE-2013-0277] Aaron Patterson 2/11/13
Circumvention of attr_protected [CVE-2013-0276] Aaron Patterson 2/11/13
Potential Query Manipulation with Common Rails Practises Michael Koziarski 2/6/13
Vulnerability in JSON Parser in Ruby on Rails 3.0 and 2.3 Michael Koziarski 1/28/13
Maintenance policy for Ruby on Rails Michael Koziarski 1/21/13
More topics »