Ruby on Rails: Security

Showing 1-20 of 125 topics

[CVE-2021-22881] Possible Open Redirect in Host Authorization Middleware	Rafael França	2/10/21
[CVE-2021-22880] Possible DoS Vulnerability in Active Record PostgreSQL adapter	Rafael França	2/10/21
[CVE-2020-8264] Possible XSS Vulnerability in Action Pack in Development Mode	Aaron Patterson	10/7/20
[CVE-2020-15169] Potential XSS vulnerability in Action View	George Claghorn	9/9/20
[CVE-2020-8185] Untrusted users able to run pending migrations in production	Aaron Patterson	6/17/20
[CVE-2020-8184] Percent-encoded cookies can be used to overwrite existing prefixed cookie names	Aaron Patterson	6/15/20
[CVE-2020-8167] CSRF Vulnerability in rails-ujs	Aaron Patterson	5/18/20
[CVE-2020-8166] Ability to forge per-form CSRF tokens given a global CSRF token	Aaron Patterson	5/18/20
[CVE-2020-8165] Potentially unintended unmarshalling of user-provided objects in MemCacheStore and RedisCacheStore	Aaron Patterson	5/18/20
[CVE-2020-8164] Possible Strong Parameters Bypass in ActionPack	Aaron Patterson	5/18/20
[CVE-2020-8162] Circumvention of file size limits in ActiveStorage	Aaron Patterson	5/18/20
[CVE-2020-8163] Potential remote code execution of user-provided local names in Rails < 5.0.1	Aaron Patterson	5/15/20
[CVE-2020-8161] Directory traversal in Rack::Directory	Aaron Patterson	5/12/20
[CVE-2020-8159] Arbitrary file write/potential remote code execution in actionpack_page-caching	Aaron Patterson	5/6/20
[CVE-2020-8151] Possible information disclosure issue in Active Resource	Aaron Patterson	5/5/20
[CVE-2020-5267] Possible XSS vulnerability in ActionView	Aaron Patterson	3/19/20
[CVE-2019-5418] Amendment: Possible Remote Code Execution Exploit in Action View	Aaron Patterson	3/22/19
[CVE-2019-5418] File Content Disclosure in Action View	Aaron Patterson	3/13/19
[CVE-2019-5419] Denial of Service Vulnerability in Action View	Aaron Patterson	3/13/19
[CVE-2019-5420] Possible Remote Code Execution Exploit in Rails Development Mode	Aaron Patterson	3/13/19