CVE-2023-38037 |
There is a possible file disclosure of locally encrypted files in Active Support. This vulnerability has been assigned the CVE identifier CVE-2023-38037.
Versions Affected: >= 5.2.0 Not affected: < 5.2.0 Fixed Versions: 7.0.7.1, 6.1.7.5
# Impact
ActiveSupport::EncryptedFile writes contents that will be encrypted to a temporary file. The temporary file’s permissions are defaulted to the user’s current umask settings, meaning that it’s possible for other users on the same system to read the contents of the temporary file.
Attackers that have access to the file system could possibly read the contents of this temporary file while a user is editing it.
All users running an affected release should either upgrade or use one of the workarounds immediately.
# Releases
The fixed releases are available at the normal locations.
# Workarounds
To work around this issue, you can set your umask to be more restrictive like this:
```ruby
$ umask 0077
```
|
7.0.2.2,
7.0.3.1,
5.2.6,
7.0.2.4,
6.0.4.8,
6.0.4.7,
5.2.7,
6.1.4.7
, 6.0.4.6, 6.1.0, 6.1.7.4, 7.0.4.3, 7.0.4, 6.1.7.2, 6.1.7.1, 6.1.7, 7.0.4.1, 6.0.6, 7.0.2, 6.1.6, 6.0.6.1, 6.0.5.1, 5.2.6.2, 7.0.1, 5.2.8.1, 7.0.6, 7.0.5, 7.0.4.2, 6.1.6.1, 7.0.3, 6.0.5, 6.1.5.1, 5.2.7.1, 5.2.6.3, 7.0.2.3, 6.1.4.6, 6.1.3, 6.1.2.1, 6.0.4.4, 6.0.3.4, 6.0.3.1, 6.0.0.rc2, 5.2.4.2, 6.0.0.beta2, 5.2.4.6, 5.2.4.4, 5.2.3, 5.2.4.rc1, 5.2.1.1, 5.2.1.rc1, 5.2.0, 6.0.3, 6.0.1, 6.0.3.6, 5.2.4.5, 6.0.2.2, 7.0.2.1, 6.1.3.2, 6.0.3.7, 6.0.1.rc1, 5.2.6.1, 5.2.8, 6.1.4, 6.1.5, 6.1.4.4, 6.1.3.1, 6.0.0, 6.1.1, 6.0.4.2, 6.0.3.5, 6.0.3.3, 6.0.0.beta1, 5.2.4.1, 5.2.3.rc1, 7.0.0, 6.1.0.rc2, 6.0.2.1, 6.0.2.rc1, 6.0.4.3, 6.0.3.2, 6.0.0.rc1, 6.0.0.beta3, 5.2.2.rc1, 5.2.2.1, 6.1.2, 6.0.2, 6.0.2.rc2, 6.1.4.2, 6.1.4.5, 5.2.5, 5.2.4.3, 6.0.4.1, 6.1.4.3, 7.0.7, 6.0.4, 6.1.7.3, 6.0.4.5, 6.0.3.rc1, 5.2.1, 5.2.2, 5.2.4, 6.1.0.rc1, 6.1.4.1, 7.0.5.1
(Show all)
|
Patch → 7.0.7.1 |
CVE-2023-28120 |
There is a vulnerability in ActiveSupport if the new bytesplice method is called on a SafeBuffer with untrusted user input.
This vulnerability has been assigned the CVE identifier CVE-2023-28120.
Versions Affected: All. Not affected: None Fixed Versions: 7.0.4.3, 6.1.7.3
# Impact
ActiveSupport uses the SafeBuffer string subclass to tag strings as html_safe after they have been sanitized.
When these strings are mutated, the tag is should be removed to mark them as no longer being html_safe.
Ruby 3.2 introduced a new bytesplice method which ActiveSupport did not yet understand to be a mutation.
Users on older versions of Ruby are likely unaffected.
All users running an affected release and using bytesplice should either upgrade or use one of the workarounds immediately.
# Workarounds
Avoid calling bytesplice on a SafeBuffer (html_safe) string with untrusted user input.
|
2.3.8,
3.0.12,
3.2.6,
3.2.11,
3.1.7,
1.4.4,
3.0.17,
3.2.8.rc2
, 3.2.2, 3.0.6.rc2, 3.1.11, 3.0.0.rc, 3.1.0.rc2, 3.2.3, 3.1.1, 3.1.4, 3.2.12, 3.0.0.beta3, 3.1.0.beta1, 2.3.9, 3.2.2.rc1, 3.2.0, 3.2.8.rc1, 3.2.7.rc1, 3.2.13.rc2, 3.0.7.rc1, 3.0.4, 3.1.1.rc3, 3.1.1.rc1, 3.1.0, 2.3.12, 3.0.0.beta4, 2.3.6, 2.3.5, 2.2.3, 2.3.14, 2.0.2, 1.4.3, 1.4.0, 1.3.1, 1.2.4, 1.2.2, 1.1.1, 1.0.2, 3.0.10.rc1, 3.0.7, 3.0.11, 3.1.9, 3.1.0.rc4, 3.0.1, 3.0.5, 3.0.5.rc1, 3.0.2, 3.0.0.beta2, 3.1.10, 2.3.4, 3.0.20, 3.2.9, 3.2.4, 2.3.11, 3.0.0.rc2, 2.3.18, 2.3.8.pre1, 2.3.2, 2.3.7, 2.1.1, 1.4.2, 1.3.0, 1.2.1, 1.0.1, 3.2.10, 3.0.7.rc2, 3.0.6, 3.0.4.rc1, 2.3.3, 3.0.9.rc1, 3.0.8.rc4, 3.0.6.rc1, 3.1.2, 1.0.0, 3.2.5, 3.2.4.rc1, 3.2.3.rc2, 3.1.3, 3.1.6, 3.1.1.rc2, 3.1.0.rc8, 3.0.16, 3.1.0.rc3, 3.0.14, 3.1.0.rc1, 3.0.9, 2.3.6.pre, 3.0.pre, 1.0.4, 3.2.9.rc2, 3.0.8.rc2, 3.1.0.rc5, 2.0.1, 3.0.9.rc5, 2.0.0, 3.0.12.rc1, 1.2.5, 1.0.3, 3.2.7, 3.2.1, 3.2.9.rc3, 3.0.9.rc3, 3.0.8.rc1, 3.1.4.rc1, 3.1.2.rc2, 3.1.8, 3.0.13, 2.3.10, 3.0.0, 2.3.15, 2.3.17, 3.0.8, 3.0.13.rc1, 3.1.2.rc1, 3.0.18, 3.1.5.rc1, 3.1.0.rc6, 3.1.5, 3.2.3.rc1, 3.2.9.rc1, 3.2.8, 2.0.5, 2.3.9.pre, 3.0.3, 3.0.9.rc4, 2.0.4, 3.0.15, 3.0.0.beta, 2.3.16, 3.0.19, 2.2.2, 2.1.2, 3.2.13.rc1, 2.1.0, 1.2.3, 1.4.1, 1.1.0, 3.0.10, 4.0.13, 7.0.2.2, 7.0.3.1, 5.1.7, 4.2.11.3, 4.1.8, 3.2.22.5, 4.0.4, 5.2.6, 7.0.2.4, 6.0.4.8, 6.0.4.7, 5.2.7, 6.1.4.7, 6.0.4.6, 6.1.0, 7.0.4, 6.1.7.2, 6.1.7.1, 6.1.7, 7.0.4.1, 6.0.6, 7.0.2, 6.1.6, 6.0.6.1, 6.0.5.1, 5.2.6.2, 7.0.1, 5.2.8.1, 7.0.4.2, 6.1.6.1, 7.0.3, 6.0.5, 6.1.5.1, 5.2.7.1, 3.2.14.rc1, 5.2.6.3, 7.0.2.3, 6.1.4.6, 5.0.5.rc2, 5.0.5.rc1, 5.0.4, 5.0.2.rc1, 5.0.0.rc2, 5.0.0.rc1, 5.0.0.beta1, 5.0.0.beta1.1, 4.2.9, 4.2.6.rc1, 4.1.6.rc2, 4.1.3, 4.1.1, 4.2.0.beta4, 4.1.16.rc1, 4.1.13.rc1, 4.1.0, 4.0.10, 3.2.20, 4.0.7, 3.2.13, 3.2.0.rc1, 6.1.3, 6.1.2.1, 6.0.4.4, 6.0.3.4, 6.0.3.1, 6.0.0.rc2, 5.2.4.2, 6.0.0.beta2, 5.2.4.6, 5.2.4.4, 5.2.3, 5.2.4.rc1, 5.2.1.1, 5.2.1.rc1, 5.2.0, 5.2.0.rc2, 5.1.7.rc1, 5.1.5.rc1, 5.1.4, 5.1.3, 5.1.2.rc1, 5.1.0, 4.2.1, 5.1.0.rc1, 5.0.3, 5.0.0.racecar1, 4.2.7, 4.2.5.rc2, 4.2.1.rc1, 4.1.10, 4.1.5, 4.1.16, 4.1.14, 4.1.14.rc1, 4.2.1.rc4, 4.1.2.rc1, 4.0.9, 4.0.1.rc2, 4.0.0.beta1, 3.2.19, 3.2.0.rc2, 6.0.3, 6.0.1, 6.0.3.6, 4.1.10.rc1, 4.0.3, 4.1.0.rc1, 5.2.4.5, 3.2.22.4, 3.2.18, 3.2.15.rc3, 4.1.7, 6.0.2.2, 7.0.2.1, 3.2.15.rc2, 6.1.3.2, 6.0.3.7, 6.0.1.rc1, 5.0.0, 5.2.6.1, 4.2.8.rc1, 4.2.5.1, 4.2.2, 4.1.7.1, 4.2.0.beta2, 4.1.14.2, 4.1.0.beta2, 3.2.15, 4.2.9.rc2, 5.2.8, 3.2.16, 6.1.4, 6.1.5, 6.1.4.4, 6.1.3.1, 6.0.0, 6.1.1, 6.0.4.2, 6.0.3.5, 6.0.3.3, 6.0.0.beta1, 5.2.4.1, 5.2.3.rc1, 5.0.7.2, 4.1.0.beta1, 7.0.0, 6.1.0.rc2, 6.0.2.1, 6.0.2.rc1, 6.0.4.3, 6.0.3.2, 6.0.0.rc1, 6.0.0.beta3, 5.1.3.rc2, 5.1.2, 5.1.3.rc1, 5.1.0.beta1, 5.0.6.rc1, 5.0.0.beta3, 5.0.0.beta2, 4.2.11.2, 4.2.10.rc1, 4.2.3, 5.2.2.rc1, 3.2.22, 4.2.5, 5.2.2.1, 6.1.2, 4.2.5.rc1, 4.1.10.rc4, 4.2.7.1, 4.2.0.rc2, 4.1.14.1, 4.1.13, 4.1.4, 4.0.8, 3.2.14, 3.2.14.rc2, 4.0.6.rc3, 4.0.2, 4.0.1.rc4, 3.2.22.2, 3.2.15.rc1, 3.1.12, 5.2.0.beta2, 6.0.2, 6.0.2.rc2, 6.1.4.2, 6.1.4.5, 5.2.5, 5.2.4.3, 5.2.0.rc1, 5.1.5, 5.1.3.rc3, 5.0.7, 4.2.3.rc1, 4.2.0.rc1, 4.1.9.rc1, 4.1.15.rc1, 4.1.14.rc2, 4.0.12, 4.0.11.1, 4.0.0.rc2, 6.0.4.1, 4.1.0.rc2, 4.0.6, 4.2.10, 5.0.1, 4.1.2.rc2, 6.1.4.3, 4.0.0.rc1, 4.0.10.rc1, 4.0.1.rc1, 5.1.6, 5.0.7.1, 5.0.2, 6.0.4, 5.0.1.rc2, 5.0.1.rc1, 4.2.7.rc1, 4.2.4, 4.1.10.rc2, 4.2.4.rc1, 4.1.12, 4.0.6.rc1, 3.2.17, 4.0.10.rc2, 3.2.21, 3.2.22.1, 3.2.22.3, 4.0.0, 4.0.1.rc3, 4.0.1, 4.0.5, 4.1.2.rc3, 4.0.6.rc2, 4.1.6, 4.0.11, 4.1.9, 4.1.10.rc3, 4.1.15, 4.2.1.rc2, 4.2.0.beta3, 4.2.0.rc3, 4.2.8, 4.2.9.rc1, 4.2.11.1, 4.1.6.rc1, 5.0.0.1, 5.0.0.beta4, 4.1.11, 4.2.0, 4.1.12.rc1, 4.2.1.rc3, 5.0.6, 5.1.4.rc1, 4.2.5.2, 4.2.6, 5.1.6.2, 5.2.0.beta1, 6.0.4.5, 4.0.4.rc1, 4.0.13.rc1, 6.0.3.rc1, 5.0.5, 5.1.0.rc2, 5.1.1, 5.1.6.1, 5.2.1, 5.2.2, 5.2.4, 6.1.0.rc1, 6.1.4.1, 4.2.0.beta1, 4.1.2, 5.0.4.rc1, 4.2.11
(Show all)
|
Patch → 6.1.7.5 |
CVE-2023-22796 |
A regular expression based DoS vulnerability in Active Support <6.1.7.1 and <7.0.4.1. A specially crafted string passed to the underscore method can cause the regular expression engine to enter a state of catastrophic backtracking. This can cause the process to use large amounts of CPU and memory, leading to a possible DoS vulnerability. |
2.3.8,
3.0.12,
3.2.6,
3.2.11,
3.1.7,
1.4.4,
3.0.17,
3.2.8.rc2
, 3.2.2, 3.0.6.rc2, 3.1.11, 3.0.0.rc, 3.1.0.rc2, 3.2.3, 3.1.1, 3.1.4, 3.2.12, 3.0.0.beta3, 3.1.0.beta1, 2.3.9, 3.2.2.rc1, 3.2.0, 3.2.8.rc1, 3.2.7.rc1, 3.2.13.rc2, 3.0.7.rc1, 3.0.4, 3.1.1.rc3, 3.1.1.rc1, 3.1.0, 2.3.12, 3.0.0.beta4, 2.3.6, 2.3.5, 2.2.3, 2.3.14, 2.0.2, 1.4.3, 1.4.0, 1.3.1, 1.2.4, 1.2.2, 1.1.1, 1.0.2, 3.0.10.rc1, 3.0.7, 3.0.11, 3.1.9, 3.1.0.rc4, 3.0.1, 3.0.5, 3.0.5.rc1, 3.0.2, 3.0.0.beta2, 3.1.10, 2.3.4, 3.0.20, 3.2.9, 3.2.4, 2.3.11, 3.0.0.rc2, 2.3.18, 2.3.8.pre1, 2.3.2, 2.3.7, 2.1.1, 1.4.2, 1.3.0, 1.2.1, 1.0.1, 3.2.10, 3.0.7.rc2, 3.0.6, 3.0.4.rc1, 2.3.3, 3.0.9.rc1, 3.0.8.rc4, 3.0.6.rc1, 3.1.2, 1.0.0, 3.2.5, 3.2.4.rc1, 3.2.3.rc2, 3.1.3, 3.1.6, 3.1.1.rc2, 3.1.0.rc8, 3.0.16, 3.1.0.rc3, 3.0.14, 3.1.0.rc1, 3.0.9, 2.3.6.pre, 3.0.pre, 1.0.4, 3.2.9.rc2, 3.0.8.rc2, 3.1.0.rc5, 2.0.1, 3.0.9.rc5, 2.0.0, 3.0.12.rc1, 1.2.5, 1.0.3, 3.2.7, 3.2.1, 3.2.9.rc3, 3.0.9.rc3, 3.0.8.rc1, 3.1.4.rc1, 3.1.2.rc2, 3.1.8, 3.0.13, 2.3.10, 3.0.0, 2.3.15, 2.3.17, 3.0.8, 3.0.13.rc1, 3.1.2.rc1, 3.0.18, 3.1.5.rc1, 3.1.0.rc6, 3.1.5, 3.2.3.rc1, 3.2.9.rc1, 3.2.8, 2.0.5, 2.3.9.pre, 3.0.3, 3.0.9.rc4, 2.0.4, 3.0.15, 3.0.0.beta, 2.3.16, 3.0.19, 2.2.2, 2.1.2, 3.2.13.rc1, 2.1.0, 1.2.3, 1.4.1, 1.1.0, 3.0.10, 4.0.13, 7.0.2.2, 7.0.3.1, 5.1.7, 4.2.11.3, 4.1.8, 3.2.22.5, 4.0.4, 5.2.6, 7.0.2.4, 6.0.4.8, 6.0.4.7, 5.2.7, 6.1.4.7, 6.0.4.6, 6.1.0, 7.0.4, 6.1.7, 6.0.6, 7.0.2, 6.1.6, 6.0.6.1, 6.0.5.1, 5.2.6.2, 7.0.1, 5.2.8.1, 6.1.6.1, 7.0.3, 6.0.5, 6.1.5.1, 5.2.7.1, 3.2.14.rc1, 5.2.6.3, 7.0.2.3, 6.1.4.6, 5.0.5.rc2, 5.0.5.rc1, 5.0.4, 5.0.2.rc1, 5.0.0.rc2, 5.0.0.rc1, 5.0.0.beta1, 5.0.0.beta1.1, 4.2.9, 4.2.6.rc1, 4.1.6.rc2, 4.1.3, 4.1.1, 4.2.0.beta4, 4.1.16.rc1, 4.1.13.rc1, 4.1.0, 4.0.10, 3.2.20, 4.0.7, 3.2.13, 3.2.0.rc1, 6.1.3, 6.1.2.1, 6.0.4.4, 6.0.3.4, 6.0.3.1, 6.0.0.rc2, 5.2.4.2, 6.0.0.beta2, 5.2.4.6, 5.2.4.4, 5.2.3, 5.2.4.rc1, 5.2.1.1, 5.2.1.rc1, 5.2.0, 5.2.0.rc2, 5.1.7.rc1, 5.1.5.rc1, 5.1.4, 5.1.3, 5.1.2.rc1, 5.1.0, 4.2.1, 5.1.0.rc1, 5.0.3, 5.0.0.racecar1, 4.2.7, 4.2.5.rc2, 4.2.1.rc1, 4.1.10, 4.1.5, 4.1.16, 4.1.14, 4.1.14.rc1, 4.2.1.rc4, 4.1.2.rc1, 4.0.9, 4.0.1.rc2, 4.0.0.beta1, 3.2.19, 3.2.0.rc2, 6.0.3, 6.0.1, 6.0.3.6, 4.1.10.rc1, 4.0.3, 4.1.0.rc1, 5.2.4.5, 3.2.22.4, 3.2.18, 3.2.15.rc3, 4.1.7, 6.0.2.2, 7.0.2.1, 3.2.15.rc2, 6.1.3.2, 6.0.3.7, 6.0.1.rc1, 5.0.0, 5.2.6.1, 4.2.8.rc1, 4.2.5.1, 4.2.2, 4.1.7.1, 4.2.0.beta2, 4.1.14.2, 4.1.0.beta2, 3.2.15, 4.2.9.rc2, 5.2.8, 3.2.16, 6.1.4, 6.1.5, 6.1.4.4, 6.1.3.1, 6.0.0, 6.1.1, 6.0.4.2, 6.0.3.5, 6.0.3.3, 6.0.0.beta1, 5.2.4.1, 5.2.3.rc1, 5.0.7.2, 4.1.0.beta1, 7.0.0, 6.1.0.rc2, 6.0.2.1, 6.0.2.rc1, 6.0.4.3, 6.0.3.2, 6.0.0.rc1, 6.0.0.beta3, 5.1.3.rc2, 5.1.2, 5.1.3.rc1, 5.1.0.beta1, 5.0.6.rc1, 5.0.0.beta3, 5.0.0.beta2, 4.2.11.2, 4.2.10.rc1, 4.2.3, 5.2.2.rc1, 3.2.22, 4.2.5, 5.2.2.1, 6.1.2, 4.2.5.rc1, 4.1.10.rc4, 4.2.7.1, 4.2.0.rc2, 4.1.14.1, 4.1.13, 4.1.4, 4.0.8, 3.2.14, 3.2.14.rc2, 4.0.6.rc3, 4.0.2, 4.0.1.rc4, 3.2.22.2, 3.2.15.rc1, 3.1.12, 5.2.0.beta2, 6.0.2, 6.0.2.rc2, 6.1.4.2, 6.1.4.5, 5.2.5, 5.2.4.3, 5.2.0.rc1, 5.1.5, 5.1.3.rc3, 5.0.7, 4.2.3.rc1, 4.2.0.rc1, 4.1.9.rc1, 4.1.15.rc1, 4.1.14.rc2, 4.0.12, 4.0.11.1, 4.0.0.rc2, 6.0.4.1, 4.1.0.rc2, 4.0.6, 4.2.10, 5.0.1, 4.1.2.rc2, 6.1.4.3, 4.0.0.rc1, 4.0.10.rc1, 4.0.1.rc1, 5.1.6, 5.0.7.1, 5.0.2, 6.0.4, 5.0.1.rc2, 5.0.1.rc1, 4.2.7.rc1, 4.2.4, 4.1.10.rc2, 4.2.4.rc1, 4.1.12, 4.0.6.rc1, 3.2.17, 4.0.10.rc2, 3.2.21, 3.2.22.1, 3.2.22.3, 4.0.0, 4.0.1.rc3, 4.0.1, 4.0.5, 4.1.2.rc3, 4.0.6.rc2, 4.1.6, 4.0.11, 4.1.9, 4.1.10.rc3, 4.1.15, 4.2.1.rc2, 4.2.0.beta3, 4.2.0.rc3, 4.2.8, 4.2.9.rc1, 4.2.11.1, 4.1.6.rc1, 5.0.0.1, 5.0.0.beta4, 4.1.11, 4.2.0, 4.1.12.rc1, 4.2.1.rc3, 5.0.6, 5.1.4.rc1, 4.2.5.2, 4.2.6, 5.1.6.2, 5.2.0.beta1, 6.0.4.5, 4.0.4.rc1, 4.0.13.rc1, 6.0.3.rc1, 5.0.5, 5.1.0.rc2, 5.1.1, 5.1.6.1, 5.2.1, 5.2.2, 5.2.4, 6.1.0.rc1, 6.1.4.1, 4.2.0.beta1, 4.1.2, 5.0.4.rc1, 4.2.11
(Show all)
|
Patch → 6.1.7.5 |
CVE-2020-8165 |
A deserialization of untrusted data vulnernerability exists in rails < 5.2.4.3, rails < 6.0.3.1 that can allow an attacker to unmarshal user-provided objects in MemCacheStore and RedisCacheStore potentially resulting in an RCE. |
5.1.7,
5.0.5.rc2,
5.0.5.rc1,
5.0.4,
5.0.2.rc1,
5.2.4.2,
5.2.3,
5.2.4.rc1
, 5.2.1.1, 5.2.1.rc1, 5.2.0, 5.2.0.rc2, 5.1.7.rc1, 5.1.5.rc1, 5.1.4, 5.1.3, 5.1.2.rc1, 5.1.0, 5.1.0.rc1, 5.0.3, 6.0.3, 6.0.1, 6.0.2.2, 6.0.1.rc1, 5.0.0, 6.0.0, 5.2.4.1, 5.2.3.rc1, 5.0.7.2, 6.0.2.1, 6.0.2.rc1, 5.1.3.rc2, 5.1.2, 5.1.3.rc1, 5.1.0.beta1, 5.0.6.rc1, 5.2.2.rc1, 5.2.2.1, 5.2.0.beta2, 6.0.2, 6.0.2.rc2, 5.2.0.rc1, 5.1.5, 5.1.3.rc3, 5.0.7, 5.0.1, 5.1.6, 5.0.7.1, 5.0.2, 5.0.1.rc2, 5.0.1.rc1, 5.0.0.1, 5.0.6, 5.1.4.rc1, 5.1.6.2, 5.2.0.beta1, 6.0.3.rc1, 5.0.5, 5.1.0.rc2, 5.1.1, 5.1.6.1, 5.2.1, 5.2.2, 5.2.4, 5.0.4.rc1
(Show all)
|
Patch → 6.1.7.5 |
CVE-2015-3227 |
The (1) jdom.rb and (2) rexml.rb components in Active Support in Ruby on Rails before 4.1.11 and 4.2.x before 4.2.2, when JDOM or REXML is enabled, allow remote attackers to cause a denial of service (SystemStackError) via a large XML document depth. |
2.3.8,
3.0.12,
3.2.6,
3.2.11,
3.1.7,
1.4.4,
3.0.17,
3.2.8.rc2
, 3.2.2, 3.0.6.rc2, 3.1.11, 3.0.0.rc, 3.1.0.rc2, 3.2.3, 3.1.1, 3.1.4, 3.2.12, 3.0.0.beta3, 3.1.0.beta1, 2.3.9, 3.2.2.rc1, 3.2.0, 3.2.8.rc1, 3.2.7.rc1, 3.2.13.rc2, 3.0.7.rc1, 3.0.4, 3.1.1.rc3, 3.1.1.rc1, 3.1.0, 2.3.12, 3.0.0.beta4, 2.3.6, 2.3.5, 2.2.3, 2.3.14, 2.0.2, 1.4.3, 1.4.0, 1.3.1, 1.2.4, 1.2.2, 1.1.1, 1.0.2, 3.0.10.rc1, 3.0.7, 3.0.11, 3.1.9, 3.1.0.rc4, 3.0.1, 3.0.5, 3.0.5.rc1, 3.0.2, 3.0.0.beta2, 3.1.10, 2.3.4, 3.0.20, 3.2.9, 3.2.4, 2.3.11, 3.0.0.rc2, 2.3.18, 2.3.8.pre1, 2.3.2, 2.3.7, 2.1.1, 1.4.2, 1.3.0, 1.2.1, 1.0.1, 3.2.10, 3.0.7.rc2, 3.0.6, 3.0.4.rc1, 2.3.3, 3.0.9.rc1, 3.0.8.rc4, 3.0.6.rc1, 3.1.2, 1.0.0, 3.2.5, 3.2.4.rc1, 3.2.3.rc2, 3.1.3, 3.1.6, 3.1.1.rc2, 3.1.0.rc8, 3.0.16, 3.1.0.rc3, 3.0.14, 3.1.0.rc1, 3.0.9, 2.3.6.pre, 3.0.pre, 1.0.4, 3.2.9.rc2, 3.0.8.rc2, 3.1.0.rc5, 2.0.1, 3.0.9.rc5, 2.0.0, 3.0.12.rc1, 1.2.5, 1.0.3, 3.2.7, 3.2.1, 3.2.9.rc3, 3.0.9.rc3, 3.0.8.rc1, 3.1.4.rc1, 3.1.2.rc2, 3.1.8, 3.0.13, 2.3.10, 3.0.0, 2.3.15, 2.3.17, 3.0.8, 3.0.13.rc1, 3.1.2.rc1, 3.0.18, 3.1.5.rc1, 3.1.0.rc6, 3.1.5, 3.2.3.rc1, 3.2.9.rc1, 3.2.8, 2.0.5, 2.3.9.pre, 3.0.3, 3.0.9.rc4, 2.0.4, 3.0.15, 3.0.0.beta, 2.3.16, 3.0.19, 2.2.2, 2.1.2, 3.2.13.rc1, 2.1.0, 1.2.3, 1.4.1, 1.1.0, 3.0.10, 4.0.13, 4.1.8, 3.2.22.5, 4.0.4, 3.2.14.rc1, 4.1.6.rc2, 4.1.3, 4.1.1, 4.1.0, 4.0.10, 3.2.20, 4.0.7, 3.2.13, 3.2.0.rc1, 4.2.1, 4.2.1.rc1, 4.1.10, 4.1.5, 4.2.1.rc4, 4.1.2.rc1, 4.0.9, 4.0.1.rc2, 4.0.0.beta1, 3.2.19, 3.2.0.rc2, 4.1.10.rc1, 4.0.3, 4.1.0.rc1, 3.2.22.4, 3.2.18, 3.2.15.rc3, 4.1.7, 3.2.15.rc2, 4.1.7.1, 4.1.0.beta2, 3.2.15, 3.2.16, 4.1.0.beta1, 3.2.22, 4.1.10.rc4, 4.1.4, 4.0.8, 3.2.14, 3.2.14.rc2, 4.0.6.rc3, 4.0.2, 4.0.1.rc4, 3.2.22.2, 3.2.15.rc1, 3.1.12, 4.1.9.rc1, 4.0.12, 4.0.11.1, 4.0.0.rc2, 4.1.0.rc2, 4.0.6, 4.1.2.rc2, 4.0.0.rc1, 4.0.10.rc1, 4.0.1.rc1, 4.1.10.rc2, 4.0.6.rc1, 3.2.17, 4.0.10.rc2, 3.2.21, 3.2.22.1, 3.2.22.3, 4.0.0, 4.0.1.rc3, 4.0.1, 4.0.5, 4.1.2.rc3, 4.0.6.rc2, 4.1.6, 4.0.11, 4.1.9, 4.1.10.rc3, 4.2.1.rc2, 4.1.6.rc1, 4.2.0, 4.2.1.rc3, 4.0.4.rc1, 4.0.13.rc1, 4.1.2
(Show all)
|
Patch → 6.1.7.5 |
CVE-2015-3226 |
Cross-site scripting (XSS) vulnerability in json/encoding.rb in Active Support in Ruby on Rails 3.x and 4.1.x before 4.1.11 and 4.2.x before 4.2.2 allows remote attackers to inject arbitrary web script or HTML via a crafted Hash that is mishandled during JSON encoding. |
4.1.8,
4.1.6.rc2,
4.1.3,
4.1.1,
4.1.0,
4.2.1,
4.2.1.rc1,
4.1.10
, 4.1.5, 4.2.1.rc4, 4.1.2.rc1, 4.1.10.rc1, 4.1.7, 4.1.7.1, 4.1.10.rc4, 4.1.4, 4.1.9.rc1, 4.1.2.rc2, 4.1.10.rc2, 4.1.2.rc3, 4.1.6, 4.1.9, 4.1.10.rc3, 4.2.1.rc2, 4.1.6.rc1, 4.2.0, 4.2.1.rc3, 4.1.2
(Show all)
|
Patch → 6.1.7.5 |
CVE-2013-1856 |
The ActiveSupport::XmlMini_JDOM backend in lib/active_support/xml_mini/jdom.rb in the Active Support component in Ruby on Rails 3.0.x and 3.1.x before 3.1.12 and 3.2.x before 3.2.13, when JRuby is used, does not properly restrict the capabilities of the XML parser, which allows remote attackers to read arbitrary files or cause a denial of service (resource consumption) via vectors involving (1) an external DTD or (2) an external entity declaration in conjunction with an entity reference. |
3.0.12,
3.2.6,
3.2.11,
3.1.7,
3.0.17,
3.2.8.rc2,
3.2.2,
3.0.6.rc2
, 3.1.11, 3.1.0.rc2, 3.2.3, 3.1.1, 3.1.4, 3.2.12, 3.1.0.beta1, 3.2.2.rc1, 3.2.0, 3.2.8.rc1, 3.2.7.rc1, 3.2.13.rc2, 3.0.7.rc1, 3.0.4, 3.1.1.rc3, 3.1.1.rc1, 3.1.0, 3.0.10.rc1, 3.0.7, 3.0.11, 3.1.9, 3.1.0.rc4, 3.0.1, 3.0.5, 3.0.5.rc1, 3.0.2, 3.1.10, 3.0.20, 3.2.9, 3.2.4, 3.2.10, 3.0.7.rc2, 3.0.6, 3.0.4.rc1, 3.0.9.rc1, 3.0.8.rc4, 3.0.6.rc1, 3.1.2, 3.2.5, 3.2.4.rc1, 3.2.3.rc2, 3.1.3, 3.1.6, 3.1.1.rc2, 3.1.0.rc8, 3.0.16, 3.1.0.rc3, 3.0.14, 3.1.0.rc1, 3.0.9, 3.2.9.rc2, 3.0.8.rc2, 3.1.0.rc5, 3.0.9.rc5, 3.0.12.rc1, 3.2.7, 3.2.1, 3.2.9.rc3, 3.0.9.rc3, 3.0.8.rc1, 3.1.4.rc1, 3.1.2.rc2, 3.1.8, 3.0.13, 3.0.0, 3.0.8, 3.0.13.rc1, 3.1.2.rc1, 3.0.18, 3.1.5.rc1, 3.1.0.rc6, 3.1.5, 3.2.3.rc1, 3.2.9.rc1, 3.2.8, 3.0.3, 3.0.9.rc4, 3.0.15, 3.0.19, 3.2.13.rc1, 3.0.10
(Show all)
|
Patch → 6.1.7.5 |
CVE-2013-0333 |
lib/active_support/json/backends/yaml.rb in Ruby on Rails 2.3.x before 2.3.16 and 3.0.x before 3.0.20 does not properly convert JSON data to YAML data for processing by a YAML parser, which allows remote attackers to execute arbitrary code, conduct SQL injection attacks, or bypass authentication via crafted data that triggers unsafe decoding, a different vulnerability than CVE-2013-0156. |
2.3.8,
3.0.12,
3.0.17,
3.0.6.rc2,
2.3.9,
3.0.7.rc1,
3.0.4,
2.3.12
, 2.3.6, 2.3.5, 2.3.14, 3.0.10.rc1, 3.0.7, 3.0.11, 3.0.1, 3.0.5, 3.0.5.rc1, 3.0.2, 2.3.4, 2.3.11, 2.3.8.pre1, 2.3.2, 2.3.7, 3.0.7.rc2, 3.0.6, 3.0.4.rc1, 2.3.3, 3.0.9.rc1, 3.0.8.rc4, 3.0.6.rc1, 3.0.16, 3.0.14, 3.0.9, 2.3.6.pre, 3.0.8.rc2, 3.0.9.rc5, 3.0.12.rc1, 3.0.9.rc3, 3.0.8.rc1, 3.0.13, 2.3.10, 3.0.0, 2.3.15, 3.0.8, 3.0.13.rc1, 3.0.18, 2.3.9.pre, 3.0.3, 3.0.9.rc4, 3.0.15, 3.0.19, 3.0.10
(Show all)
|
Patch → 6.1.7.5 |
CVE-2012-3464 |
Cross-site scripting (XSS) vulnerability in activesupport/lib/active_support/core_ext/string/output_safety.rb in Ruby on Rails before 3.0.17, 3.1.x before 3.1.8, and 3.2.x before 3.2.8 might allow remote attackers to inject arbitrary web script or HTML via vectors involving a ' (quote) character. |
2.3.8,
3.0.12,
3.2.6,
3.1.7,
1.4.4,
3.2.8.rc2,
3.2.2,
3.0.6.rc2
, 3.0.0.rc, 3.2.3, 3.1.1, 3.1.4, 3.0.0.beta3, 2.3.9, 3.2.2.rc1, 3.2.0, 3.2.8.rc1, 3.2.7.rc1, 3.0.7.rc1, 3.0.4, 3.1.1.rc3, 3.1.1.rc1, 3.1.0, 2.3.12, 3.0.0.beta4, 2.3.6, 2.3.5, 2.2.3, 2.3.14, 2.0.2, 1.4.3, 1.4.0, 1.3.1, 1.2.4, 1.2.2, 1.1.1, 1.0.2, 3.0.10.rc1, 3.0.7, 3.0.11, 3.0.1, 3.0.5, 3.0.5.rc1, 3.0.2, 3.0.0.beta2, 2.3.4, 3.2.4, 2.3.11, 3.0.0.rc2, 2.3.18, 2.3.8.pre1, 2.3.2, 2.3.7, 2.1.1, 1.4.2, 1.3.0, 1.2.1, 1.0.1, 3.0.7.rc2, 3.0.6, 3.0.4.rc1, 2.3.3, 3.0.9.rc1, 3.0.8.rc4, 3.0.6.rc1, 3.1.2, 1.0.0, 3.2.5, 3.2.4.rc1, 3.2.3.rc2, 3.1.3, 3.1.6, 3.1.1.rc2, 3.0.16, 3.0.14, 3.0.9, 2.3.6.pre, 3.0.pre, 1.0.4, 3.0.8.rc2, 2.0.1, 3.0.9.rc5, 2.0.0, 3.0.12.rc1, 1.2.5, 1.0.3, 3.2.7, 3.2.1, 3.0.9.rc3, 3.0.8.rc1, 3.1.4.rc1, 3.1.2.rc2, 3.0.13, 2.3.10, 3.0.0, 2.3.15, 2.3.17, 3.0.8, 3.0.13.rc1, 3.1.2.rc1, 3.1.5.rc1, 3.1.5, 3.2.3.rc1, 2.0.5, 2.3.9.pre, 3.0.3, 3.0.9.rc4, 2.0.4, 3.0.15, 3.0.0.beta, 2.3.16, 2.2.2, 2.1.2, 2.1.0, 1.2.3, 1.4.1, 1.1.0, 3.0.10
(Show all)
|
Patch → 6.1.7.5 |
CVE-2012-1098 |
Cross-site scripting (XSS) vulnerability in Ruby on Rails 3.0.x before 3.0.12, 3.1.x before 3.1.4, and 3.2.x before 3.2.2 allows remote attackers to inject arbitrary web script or HTML via vectors involving a SafeBuffer object that is manipulated through certain methods. |
3.0.6.rc2,
3.1.1,
3.2.2.rc1,
3.2.0,
3.0.7.rc1,
3.0.4,
3.1.1.rc3,
3.1.1.rc1
, 3.1.0, 3.0.10.rc1, 3.0.7, 3.0.11, 3.0.1, 3.0.5, 3.0.5.rc1, 3.0.2, 3.0.7.rc2, 3.0.6, 3.0.4.rc1, 3.0.9.rc1, 3.0.8.rc4, 3.0.6.rc1, 3.1.2, 3.1.3, 3.1.1.rc2, 3.0.9, 3.0.8.rc2, 3.0.9.rc5, 3.0.12.rc1, 3.2.1, 3.0.9.rc3, 3.0.8.rc1, 3.1.4.rc1, 3.1.2.rc2, 3.0.0, 3.0.8, 3.1.2.rc1, 3.0.3, 3.0.9.rc4, 3.0.10
(Show all)
|
Patch → 6.1.7.5 |
CVE-2011-2932 |
Cross-site scripting (XSS) vulnerability in activesupport/lib/active_support/core_ext/string/output_safety.rb in Ruby on Rails 2.x before 2.3.13, 3.0.x before 3.0.10, and 3.1.x before 3.1.0.rc5 allows remote attackers to inject arbitrary web script or HTML via a malformed Unicode string, related to a "UTF-8 escaping vulnerability." |
2.3.8,
3.0.6.rc2,
2.3.9,
3.0.7.rc1,
3.0.4,
2.3.12,
2.3.6,
2.3.5
, 2.2.3, 2.0.2, 3.0.10.rc1, 3.0.7, 3.0.1, 3.0.5, 3.0.5.rc1, 3.0.2, 2.3.4, 2.3.11, 2.3.8.pre1, 2.3.2, 2.3.7, 2.1.1, 3.0.7.rc2, 3.0.6, 3.0.4.rc1, 2.3.3, 3.0.9.rc1, 3.0.8.rc4, 3.0.6.rc1, 3.0.9, 2.3.6.pre, 3.0.8.rc2, 2.0.1, 3.0.9.rc5, 2.0.0, 3.0.9.rc3, 3.0.8.rc1, 2.3.10, 3.0.0, 3.0.8, 2.0.5, 2.3.9.pre, 3.0.3, 3.0.9.rc4, 2.0.4, 2.2.2, 2.1.2, 2.1.0
(Show all)
|
Patch → 6.1.7.5 |
CVE-2011-2197 |
The cross-site scripting (XSS) prevention feature in Ruby on Rails 2.x before 2.3.12, 3.0.x before 3.0.8, and 3.1.x before 3.1.0.rc2 does not properly handle mutation of safe buffers, which makes it easier for remote attackers to conduct XSS attacks via crafted strings to an application that uses a problematic string method, as demonstrated by the sub method. |
2.3.8,
3.0.6.rc2,
2.3.9,
3.0.7.rc1,
3.0.4,
2.3.6,
2.3.5,
2.2.3
, 2.0.2, 3.0.1, 3.0.5, 3.0.5.rc1, 3.0.2, 2.3.4, 2.3.8.pre1, 2.3.2, 2.3.7, 2.1.1, 3.0.7.rc2, 3.0.6, 3.0.4.rc1, 2.3.3, 3.0.6.rc1, 2.3.6.pre, 2.0.1, 2.0.0, 2.3.10, 3.0.0, 2.0.5, 2.3.9.pre, 3.0.3, 2.0.4, 2.2.2, 2.1.2, 2.1.0
(Show all)
|
Patch → 6.1.7.5 |
CVE-2009-3086 |
A certain algorithm in Ruby on Rails 2.1.0 through 2.2.2, and 2.3.x before 2.3.4, leaks information about the complexity of message-digest signature verification in the cookie store, which might allow remote attackers to forge a digest via multiple attempts. |
2.3.2,
2.1.1,
2.3.3,
2.2.2,
2.1.2,
2.1.0
|
Patch → 6.1.7.5 |
CVE-2009-3009 |
Cross-site scripting (XSS) vulnerability in Ruby on Rails 2.x before 2.2.3, and 2.3.x before 2.3.4, allows remote attackers to inject arbitrary web script or HTML by placing malformed Unicode strings into a form helper. |
2.0.2,
2.3.2,
2.1.1,
2.3.3,
2.0.1,
2.0.0,
2.0.5,
2.0.4
, 2.2.2, 2.1.2, 2.1.0
(Show all)
|
Patch → 6.1.7.5 |