RSS   Podatności dla 'Rails'   RSS

2021-10-19
 
CVE-2011-1497

CWE-79
 

 
A cross-site scripting vulnerability flaw was found in the auto_link function in Rails before version 3.0.6.

 
2021-10-18
 
CVE-2021-22942

CWE-601
 

 
A possible open redirect vulnerability in the Host Authorization middleware in Action Pack >= 6.0.0 that could allow attackers to redirect users to a malicious website.

 
2021-02-11
 
CVE-2021-22881

CWE-601
 

 
The Host Authorization middleware in Action Pack before 6.1.2.1, 6.0.3.5 suffers from an open redirect vulnerability. Specially crafted `Host` headers in combination with certain "allowed host" formats can cause the Host Authorization middleware in Action Pack to redirect users to a malicious website. Impacted applications will have allowed hosts with a leading dot. When an allowed host contains a leading dot, a specially crafted `Host` header can be used to redirect to a malicious website.

 
 
CVE-2021-22880

CWE-400
 

 
The PostgreSQL adapter in Active Record before 6.1.2.1, 6.0.3.5, 5.2.4.5 suffers from a regular expression denial of service (REDoS) vulnerability. Carefully crafted input can cause the input validation in the `money` type of the PostgreSQL adapter in Active Record to spend too much time in a regular expression, resulting in the potential for a DoS attack. This only impacts Rails applications that are using PostgreSQL along with money type columns that take user input.

 
2021-01-06
 
CVE-2020-8264

CWE-79
 

 
In actionpack gem >= 6.0.0, a possible XSS vulnerability exists when an application is running in development mode allowing an attacker to send or embed (in another page) a specially crafted URL which can allow the attacker to execute JavaScript in the context of the local application. This vulnerability is in the Actionable Exceptions middleware.

 
2020-07-02
 
CVE-2020-8185

CWE-400
 

 
A denial of service vulnerability exists in Rails <6.0.3.2 that allowed an untrusted user to run any pending migrations on a Rails app running in production.

 
 
CVE-2020-8166

CWE-352
 

 
A CSRF forgery vulnerability exists in rails < 5.2.5, rails < 6.0.4 that makes it possible for an attacker to, given a global CSRF token such as the one present in the authenticity_token meta tag, forge a per-form CSRF token.

 
 
CVE-2020-8163

CWE-94
 

 
The is a code injection vulnerability in versions of Rails prior to 5.0.1 that wouldallow an attacker who controlled the `locals` argument of a `render` call to perform a RCE.

 
2020-06-19
 
CVE-2020-8167

CWE-352
 

 
A CSRF vulnerability exists in rails <= 6.0.3 rails-ujs module that could allow attackers to send CSRF tokens to wrong domains.

 
 
CVE-2020-8165

CWE-502
 

 
A deserialization of untrusted data vulnernerability exists in rails < 5.2.5, rails < 6.0.4 that can allow an attacker to unmarshal user-provided objects in MemCacheStore and RedisCacheStore potentially resulting in an RCE.

 


Copyright 2021, cxsecurity.com

 

Back to Top