Filtered by vendor Rubyonrails
Subscriptions
Filtered by product Rails
Subscriptions
Total
123 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-16476 | 2 Redhat, Rubyonrails | 3 Cloudforms, Cloudforms Managementengine, Rails | 2024-11-21 | N/A |
| A Broken Access Control vulnerability in Active Job versions >= 4.2.0 allows an attacker to craft user input which can cause Active Job to deserialize it using GlobalId and give them access to information that they should not have. This vulnerability has been fixed in versions 4.2.11, 5.0.7.1, 5.1.6.1, and 5.2.1.1. | ||||
| CVE-2011-1497 | 1 Rubyonrails | 1 Rails | 2024-11-21 | 6.1 Medium |
| A cross-site scripting vulnerability flaw was found in the auto_link function in Rails before version 3.0.6. | ||||
| CVE-2010-3299 | 2 Debian, Rubyonrails | 2 Debian Linux, Rails | 2024-11-21 | 6.5 Medium |
| The encrypt/decrypt functions in Ruby on Rails 2.3 are vulnerable to padding oracle attacks. | ||||