Https Github.Com Rails Rails vulnerabilities

CVE-2023-22792 [HIGH] CWE-400 CVE-2023-22792: A regular expression based DoS vulnerability in Action Dispatch <6.0.6.1,< 6.1.7.1, and <7.0.4.1. Sp A regular expression based DoS vulnerability in Action Dispatch <6.0.6.1,< 6.1.7.1, and <7.0.4.1. Specially crafted cookies, in combination with a specially crafted X_FORWARDED_HOST header can cause the regular expression engine to enter a state of catastrophic backtracking. This can cause the process to use large amounts of CPU and memory, leading to

CVE-2022-44566 [HIGH] CWE-400 CVE-2022-44566: A denial of service vulnerability present in ActiveRecord's PostgreSQL adapter <7.0.4.1 and <6.1.7.1 A denial of service vulnerability present in ActiveRecord's PostgreSQL adapter <7.0.4.1 and <6.1.7.1. When a value outside the range for a 64bit signed integer is provided to the PostgreSQL connection adapter, it will treat the target column type as numeric. Comparing integer values against numeric values can result in a slow sequential scan resulting

CVE-2023-22794 [HIGH] CWE-89 CVE-2023-22794: A vulnerability in ActiveRecord <6.0.6.1, v6.1.7.1 and v7.0.4.1 related to the sanitization of comme A vulnerability in ActiveRecord <6.0.6.1, v6.1.7.1 and v7.0.4.1 related to the sanitization of comments. If malicious user input is passed to either the `annotate` query method, the `optimizer_hints` query method, or through the QueryLogs interface which automatically adds annotations, it may be sent to the database withinsufficient sanitization and be

CVE-2023-22796 [HIGH] CWE-400 CVE-2023-22796: A regular expression based DoS vulnerability in Active Support <6.1.7.1 and <7.0.4.1. A specially cr A regular expression based DoS vulnerability in Active Support <6.1.7.1 and <7.0.4.1. A specially crafted string passed to the underscore method can cause the regular expression engine to enter a state of catastrophic backtracking. This can cause the process to use large amounts of CPU and memory, leading to a possible DoS vulnerability.

CVE-2023-22795 [HIGH] CWE-400 CVE-2023-22795: A regular expression based DoS vulnerability in Action Dispatch <6.1.7.1 and <7.0.4.1 related to the A regular expression based DoS vulnerability in Action Dispatch <6.1.7.1 and <7.0.4.1 related to the If-None-Match header. A specially crafted HTTP If-None-Match header can cause the regular expression engine to enter a state of catastrophic backtracking, when on a version of Ruby below 3.2.0. This can cause the process to use large amounts of CPU and

CVE-2023-22797 [MEDIUM] CWE-601 CVE-2023-22797: An open redirect vulnerability is fixed in Rails 7.0.4.1 with the new protection against open redire An open redirect vulnerability is fixed in Rails 7.0.4.1 with the new protection against open redirects from calling redirect_to with untrusted user input. In prior versions the developer was fully responsible for only providing trusted input. However the check introduced could allow an attacker to bypass with a carefully crafted URL resulting in an

CVE-2022-32224 [CRITICAL] CWE-502 CVE-2022-32224: A possible escalation to RCE vulnerability exists when using YAML serialized columns in Active Recor A possible escalation to RCE vulnerability exists when using YAML serialized columns in Active Record < 7.0.3.1, <6.1.6.1, <6.0.5.1 and <5.2.8.1 which could allow an attacker, that can manipulate data in the database (via means like SQL injection), the ability to escalate to an RCE.

CVE-2022-21831 [CRITICAL] CWE-94 CVE-2022-21831: A code injection vulnerability exists in the Active Storage >= v5.2.0 that could allow an attacker t A code injection vulnerability exists in the Active Storage >= v5.2.0 that could allow an attacker to execute code via image_processing arguments.

CVE-2022-22577 [MEDIUM] CWE-79 CVE-2022-22577: An XSS Vulnerability in Action Pack >= 5.2.0 and < 5.2.0 that could allow an attacker to bypass CSP An XSS Vulnerability in Action Pack >= 5.2.0 and < 5.2.0 that could allow an attacker to bypass CSP for non HTML like responses.

CVE-2022-27777 [MEDIUM] CWE-79 CVE-2022-27777: A XSS Vulnerability in Action View tag helpers >= 5.2.0 and < 5.2.0 which would allow an attacker to A XSS Vulnerability in Action View tag helpers >= 5.2.0 and < 5.2.0 which would allow an attacker to inject content if able to control input into specific attributes.

CVE-2021-44528 [MEDIUM] CWE-601 CVE-2021-44528: A open redirect vulnerability exists in Action Pack >= 6.0.0 that could allow an attacker to craft a A open redirect vulnerability exists in Action Pack >= 6.0.0 that could allow an attacker to craft a "X-Forwarded-Host" headers in combination with certain "allowed host" formats can cause the Host Authorization middleware in Action Pack to redirect users to a malicious website.

CVE-2021-22942 [MEDIUM] CWE-601 CVE-2021-22942: A possible open redirect vulnerability in the Host Authorization middleware in Action Pack >= 6.0.0 A possible open redirect vulnerability in the Host Authorization middleware in Action Pack >= 6.0.0 that could allow attackers to redirect users to a malicious website.

CVE-2021-22904 [HIGH] CWE-400 CVE-2021-22904: The actionpack ruby gem before 6.1.3.2, 6.0.3.7, 5.2.4.6, 5.2.6 suffers from a possible denial of se The actionpack ruby gem before 6.1.3.2, 6.0.3.7, 5.2.4.6, 5.2.6 suffers from a possible denial of service vulnerability in the Token Authentication logic in Action Controller due to a too permissive regular expression. Impacted code uses `authenticate_or_request_with_http_token` or `authenticate_with_http_token` for request authentication.

CVE-2021-22902 [HIGH] CWE-400 CVE-2021-22902: The actionpack ruby gem (a framework for handling and responding to web requests in Rails) before 6. The actionpack ruby gem (a framework for handling and responding to web requests in Rails) before 6.0.3.7, 6.1.3.2 suffers from a possible denial of service vulnerability in the Mime type parser of Action Dispatch. Carefully crafted Accept headers can cause the mime type parser in Action Dispatch to do catastrophic backtracking in the regular expressi

CVE-2021-22903 [MEDIUM] CWE-601 CVE-2021-22903: The actionpack ruby gem before 6 The actionpack ruby gem before 6.1.3.2 suffers from a possible open redirect vulnerability. Specially crafted Host headers in combination with certain "allowed host" formats can cause the Host Authorization middleware in Action Pack to redirect users to a malicious website. This is similar to CVE-2021-22881. Strings in config.hosts that do not have a leading dot are converted to regular expressions without proper es

CVE-2021-22885 [HIGH] CWE-209 CVE-2021-22885: A possible information disclosure / unintended method execution vulnerability in Action Pack >= 2.0. A possible information disclosure / unintended method execution vulnerability in Action Pack >= 2.0.0 when using the `redirect_to` or `polymorphic_url`helper with untrusted user input.

CVE-2021-22880 [HIGH] CWE-400 CVE-2021-22880: The PostgreSQL adapter in Active Record before 6.1.2.1, 6.0.3.5, 5.2.4.5 suffers from a regular expr The PostgreSQL adapter in Active Record before 6.1.2.1, 6.0.3.5, 5.2.4.5 suffers from a regular expression denial of service (REDoS) vulnerability. Carefully crafted input can cause the input validation in the `money` type of the PostgreSQL adapter in Active Record to spend too much time in a regular expression, resulting in the potential for a DoS at

CVE-2021-22881 [MEDIUM] CWE-601 CVE-2021-22881: The Host Authorization middleware in Action Pack before 6.1.2.1, 6.0.3.5 suffers from an open redire The Host Authorization middleware in Action Pack before 6.1.2.1, 6.0.3.5 suffers from an open redirect vulnerability. Specially crafted `Host` headers in combination with certain "allowed host" formats can cause the Host Authorization middleware in Action Pack to redirect users to a malicious website. Impacted applications will have allowed hosts wi

CVE-2020-8264 [MEDIUM] CWE-79 CVE-2020-8264: In actionpack gem >= 6.0.0, a possible XSS vulnerability exists when an application is running in de In actionpack gem >= 6.0.0, a possible XSS vulnerability exists when an application is running in development mode allowing an attacker to send or embed (in another page) a specially crafted URL which can allow the attacker to execute JavaScript in the context of the local application. This vulnerability is in the Actionable Exceptions middleware.

CVE-2020-8163 [HIGH] CWE-94 CVE-2020-8163: The is a code injection vulnerability in versions of Rails prior to 5.0.1 that wouldallow an attacke The is a code injection vulnerability in versions of Rails prior to 5.0.1 that wouldallow an attacker who controlled the `locals` argument of a `render` call to perform a RCE.