Rails vulnerabilities

CVE-2025-55193 [LOW] CWE-150 CVE-2025-55193: Active Record connects classes to relational database tables. Prior to versions 7.1.5.2, 7.2.2.2, an Active Record connects classes to relational database tables. Prior to versions 7.1.5.2, 7.2.2.2, and 8.0.2.1, the ID passed to find or similar methods may be logged without escaping. If this is directly to the terminal it may include unescaped ANSI sequences. This issue has been patched in versions 7.1.5.2, 7.2.2.2, and 8.0.2.1.

CVE-2024-54133 [LOW] CWE-79 CVE-2024-54133: Action Pack is a framework for handling and responding to web requests. There is a possible Cross Si Action Pack is a framework for handling and responding to web requests. There is a possible Cross Site Scripting (XSS) vulnerability in the `content_security_policy` helper starting in version 5.2.0 of Action Pack and prior to versions 7.0.8.7, 7.1.5.1, 7.2.2.1, and 8.0.0.1. Applications which set Content-Security-Policy (CSP) headers dynamically from u

CVE-2024-47889 [MEDIUM] CWE-1333 CVE-2024-47889: Action Mailer is a framework for designing email service layers. Starting in version 3.0.0 and prior Action Mailer is a framework for designing email service layers. Starting in version 3.0.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1, there is a possible ReDoS vulnerability in the block_format helper in Action Mailer. Carefully crafted text can cause the block_format helper to take an unexpected amount of time, possibly resultin

CVE-2024-41128 [MEDIUM] CWE-770 CVE-2024-41128: Action Pack is a framework for handling and responding to web requests. Starting in version 3.1.0 an Action Pack is a framework for handling and responding to web requests. Starting in version 3.1.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1, there is a possible ReDoS vulnerability in the query parameter filtering routines of Action Dispatch. Carefully crafted query parameters can cause query parameter filtering to take an unexpec

CVE-2024-47887 [MEDIUM] CWE-1333 CVE-2024-47887: Action Pack is a framework for handling and responding to web requests. Starting in version 4.0.0 an Action Pack is a framework for handling and responding to web requests. Starting in version 4.0.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1, there is a possible ReDoS vulnerability in Action Controller's HTTP Token authentication. For applications using HTTP Token authentication via `authenticate_or_request_with_http_token` or si

CVE-2024-47888 [MEDIUM] CWE-1333 CVE-2024-47888: Action Text brings rich text content and editing to Rails. Starting in version 6.0.0 and prior to ve Action Text brings rich text content and editing to Rails. Starting in version 6.0.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1, there is a possible ReDoS vulnerability in the `plain_text_for_blockquote_node helper` in Action Text. Carefully crafted text can cause the `plain_text_for_blockquote_node` helper to take an unexpected a

CVE-2024-28103 [CRITICAL] CWE-20 CVE-2024-28103: Action Pack is a framework for handling and responding to web requests. Since 6.1.0, the application Action Pack is a framework for handling and responding to web requests. Since 6.1.0, the application configurable Permissions-Policy is only served on responses with an HTML related Content-Type. This vulnerability is fixed in 6.1.7.8, 7.0.8.2, and 7.1.3.3.

CVE-2024-32464 [MEDIUM] CWE-79 CVE-2024-32464: Action Text brings rich text content and editing to Rails. Instances of ActionText::Attachable::Cont Action Text brings rich text content and editing to Rails. Instances of ActionText::Attachable::ContentAttachment included within a rich_text_area tag could potentially contain unsanitized HTML. This vulnerability is fixed in 7.1.3.4 and 7.2.0.beta2.

CVE-2024-26142 [HIGH] CWE-1333 CVE-2024-26142: Rails is a web-application framework. Starting in version 7.1.0, there is a possible ReDoS vulnerabi Rails is a web-application framework. Starting in version 7.1.0, there is a possible ReDoS vulnerability in the Accept header parsing routines of Action Dispatch. This vulnerability is patched in 7.1.3.1. Ruby 3.2 has mitigations for this problem, so Rails applications using Ruby 3.2 or newer are unaffected.

CVE-2024-26144 [MEDIUM] CWE-200 CVE-2024-26144: Rails is a web-application framework. Starting with version 5.2.0, there is a possible sensitive ses Rails is a web-application framework. Starting with version 5.2.0, there is a possible sensitive session information leak in Active Storage. By default, Active Storage sends a Set-Cookie header along with the user's session cookie when serving blobs. It also sets Cache-Control to public. Certain proxies may cache the Set-Cookie, leading to an inform

CVE-2024-26143 [MEDIUM] CWE-79 CVE-2024-26143: Rails is a web-application framework. There is a possible XSS vulnerability when using the translati Rails is a web-application framework. There is a possible XSS vulnerability when using the translation helpers in Action Controller. Applications using translation methods like translate, or t on a controller, with a key ending in "_html", a :default key which contains untrusted user input, and the resulting string is used in a view, may be susceptib

CVE-2022-23633 [MEDIUM] CWE-200 CVE-2022-23633: Action Pack is a framework for handling and responding to web requests. Under certain circumstances Action Pack is a framework for handling and responding to web requests. Under certain circumstances response bodies will not be closed. In the event a response is *not* notified of a `close`, `ActionDispatch::Executor` will not know to reset thread local state for the next request. This can lead to data being leaked to subsequent requests.This has be

CVE-2010-3299 [MEDIUM] CWE-311 CVE-2010-3299: The encrypt/decrypt functions in Ruby on Rails 2.3 are vulnerable to padding oracle attacks. The encrypt/decrypt functions in Ruby on Rails 2.3 are vulnerable to padding oracle attacks.