Rubyonrails Rails vulnerabilities

139 known vulnerabilities affecting rubyonrails/rails.

Total CVEs

139

CISA KEV

actively exploited

Public exploits

Exploited in wild

Severity breakdown

CRITICAL10HIGH39MEDIUM87LOW3

Vulnerabilities

SortPage 7 of 7

CVE-2013-1857P4MEDIUMCVSS 4.3v0.9.1v0.9.2+98 more2013-03-19

CVE-2013-1857 [MEDIUM] CWE-79 CVE-2013-1857: The sanitize helper in lib/action_controller/vendor/html-scanner/html/sanitizer.rb in the Action Pac The sanitize helper in lib/action_controller/vendor/html-scanner/html/sanitizer.rb in the Action Pack component in Ruby on Rails before 2.3.18, 3.0.x and 3.1.x before 3.1.12, and 3.2.x before 3.2.13 does not properly handle encoded : (colon) characters in URLs, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via

nvdosv

CVE-2020-8166P4MEDIUMCVSS 4.3fixed in 5.2.4.3≥ 6.0.0, < 6.0.3.12020-07-02

CVE-2020-8166 [MEDIUM] CWE-352 CVE-2020-8166: A CSRF forgery vulnerability exists in rails < 5.2.5, rails < 6.0.4 that makes it possible for an at A CSRF forgery vulnerability exists in rails < 5.2.5, rails < 6.0.4 that makes it possible for an attacker to, given a global CSRF token such as the one present in the authenticity_token meta tag, forge a per-form CSRF token.

nvdosv

CVE-2009-4214P4MEDIUMCVSS 4.3v2.3.2v2.3.3+40 more2009-12-07

CVE-2009-4214 [MEDIUM] CWE-79 CVE-2009-4214: Cross-site scripting (XSS) vulnerability in the strip_tags function in Ruby on Rails before 2.2.s, a Cross-site scripting (XSS) vulnerability in the strip_tags function in Ruby on Rails before 2.2.s, and 2.3.x before 2.3.5, allows remote attackers to inject arbitrary web script or HTML via vectors involving non-printing ASCII characters, related to HTML::Tokenizer and actionpack/lib/action_controller/vendor/html-scanner/html/node.rb.

ghsanvdosv

CVE-2009-3009P4MEDIUMCVSS 4.3v2.0.0v2.0.1+10 more2009-09-08

CVE-2009-3009 [MEDIUM] CWE-79 CVE-2009-3009: Cross-site scripting (XSS) vulnerability in Ruby on Rails 2.x before 2.2.3, and 2.3.x before 2.3.4, Cross-site scripting (XSS) vulnerability in Ruby on Rails 2.x before 2.2.3, and 2.3.x before 2.3.4, allows remote attackers to inject arbitrary web script or HTML by placing malformed Unicode strings into a form helper.

nvdosv

CVE-2012-1099P4MEDIUMCVSS 4.3v3.0.0v3.0.1+19 more2012-03-13

CVE-2012-1099 [MEDIUM] CWE-79 CVE-2012-1099: Cross-site scripting (XSS) vulnerability in actionpack/lib/action_view/helpers/form_options_helper.r Cross-site scripting (XSS) vulnerability in actionpack/lib/action_view/helpers/form_options_helper.rb in the select helper in Ruby on Rails 3.0.x before 3.0.12, 3.1.x before 3.1.4, and 3.2.x before 3.2.2 allows remote attackers to inject arbitrary web script or HTML via vectors involving certain generation of OPTION elements within SELECT elements.

nvdosv

CVE-2013-6416P4MEDIUMCVSS 4.3≤ 4.0.1v4.0.0+1 more2013-12-07

CVE-2013-6416 [MEDIUM] CWE-79 CVE-2013-6416: Cross-site scripting (XSS) vulnerability in the simple_format helper in actionpack/lib/action_view/h Cross-site scripting (XSS) vulnerability in the simple_format helper in actionpack/lib/action_view/helpers/text_helper.rb in Ruby on Rails 4.x before 4.0.2 allows remote attackers to inject arbitrary web script or HTML via a crafted HTML attribute.

nvd

CVE-2011-4319P4MEDIUMCVSS 4.3v3.0.0v3.0.1+18 more2011-11-28

CVE-2011-4319 [MEDIUM] CWE-79 CVE-2011-4319: Cross-site scripting (XSS) vulnerability in the i18n translations helper method in Ruby on Rails 3.0 Cross-site scripting (XSS) vulnerability in the i18n translations helper method in Ruby on Rails 3.0.x before 3.0.11 and 3.1.x before 3.1.2, and the rails_xss plugin in Ruby on Rails 2.3.x, allows remote attackers to inject arbitrary web script or HTML via vectors related to a translations string whose name ends with an "html" substring.

nvd

CVE-2014-3916P4MEDIUMCVSS 5.0v1.9.3v2.0.0+1 more2014-11-16

CVE-2014-3916 [MEDIUM] CWE-19 CVE-2014-3916: The str_buf_cat function in string.c in Ruby 1.9.3, 2.0.0, and 2.1 allows context-dependent attacker The str_buf_cat function in string.c in Ruby 1.9.3, 2.0.0, and 2.1 allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a long string.

nvd

CVE-2012-3464P4MEDIUMCVSS 4.3v0.9.1v0.9.2+79 more2012-08-10

CVE-2012-3464 [MEDIUM] CWE-79 CVE-2012-3464: Cross-site scripting (XSS) vulnerability in activesupport/lib/active_support/core_ext/string/output_ Cross-site scripting (XSS) vulnerability in activesupport/lib/active_support/core_ext/string/output_safety.rb in Ruby on Rails before 3.0.17, 3.1.x before 3.1.8, and 3.2.x before 3.2.8 might allow remote attackers to inject arbitrary web script or HTML via vectors involving a ' (quote) character.

nvdosv

CVE-2011-2931P4MEDIUMCVSS 4.3v2.0.0v2.0.1+27 more2011-08-29

CVE-2011-2931 [MEDIUM] CWE-79 CVE-2011-2931: Cross-site scripting (XSS) vulnerability in the strip_tags helper in actionpack/lib/action_controlle Cross-site scripting (XSS) vulnerability in the strip_tags helper in actionpack/lib/action_controller/vendor/html-scanner/html/node.rb in Ruby on Rails before 2.3.13, 3.0.x before 3.0.10, and 3.1.x before 3.1.0.rc5 allows remote attackers to inject arbitrary web script or HTML via a tag with an invalid name.

nvdosv

CVE-2011-2932P4MEDIUMCVSS 4.3v2.0.0v2.0.1+27 more2011-08-29

CVE-2011-2932 [MEDIUM] CWE-79 CVE-2011-2932: Cross-site scripting (XSS) vulnerability in activesupport/lib/active_support/core_ext/string/output_ Cross-site scripting (XSS) vulnerability in activesupport/lib/active_support/core_ext/string/output_safety.rb in Ruby on Rails 2.x before 2.3.13, 3.0.x before 3.0.10, and 3.1.x before 3.1.0.rc5 allows remote attackers to inject arbitrary web script or HTML via a malformed Unicode string, related to a "UTF-8 escaping vulnerability."

nvdosv

CVE-2012-1098P4MEDIUMCVSS 4.3v3.0.0v3.0.1+19 more2012-03-13

CVE-2012-1098 [MEDIUM] CWE-79 CVE-2012-1098: Cross-site scripting (XSS) vulnerability in Ruby on Rails 3.0.x before 3.0.12, 3.1.x before 3.1.4, a Cross-site scripting (XSS) vulnerability in Ruby on Rails 3.0.x before 3.0.12, 3.1.x before 3.1.4, and 3.2.x before 3.2.2 allows remote attackers to inject arbitrary web script or HTML via vectors involving a SafeBuffer object that is manipulated through certain methods.

nvdosv

CVE-2012-3465P4MEDIUMCVSS 4.3v0.9.1v0.9.2+79 more2012-08-10

CVE-2012-3465 [MEDIUM] CWE-79 CVE-2012-3465: Cross-site scripting (XSS) vulnerability in actionpack/lib/action_view/helpers/sanitize_helper.rb in Cross-site scripting (XSS) vulnerability in actionpack/lib/action_view/helpers/sanitize_helper.rb in the strip_tags helper in Ruby on Rails before 3.0.17, 3.1.x before 3.1.8, and 3.2.x before 3.2.8 allows remote attackers to inject arbitrary web script or HTML via malformed HTML markup.

nvdosv

CVE-2011-2197P4MEDIUMCVSS 4.3v2.0.0v2.0.1+24 more2011-06-30

CVE-2011-2197 [MEDIUM] CWE-79 CVE-2011-2197: The cross-site scripting (XSS) prevention feature in Ruby on Rails 2.x before 2.3.12, 3.0.x before 3 The cross-site scripting (XSS) prevention feature in Ruby on Rails 2.x before 2.3.12, 3.0.x before 3.0.8, and 3.1.x before 3.1.0.rc2 does not properly handle mutation of safe buffers, which makes it easier for remote attackers to conduct XSS attacks via crafted strings to an application that uses a problematic string method, as demonstrated by the sub

nvd

CVE-2011-0446P4MEDIUMCVSS 4.3v2.0.0v2.0.1+18 more2011-02-14

CVE-2011-0446 [MEDIUM] CWE-79 CVE-2011-0446: Multiple cross-site scripting (XSS) vulnerabilities in the mail_to helper in Ruby on Rails before 2. Multiple cross-site scripting (XSS) vulnerabilities in the mail_to helper in Ruby on Rails before 2.3.11, and 3.x before 3.0.4, when javascript encoding is used, allow remote attackers to inject arbitrary web script or HTML via a crafted (1) name or (2) email value.

nvdosv

CVE-2012-3463P4MEDIUMCVSS 4.3v3.0.0v3.0.1+30 more2012-08-10

CVE-2012-3463 [MEDIUM] CWE-79 CVE-2012-3463: Cross-site scripting (XSS) vulnerability in actionpack/lib/action_view/helpers/form_tag_helper.rb in Cross-site scripting (XSS) vulnerability in actionpack/lib/action_view/helpers/form_tag_helper.rb in Ruby on Rails 3.x before 3.0.17, 3.1.x before 3.1.8, and 3.2.x before 3.2.8 allows remote attackers to inject arbitrary web script or HTML via the prompt field to the select_tag helper.

nvd

CVE-2023-28362P4MEDIUMCVSS 4.0≥ 0, < 2:6.0.3.7+dfsg-2+deb11u3≥ 0, < 2:6.1.7.10+dfsg-1~deb12u1+1 more2025-01-09

CVE-2023-28362 [MEDIUM] CVE-2023-28362: The redirect_to method in Rails allows provided values to contain characters which are not legal in an HTTP header value The redirect_to method in Rails allows provided values to contain characters which are not legal in an HTTP header value. This results in the potential for downstream services which enforce RFC compliance on HTTP response headers to remove the assigned Location header.

osv

CVE-2025-55193P4LOWCVSS 2.7≥ 0, < 2:6.0.3.7+dfsg-2+deb11u4≥ 0, < 2:6.1.7.10+dfsg-1~deb12u2+2 more2025-08-13

CVE-2025-55193 [LOW] CVE-2025-55193: Active Record connects classes to relational database tables Active Record connects classes to relational database tables. Prior to versions 7.1.5.2, 7.2.2.2, and 8.0.2.1, the ID passed to find or similar methods may be logged without escaping. If this is directly to the terminal it may include unescaped ANSI sequences. This issue has been patched in versions 7.1.5.2, 7.2.2.2, and 8.0.2.1.

osv

CVE-2024-54133P4LOWCVSS 2.3≥ 0, < 2:6.0.3.7+dfsg-2+deb11u3≥ 0, < 2:6.1.7.10+dfsg-1~deb12u1+1 more2024-12-10

CVE-2024-54133 [LOW] CVE-2024-54133: Action Pack is a framework for handling and responding to web requests Action Pack is a framework for handling and responding to web requests. There is a possible Cross Site Scripting (XSS) vulnerability in the `content_security_policy` helper starting in version 5.2.0 of Action Pack and prior to versions 7.0.8.7, 7.1.5.1, 7.2.2.1, and 8.0.0.1. Applications which set Content-Security-Policy (CSP) headers dynamically from untrusted user input may be vulnerable

osv

← Previous7 / 7