Rubyonrails Ruby On Rails vulnerabilities

CVE-2011-2929 [MEDIUM] CWE-20 CVE-2011-2929: The template selection functionality in actionpack/lib/action_view/template/resolver.rb in Ruby on R The template selection functionality in actionpack/lib/action_view/template/resolver.rb in Ruby on Rails 3.0.x before 3.0.10 and 3.1.x before 3.1.0.rc6 does not properly handle glob characters, which allows remote attackers to render arbitrary views via a crafted URL, related to a "filter skipping vulnerability."

CVE-2011-2932 [MEDIUM] CWE-79 CVE-2011-2932: Cross-site scripting (XSS) vulnerability in activesupport/lib/active_support/core_ext/string/output_ Cross-site scripting (XSS) vulnerability in activesupport/lib/active_support/core_ext/string/output_safety.rb in Ruby on Rails 2.x before 2.3.13, 3.0.x before 3.0.10, and 3.1.x before 3.1.0.rc5 allows remote attackers to inject arbitrary web script or HTML via a malformed Unicode string, related to a "UTF-8 escaping vulnerability."

CVE-2011-2931 [MEDIUM] CWE-79 CVE-2011-2931: Cross-site scripting (XSS) vulnerability in the strip_tags helper in actionpack/lib/action_controlle Cross-site scripting (XSS) vulnerability in the strip_tags helper in actionpack/lib/action_controller/vendor/html-scanner/html/node.rb in Ruby on Rails before 2.3.13, 3.0.x before 3.0.10, and 3.1.x before 3.1.0.rc5 allows remote attackers to inject arbitrary web script or HTML via a tag with an invalid name.

CVE-2011-2197 [MEDIUM] CWE-79 CVE-2011-2197: The cross-site scripting (XSS) prevention feature in Ruby on Rails 2.x before 2.3.12, 3.0.x before 3 The cross-site scripting (XSS) prevention feature in Ruby on Rails 2.x before 2.3.12, 3.0.x before 3.0.8, and 3.1.x before 3.1.0.rc2 does not properly handle mutation of safe buffers, which makes it easier for remote attackers to conduct XSS attacks via crafted strings to an application that uses a problematic string method, as demonstrated by the sub

CVE-2009-4214 [MEDIUM] CWE-79 CVE-2009-4214: Cross-site scripting (XSS) vulnerability in the strip_tags function in Ruby on Rails before 2.2.s, a Cross-site scripting (XSS) vulnerability in the strip_tags function in Ruby on Rails before 2.2.s, and 2.3.x before 2.3.5, allows remote attackers to inject arbitrary web script or HTML via vectors involving non-printing ASCII characters, related to HTML::Tokenizer and actionpack/lib/action_controller/vendor/html-scanner/html/node.rb.

CVE-2009-2422 [CRITICAL] CWE-287 CVE-2009-2422: The example code for the digest authentication functionality (http_authentication.rb) in Ruby on Rai The example code for the digest authentication functionality (http_authentication.rb) in Ruby on Rails before 2.3.3 defines an authenticate_or_request_with_http_digest block that returns nil instead of false when the user does not exist, which allows context-dependent attackers to bypass authentication for applications that are derived from this exa

CVE-2008-5189 [MEDIUM] CWE-352 CVE-2008-5189: CRLF injection vulnerability in Ruby on Rails before 2.0.5 allows remote attackers to inject arbitra CRLF injection vulnerability in Ruby on Rails before 2.0.5 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL to the redirect_to function.

CVE-2008-4094 [HIGH] CWE-89 CVE-2008-4094: Multiple SQL injection vulnerabilities in Ruby on Rails before 2.1.1 allow remote attackers to execu Multiple SQL injection vulnerabilities in Ruby on Rails before 2.1.1 allow remote attackers to execute arbitrary SQL commands via the (1) :limit and (2) :offset parameters, related to ActiveRecord, ActiveSupport, ActiveResource, ActionPack, and ActionMailer.

CVE-2006-4111 [HIGH] CWE-94 CVE-2006-4111: Ruby on Rails before 1.1.5 allows remote attackers to execute Ruby code with "severe" or "serious" i Ruby on Rails before 1.1.5 allows remote attackers to execute Ruby code with "severe" or "serious" impact via a File Upload request with an HTTP header that modifies the LOAD_PATH variable, a different vulnerability than CVE-2006-4112.