Ruby on Rails is a full-stack web framework optimized for programmer happiness and sustainable productivity. It encourages beautiful code by favoring convention over configuration.
*For some transitive vulnerabilities, there is no version of direct dependency with a fix. Check the "Details" section below to see if there is a version of transitive dependency where vulnerability is fixed.
**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation
Details
Partial details (21 vulnerabilities) are displayed below due to a content size limitation in GitHub. To view information on the remaining vulnerabilities, navigate to the Mend Application.
Databases on Rails. Build a persistent domain model by mapping database tables to Ruby classes. Strong conventions for associations, validations, aggregations, migrations, and testing come baked-in.
A possible escalation to RCE vulnerability exists when using YAML serialized columns in Active Record < 7.0.3.1, <6.1.6.1, <6.0.5.1 and <5.2.8.1 which could allow an attacker, that can manipulate data in the database (via means like SQL injection), the ability to escalate to an RCE.
Databases on Rails. Build a persistent domain model by mapping database tables to Ruby classes. Strong conventions for associations, validations, aggregations, migrations, and testing come baked-in.
A vulnerability in ActiveRecord <6.0.6.1, v6.1.7.1 and v7.0.4.1 related to the sanitization of comments. If malicious user input is passed to either the `annotate` query method, the `optimizer_hints` query method, or through the QueryLogs interface which automatically adds annotations, it may be sent to the database withinsufficient sanitization and be able to inject SQL outside of the comment.
Rack provides minimal, modular and adaptable interface for developing
web applications in Ruby. By wrapping HTTP requests and responses in
the simplest way possible, it unifies and distills the API for web
servers, web frameworks, and software in between (the so-called
middleware) into a single method call.
Also see http://rack.rubyforge.org.
A directory traversal vulnerability exists in rack < 2.2.0 that allows an attacker perform directory traversal vulnerability in the Rack::Directory app that is bundled with Rack which could result in information disclosure.
A toolkit of support libraries and Ruby core extensions extracted from the Rails framework. Rich support for multibyte strings, internationalization, time zones, and testing.
A regular expression based DoS vulnerability in Active Support <6.1.7.1 and <7.0.4.1. A specially crafted string passed to the underscore method can cause the regular expression engine to enter a state of catastrophic backtracking. This can cause the process to use large amounts of CPU and memory, leading to a possible DoS vulnerability.
A regular expression based DoS vulnerability in Action Dispatch <6.1.7.1 and <7.0.4.1 related to the If-None-Match header. A specially crafted HTTP If-None-Match header can cause the regular expression engine to enter a state of catastrophic backtracking, when on a version of Ruby below 3.2.0. This can cause the process to use large amounts of CPU and memory, leading to a possible DoS vulnerability All users running an affected release should either upgrade or use one of the workarounds immediately.
A regular expression based DoS vulnerability in Action Dispatch <6.0.6.1,< 6.1.7.1, and <7.0.4.1. Specially crafted cookies, in combination with a specially crafted X_FORWARDED_HOST header can cause the regular expression engine to enter a state of catastrophic backtracking. This can cause the process to use large amounts of CPU and memory, leading to a possible DoS vulnerability All users running an affected release should either upgrade or use one of the workarounds immediately.
Databases on Rails. Build a persistent domain model by mapping database tables to Ruby classes. Strong conventions for associations, validations, aggregations, migrations, and testing come baked-in.
A denial of service vulnerability present in ActiveRecord's PostgreSQL adapter <7.0.4.1 and <6.1.7.1. When a value outside the range for a 64bit signed integer is provided to the PostgreSQL connection adapter, it will treat the target column type as numeric. Comparing integer values against numeric values can result in a slow sequential scan resulting in potential Denial of Service.
Rack provides minimal, modular and adaptable interface for developing
web applications in Ruby. By wrapping HTTP requests and responses in
the simplest way possible, it unifies and distills the API for web
servers, web frameworks, and software in between (the so-called
middleware) into a single method call.
Also see http://rack.rubyforge.org.
A reliance on cookies without validation/integrity check security vulnerability exists in rack < 2.2.3, rack < 2.1.4 that makes it is possible for an attacker to forge a secure or host-only cookie prefix.
Ruby on Rails is a full-stack web framework optimized for programmer happiness and sustainable productivity. It encourages beautiful code by favoring convention over configuration.
Directory traversal vulnerability in Action View in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 allows remote attackers to read arbitrary files by leveraging an application's unrestricted use of the render method and providing a .. (dot dot) in a pathname.
:rescue_worker_helmet: Automatic Remediation will be attempted for this issue.
CVE-2016-0751
### Vulnerable Libraries - actionpack-3.0.7.gem, rails-3.0.7.gem
### actionpack-3.0.7.gem
Web apps on Rails. Simple, battle-tested conventions for building and testing MVC web applications. Works with any Rack-compatible server.
Ruby on Rails is a full-stack web framework optimized for programmer happiness and sustainable productivity. It encourages beautiful code by favoring convention over configuration.
actionpack/lib/action_dispatch/http/mime_type.rb in Action Pack in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 does not properly restrict use of the MIME type cache, which allows remote attackers to cause a denial of service (memory consumption) via a crafted HTTP Accept header.
Hash#slice in lib/i18n/core_ext/hash.rb in the i18n gem before 0.8.0 for Ruby allows remote attackers to cause a denial of service (application crash) via a call in a situation where :some_key is present in keep_keys but not present in the hash.
Directory traversal vulnerability in actionpack/lib/abstract_controller/base.rb in the implicit-render implementation in Ruby on Rails before 3.2.18, 4.0.x before 4.0.5, and 4.1.x before 4.1.1, when certain route globbing configurations are enabled, allows remote attackers to read arbitrary files via a crafted request.
Ruby on Rails is a full-stack web framework optimized for programmer happiness and sustainable productivity. It encourages beautiful code by favoring convention over configuration.
Action Pack in Ruby on Rails before 3.2.22.2, 4.x before 4.1.14.2, and 4.2.x before 4.2.5.2 allows remote attackers to execute arbitrary Ruby code by leveraging an application's unrestricted use of the render method.
:rescue_worker_helmet: Automatic Remediation will be attempted for this issue.
CVE-2014-3482
### Vulnerable Library - activerecord-3.0.7.gem
Databases on Rails. Build a persistent domain model by mapping database tables to Ruby classes. Strong conventions for associations, validations, aggregations, migrations, and testing come baked-in.
SQL injection vulnerability in activerecord/lib/active_record/connection_adapters/postgresql_adapter.rb in the PostgreSQL adapter for Active Record in Ruby on Rails 2.x and 3.x before 3.2.19 allows remote attackers to execute arbitrary SQL commands by leveraging improper bitstring quoting.
A toolkit of support libraries and Ruby core extensions extracted from the Rails framework. Rich support for multibyte strings, internationalization, time zones, and testing.
lib/active_support/json/backends/yaml.rb in Ruby on Rails 2.3.x before 2.3.16 and 3.0.x before 3.0.20 does not properly convert JSON data to YAML data for processing by a YAML parser, which allows remote attackers to execute arbitrary code, conduct SQL injection attacks, or bypass authentication via crafted data that triggers unsafe decoding, a different vulnerability than CVE-2013-0156.
A toolkit of support libraries and Ruby core extensions extracted from the Rails framework. Rich support for multibyte strings, internationalization, time zones, and testing.
active_support/core_ext/hash/conversions.rb in Ruby on Rails before 2.3.15, 3.0.x before 3.0.19, 3.1.x before 3.1.10, and 3.2.x before 3.2.11 does not properly restrict casts of string values, which allows remote attackers to conduct object-injection attacks and execute arbitrary code, or cause a denial of service (memory and CPU consumption) involving nested XML entity references, by leveraging Action Pack support for (1) YAML type conversion or (2) Symbol type conversion.
Databases on Rails. Build a persistent domain model by mapping database tables to Ruby classes. Strong conventions for associations, validations, aggregations, migrations, and testing come baked-in.
SQL injection vulnerability in the Active Record component in Ruby on Rails before 3.0.18, 3.1.x before 3.1.9, and 3.2.x before 3.2.10 allows remote attackers to execute arbitrary SQL commands via a crafted request that leverages incorrect behavior of dynamic finders in applications that can use unexpected data types in certain find_by_ method calls.
Databases on Rails. Build a persistent domain model by mapping database tables to Ruby classes. Strong conventions for associations, validations, aggregations, migrations, and testing come baked-in.
The Active Record component in Ruby on Rails before 3.0.14, 3.1.x before 3.1.6, and 3.2.x before 3.2.6 does not properly implement the passing of request data to a where method in an ActiveRecord class, which allows remote attackers to conduct certain SQL injection attacks via nested query parameters that leverage improper handling of nested hashes, a related issue to CVE-2012-2661.
The Mail gem before 2.4.3 for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a (1) sendmail or (2) exim delivery.
Ruby on Rails is a full-stack web framework optimized for programmer happiness and sustainable productivity. It encourages beautiful code by favoring convention over configuration.
actionpack/lib/action_dispatch/http/request.rb in Ruby on Rails before 3.2.16 and 4.x before 4.0.2 does not properly consider differences in parameter handling between the Active Record component and the JSON implementation, which allows remote attackers to bypass intended database-query restrictions and perform NULL checks or trigger missing WHERE clauses via a crafted request that leverages (1) third-party Rack middleware or (2) custom Rack middleware. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-0155.
Ruby on Rails is a full-stack web framework optimized for programmer happiness and sustainable productivity. It encourages beautiful code by favoring convention over configuration.
Library home page: https://rubygems.org/gems/rails-3.0.7.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /home/wss-scanner/.gem/ruby/3.2.0/cache/rails-3.0.7.gem
Found in HEAD commit: 4963c36f92723b7bbc7452c962577daa3cd2c98e
Vulnerabilities
*For some transitive vulnerabilities, there is no version of direct dependency with a fix. Check the "Details" section below to see if there is a version of transitive dependency where vulnerability is fixed.
**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation
Details
CVE-2022-32224
### Vulnerable Library - activerecord-3.0.7.gemDatabases on Rails. Build a persistent domain model by mapping database tables to Ruby classes. Strong conventions for associations, validations, aggregations, migrations, and testing come baked-in.
Library home page: https://rubygems.org/gems/activerecord-3.0.7.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /home/wss-scanner/.gem/ruby/3.2.0/cache/activerecord-3.0.7.gem
Dependency Hierarchy: - rails-3.0.7.gem (Root Library) - :x: **activerecord-3.0.7.gem** (Vulnerable Library)
Found in HEAD commit: 4963c36f92723b7bbc7452c962577daa3cd2c98e
Found in base branch: main
### Vulnerability DetailsA possible escalation to RCE vulnerability exists when using YAML serialized columns in Active Record < 7.0.3.1, <6.1.6.1, <6.0.5.1 and <5.2.8.1 which could allow an attacker, that can manipulate data in the database (via means like SQL injection), the ability to escalate to an RCE.
Publish Date: 2022-12-05
URL: CVE-2022-32224
### CVSS 3 Score Details (9.8)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://github.com/advisories/GHSA-3hhc-qp5v-9p2j
Release Date: 2022-12-05
Fix Resolution: activerecord - 5.2.8.1,6.0.5.1,6.1.6.1,7.0.3.1
CVE-2023-22794
### Vulnerable Library - activerecord-3.0.7.gemDatabases on Rails. Build a persistent domain model by mapping database tables to Ruby classes. Strong conventions for associations, validations, aggregations, migrations, and testing come baked-in.
Library home page: https://rubygems.org/gems/activerecord-3.0.7.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /home/wss-scanner/.gem/ruby/3.2.0/cache/activerecord-3.0.7.gem
Dependency Hierarchy: - rails-3.0.7.gem (Root Library) - :x: **activerecord-3.0.7.gem** (Vulnerable Library)
Found in HEAD commit: 4963c36f92723b7bbc7452c962577daa3cd2c98e
Found in base branch: main
### Vulnerability DetailsA vulnerability in ActiveRecord <6.0.6.1, v6.1.7.1 and v7.0.4.1 related to the sanitization of comments. If malicious user input is passed to either the `annotate` query method, the `optimizer_hints` query method, or through the QueryLogs interface which automatically adds annotations, it may be sent to the database withinsufficient sanitization and be able to inject SQL outside of the comment.
Publish Date: 2023-02-09
URL: CVE-2023-22794
### CVSS 3 Score Details (8.8)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: Low - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://github.com/advisories/GHSA-hq7p-j377-6v63
Release Date: 2023-02-09
Fix Resolution: activerecord - 6.0.6.1,6.1.7.1,7.0.4.1
CVE-2020-8161
### Vulnerable Library - rack-1.2.3.gemRack provides minimal, modular and adaptable interface for developing web applications in Ruby. By wrapping HTTP requests and responses in the simplest way possible, it unifies and distills the API for web servers, web frameworks, and software in between (the so-called middleware) into a single method call. Also see http://rack.rubyforge.org.
Library home page: https://rubygems.org/gems/rack-1.2.3.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /home/wss-scanner/.gem/ruby/3.2.0/cache/rack-1.2.3.gem
Dependency Hierarchy: - rails-3.0.7.gem (Root Library) - actionpack-3.0.7.gem - :x: **rack-1.2.3.gem** (Vulnerable Library)
Found in HEAD commit: 4963c36f92723b7bbc7452c962577daa3cd2c98e
Found in base branch: main
### Vulnerability DetailsA directory traversal vulnerability exists in rack < 2.2.0 that allows an attacker perform directory traversal vulnerability in the Rack::Directory app that is bundled with Rack which could result in information disclosure.
Publish Date: 2020-07-02
URL: CVE-2020-8161
### CVSS 3 Score Details (8.6)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Changed - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: None - Availability Impact: None
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Release Date: 2020-07-02
Fix Resolution: 2.2.0,2.1.3
CVE-2023-22796
### Vulnerable Library - activesupport-3.0.7.gemA toolkit of support libraries and Ruby core extensions extracted from the Rails framework. Rich support for multibyte strings, internationalization, time zones, and testing.
Library home page: https://rubygems.org/gems/activesupport-3.0.7.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /home/wss-scanner/.gem/ruby/3.2.0/cache/activesupport-3.0.7.gem
Dependency Hierarchy: - rails-3.0.7.gem (Root Library) - :x: **activesupport-3.0.7.gem** (Vulnerable Library)
Found in HEAD commit: 4963c36f92723b7bbc7452c962577daa3cd2c98e
Found in base branch: main
### Vulnerability DetailsA regular expression based DoS vulnerability in Active Support <6.1.7.1 and <7.0.4.1. A specially crafted string passed to the underscore method can cause the regular expression engine to enter a state of catastrophic backtracking. This can cause the process to use large amounts of CPU and memory, leading to a possible DoS vulnerability.
Publish Date: 2023-02-09
URL: CVE-2023-22796
### CVSS 3 Score Details (7.5)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://github.com/advisories/GHSA-j6gc-792m-qgm2
Release Date: 2023-02-09
Fix Resolution: activesupport - 6.1.7.1,7.0.4.1
CVE-2023-22795
### Vulnerable Library - actionpack-3.0.7.gemWeb apps on Rails. Simple, battle-tested conventions for building and testing MVC web applications. Works with any Rack-compatible server.
Library home page: https://rubygems.org/gems/actionpack-3.0.7.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /home/wss-scanner/.gem/ruby/3.2.0/cache/actionpack-3.0.7.gem
Dependency Hierarchy: - rails-3.0.7.gem (Root Library) - :x: **actionpack-3.0.7.gem** (Vulnerable Library)
Found in HEAD commit: 4963c36f92723b7bbc7452c962577daa3cd2c98e
Found in base branch: main
### Vulnerability DetailsA regular expression based DoS vulnerability in Action Dispatch <6.1.7.1 and <7.0.4.1 related to the If-None-Match header. A specially crafted HTTP If-None-Match header can cause the regular expression engine to enter a state of catastrophic backtracking, when on a version of Ruby below 3.2.0. This can cause the process to use large amounts of CPU and memory, leading to a possible DoS vulnerability All users running an affected release should either upgrade or use one of the workarounds immediately.
Publish Date: 2023-02-09
URL: CVE-2023-22795
### CVSS 3 Score Details (7.5)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Release Date: 2023-02-09
Fix Resolution: actionpack - 6.1.7.1, 7.0.4.1
CVE-2023-22792
### Vulnerable Library - actionpack-3.0.7.gemWeb apps on Rails. Simple, battle-tested conventions for building and testing MVC web applications. Works with any Rack-compatible server.
Library home page: https://rubygems.org/gems/actionpack-3.0.7.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /home/wss-scanner/.gem/ruby/3.2.0/cache/actionpack-3.0.7.gem
Dependency Hierarchy: - rails-3.0.7.gem (Root Library) - :x: **actionpack-3.0.7.gem** (Vulnerable Library)
Found in HEAD commit: 4963c36f92723b7bbc7452c962577daa3cd2c98e
Found in base branch: main
### Vulnerability DetailsA regular expression based DoS vulnerability in Action Dispatch <6.0.6.1,< 6.1.7.1, and <7.0.4.1. Specially crafted cookies, in combination with a specially crafted X_FORWARDED_HOST header can cause the regular expression engine to enter a state of catastrophic backtracking. This can cause the process to use large amounts of CPU and memory, leading to a possible DoS vulnerability All users running an affected release should either upgrade or use one of the workarounds immediately.
Publish Date: 2023-02-09
URL: CVE-2023-22792
### CVSS 3 Score Details (7.5)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Release Date: 2023-02-09
Fix Resolution: actionpack - 6.1.7.1,7.0.4.1
CVE-2022-44566
### Vulnerable Library - activerecord-3.0.7.gemDatabases on Rails. Build a persistent domain model by mapping database tables to Ruby classes. Strong conventions for associations, validations, aggregations, migrations, and testing come baked-in.
Library home page: https://rubygems.org/gems/activerecord-3.0.7.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /home/wss-scanner/.gem/ruby/3.2.0/cache/activerecord-3.0.7.gem
Dependency Hierarchy: - rails-3.0.7.gem (Root Library) - :x: **activerecord-3.0.7.gem** (Vulnerable Library)
Found in HEAD commit: 4963c36f92723b7bbc7452c962577daa3cd2c98e
Found in base branch: main
### Vulnerability DetailsA denial of service vulnerability present in ActiveRecord's PostgreSQL adapter <7.0.4.1 and <6.1.7.1. When a value outside the range for a 64bit signed integer is provided to the PostgreSQL connection adapter, it will treat the target column type as numeric. Comparing integer values against numeric values can result in a slow sequential scan resulting in potential Denial of Service.
Publish Date: 2023-02-09
URL: CVE-2022-44566
### CVSS 3 Score Details (7.5)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://github.com/advisories/GHSA-579w-22j4-4749
Release Date: 2023-02-09
Fix Resolution: activerecord - 6.1.7.1,7.0.4.1
CVE-2020-8184
### Vulnerable Library - rack-1.2.3.gemRack provides minimal, modular and adaptable interface for developing web applications in Ruby. By wrapping HTTP requests and responses in the simplest way possible, it unifies and distills the API for web servers, web frameworks, and software in between (the so-called middleware) into a single method call. Also see http://rack.rubyforge.org.
Library home page: https://rubygems.org/gems/rack-1.2.3.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /home/wss-scanner/.gem/ruby/3.2.0/cache/rack-1.2.3.gem
Dependency Hierarchy: - rails-3.0.7.gem (Root Library) - actionpack-3.0.7.gem - :x: **rack-1.2.3.gem** (Vulnerable Library)
Found in HEAD commit: 4963c36f92723b7bbc7452c962577daa3cd2c98e
Found in base branch: main
### Vulnerability DetailsA reliance on cookies without validation/integrity check security vulnerability exists in rack < 2.2.3, rack < 2.1.4 that makes it is possible for an attacker to forge a secure or host-only cookie prefix.
Publish Date: 2020-06-19
URL: CVE-2020-8184
### CVSS 3 Score Details (7.5)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: High - Availability Impact: None
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://groups.google.com/forum/#!topic/rubyonrails-security/OWtmozPH9Ak
Release Date: 2020-06-19
Fix Resolution: rack - 2.1.4, 2.2.3
CVE-2016-0752
### Vulnerable Library - rails-3.0.7.gemRuby on Rails is a full-stack web framework optimized for programmer happiness and sustainable productivity. It encourages beautiful code by favoring convention over configuration.
Library home page: https://rubygems.org/gems/rails-3.0.7.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /home/wss-scanner/.gem/ruby/3.2.0/cache/rails-3.0.7.gem
Dependency Hierarchy: - :x: **rails-3.0.7.gem** (Vulnerable Library)
Found in HEAD commit: 4963c36f92723b7bbc7452c962577daa3cd2c98e
Found in base branch: main
### Vulnerability DetailsDirectory traversal vulnerability in Action View in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 allows remote attackers to read arbitrary files by leveraging an application's unrestricted use of the render method and providing a .. (dot dot) in a pathname.
Publish Date: 2016-02-16
URL: CVE-2016-0752
### CVSS 3 Score Details (7.5)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: None - Availability Impact: None
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2016-0752
Release Date: 2016-02-16
Fix Resolution: 3.2.22.1,4.1.14.1,4.2.5.1,5.0.0.beta1.1
:rescue_worker_helmet: Automatic Remediation will be attempted for this issue.
CVE-2016-0751
### Vulnerable Libraries - actionpack-3.0.7.gem, rails-3.0.7.gem### actionpack-3.0.7.gem
Web apps on Rails. Simple, battle-tested conventions for building and testing MVC web applications. Works with any Rack-compatible server.
Library home page: https://rubygems.org/gems/actionpack-3.0.7.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /home/wss-scanner/.gem/ruby/3.2.0/cache/actionpack-3.0.7.gem
Dependency Hierarchy: - rails-3.0.7.gem (Root Library) - :x: **actionpack-3.0.7.gem** (Vulnerable Library) ### rails-3.0.7.gem
Ruby on Rails is a full-stack web framework optimized for programmer happiness and sustainable productivity. It encourages beautiful code by favoring convention over configuration.
Library home page: https://rubygems.org/gems/rails-3.0.7.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /home/wss-scanner/.gem/ruby/3.2.0/cache/rails-3.0.7.gem
Dependency Hierarchy: - :x: **rails-3.0.7.gem** (Vulnerable Library)
Found in HEAD commit: 4963c36f92723b7bbc7452c962577daa3cd2c98e
Found in base branch: main
### Vulnerability Detailsactionpack/lib/action_dispatch/http/mime_type.rb in Action Pack in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 does not properly restrict use of the MIME type cache, which allows remote attackers to cause a denial of service (memory consumption) via a crafted HTTP Accept header.
Publish Date: 2016-02-16
URL: CVE-2016-0751
### CVSS 3 Score Details (7.5)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2016-0751
Release Date: 2016-02-16
Fix Resolution: 3.2.22.1,4.1.14.1,4.2.5.1,5.0.0.beta1.1
:rescue_worker_helmet: Automatic Remediation will be attempted for this issue.
CVE-2014-10077
### Vulnerable Library - i18n-0.5.0.gemNew wave Internationalization support for Ruby.
Library home page: https://rubygems.org/gems/i18n-0.5.0.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /home/wss-scanner/.gem/ruby/3.2.0/cache/i18n-0.5.0.gem
Dependency Hierarchy: - rails-3.0.7.gem (Root Library) - actionpack-3.0.7.gem - :x: **i18n-0.5.0.gem** (Vulnerable Library)
Found in HEAD commit: 4963c36f92723b7bbc7452c962577daa3cd2c98e
Found in base branch: main
### Vulnerability DetailsHash#slice in lib/i18n/core_ext/hash.rb in the i18n gem before 0.8.0 for Ruby allows remote attackers to cause a denial of service (application crash) via a call in a situation where :some_key is present in keep_keys but not present in the hash.
Publish Date: 2018-11-06
URL: CVE-2014-10077
### CVSS 3 Score Details (7.5)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2014-10077
Release Date: 2018-11-06
Fix Resolution: 0.8.0
CVE-2014-0130
### Vulnerable Library - actionpack-3.0.7.gemWeb apps on Rails. Simple, battle-tested conventions for building and testing MVC web applications. Works with any Rack-compatible server.
Library home page: https://rubygems.org/gems/actionpack-3.0.7.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /home/wss-scanner/.gem/ruby/3.2.0/cache/actionpack-3.0.7.gem
Dependency Hierarchy: - rails-3.0.7.gem (Root Library) - :x: **actionpack-3.0.7.gem** (Vulnerable Library)
Found in HEAD commit: 4963c36f92723b7bbc7452c962577daa3cd2c98e
Found in base branch: main
### Vulnerability DetailsDirectory traversal vulnerability in actionpack/lib/abstract_controller/base.rb in the implicit-render implementation in Ruby on Rails before 3.2.18, 4.0.x before 4.0.5, and 4.1.x before 4.1.1, when certain route globbing configurations are enabled, allows remote attackers to read arbitrary files via a crafted request.
Publish Date: 2014-05-07
URL: CVE-2014-0130
### CVSS 3 Score Details (7.5)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: None - Availability Impact: None
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2014-0130
Release Date: 2014-05-07
Fix Resolution: 3.2.18,4.0.5,4.1.1
CVE-2016-2098
### Vulnerable Libraries - rails-3.0.7.gem, actionpack-3.0.7.gem### rails-3.0.7.gem
Ruby on Rails is a full-stack web framework optimized for programmer happiness and sustainable productivity. It encourages beautiful code by favoring convention over configuration.
Library home page: https://rubygems.org/gems/rails-3.0.7.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /home/wss-scanner/.gem/ruby/3.2.0/cache/rails-3.0.7.gem
Dependency Hierarchy: - :x: **rails-3.0.7.gem** (Vulnerable Library) ### actionpack-3.0.7.gem
Web apps on Rails. Simple, battle-tested conventions for building and testing MVC web applications. Works with any Rack-compatible server.
Library home page: https://rubygems.org/gems/actionpack-3.0.7.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /home/wss-scanner/.gem/ruby/3.2.0/cache/actionpack-3.0.7.gem
Dependency Hierarchy: - rails-3.0.7.gem (Root Library) - :x: **actionpack-3.0.7.gem** (Vulnerable Library)
Found in HEAD commit: 4963c36f92723b7bbc7452c962577daa3cd2c98e
Found in base branch: main
### Vulnerability DetailsAction Pack in Ruby on Rails before 3.2.22.2, 4.x before 4.1.14.2, and 4.2.x before 4.2.5.2 allows remote attackers to execute arbitrary Ruby code by leveraging an application's unrestricted use of the render method.
Publish Date: 2016-04-07
URL: CVE-2016-2098
### CVSS 3 Score Details (7.3)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: Low - Integrity Impact: Low - Availability Impact: Low
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2016-2098
Release Date: 2016-04-07
Fix Resolution: 3.2.22.2,4.1.14.2,4.2.5.2
:rescue_worker_helmet: Automatic Remediation will be attempted for this issue.
CVE-2014-3482
### Vulnerable Library - activerecord-3.0.7.gemDatabases on Rails. Build a persistent domain model by mapping database tables to Ruby classes. Strong conventions for associations, validations, aggregations, migrations, and testing come baked-in.
Library home page: https://rubygems.org/gems/activerecord-3.0.7.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /home/wss-scanner/.gem/ruby/3.2.0/cache/activerecord-3.0.7.gem
Dependency Hierarchy: - rails-3.0.7.gem (Root Library) - :x: **activerecord-3.0.7.gem** (Vulnerable Library)
Found in HEAD commit: 4963c36f92723b7bbc7452c962577daa3cd2c98e
Found in base branch: main
### Vulnerability DetailsSQL injection vulnerability in activerecord/lib/active_record/connection_adapters/postgresql_adapter.rb in the PostgreSQL adapter for Active Record in Ruby on Rails 2.x and 3.x before 3.2.19 allows remote attackers to execute arbitrary SQL commands by leveraging improper bitstring quoting.
Publish Date: 2014-07-07
URL: CVE-2014-3482
### CVSS 3 Score Details (7.3)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: Low - Integrity Impact: Low - Availability Impact: Low
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2014-3482
Release Date: 2014-07-07
Fix Resolution: 3.2.19
CVE-2013-0333
### Vulnerable Library - activesupport-3.0.7.gemA toolkit of support libraries and Ruby core extensions extracted from the Rails framework. Rich support for multibyte strings, internationalization, time zones, and testing.
Library home page: https://rubygems.org/gems/activesupport-3.0.7.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /home/wss-scanner/.gem/ruby/3.2.0/cache/activesupport-3.0.7.gem
Dependency Hierarchy: - rails-3.0.7.gem (Root Library) - :x: **activesupport-3.0.7.gem** (Vulnerable Library)
Found in HEAD commit: 4963c36f92723b7bbc7452c962577daa3cd2c98e
Found in base branch: main
### Vulnerability Detailslib/active_support/json/backends/yaml.rb in Ruby on Rails 2.3.x before 2.3.16 and 3.0.x before 3.0.20 does not properly convert JSON data to YAML data for processing by a YAML parser, which allows remote attackers to execute arbitrary code, conduct SQL injection attacks, or bypass authentication via crafted data that triggers unsafe decoding, a different vulnerability than CVE-2013-0156.
Publish Date: 2013-01-30
URL: CVE-2013-0333
### CVSS 3 Score Details (7.3)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: Low - Integrity Impact: Low - Availability Impact: Low
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2013-0333
Release Date: 2013-01-30
Fix Resolution: 2.3.16,3.0.20
CVE-2013-0156
### Vulnerable Library - activesupport-3.0.7.gemA toolkit of support libraries and Ruby core extensions extracted from the Rails framework. Rich support for multibyte strings, internationalization, time zones, and testing.
Library home page: https://rubygems.org/gems/activesupport-3.0.7.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /home/wss-scanner/.gem/ruby/3.2.0/cache/activesupport-3.0.7.gem
Dependency Hierarchy: - rails-3.0.7.gem (Root Library) - :x: **activesupport-3.0.7.gem** (Vulnerable Library)
Found in HEAD commit: 4963c36f92723b7bbc7452c962577daa3cd2c98e
Found in base branch: main
### Vulnerability Detailsactive_support/core_ext/hash/conversions.rb in Ruby on Rails before 2.3.15, 3.0.x before 3.0.19, 3.1.x before 3.1.10, and 3.2.x before 3.2.11 does not properly restrict casts of string values, which allows remote attackers to conduct object-injection attacks and execute arbitrary code, or cause a denial of service (memory and CPU consumption) involving nested XML entity references, by leveraging Action Pack support for (1) YAML type conversion or (2) Symbol type conversion.
Publish Date: 2013-01-13
URL: CVE-2013-0156
### CVSS 3 Score Details (7.3)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: Low - Integrity Impact: Low - Availability Impact: Low
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2013-0156
Release Date: 2013-01-13
Fix Resolution: 2.3.15,3.0.19,3.1.10,3.2.11
CVE-2012-6496
### Vulnerable Library - activerecord-3.0.7.gemDatabases on Rails. Build a persistent domain model by mapping database tables to Ruby classes. Strong conventions for associations, validations, aggregations, migrations, and testing come baked-in.
Library home page: https://rubygems.org/gems/activerecord-3.0.7.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /home/wss-scanner/.gem/ruby/3.2.0/cache/activerecord-3.0.7.gem
Dependency Hierarchy: - rails-3.0.7.gem (Root Library) - :x: **activerecord-3.0.7.gem** (Vulnerable Library)
Found in HEAD commit: 4963c36f92723b7bbc7452c962577daa3cd2c98e
Found in base branch: main
### Vulnerability DetailsSQL injection vulnerability in the Active Record component in Ruby on Rails before 3.0.18, 3.1.x before 3.1.9, and 3.2.x before 3.2.10 allows remote attackers to execute arbitrary SQL commands via a crafted request that leverages incorrect behavior of dynamic finders in applications that can use unexpected data types in certain find_by_ method calls.
Publish Date: 2013-01-04
URL: CVE-2012-6496
### CVSS 3 Score Details (7.3)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: Low - Integrity Impact: Low - Availability Impact: Low
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2012-6496
Release Date: 2013-01-04
Fix Resolution: 3.0.18,3.1.9,3.2.10
CVE-2012-2695
### Vulnerable Library - activerecord-3.0.7.gemDatabases on Rails. Build a persistent domain model by mapping database tables to Ruby classes. Strong conventions for associations, validations, aggregations, migrations, and testing come baked-in.
Library home page: https://rubygems.org/gems/activerecord-3.0.7.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /home/wss-scanner/.gem/ruby/3.2.0/cache/activerecord-3.0.7.gem
Dependency Hierarchy: - rails-3.0.7.gem (Root Library) - :x: **activerecord-3.0.7.gem** (Vulnerable Library)
Found in HEAD commit: 4963c36f92723b7bbc7452c962577daa3cd2c98e
Found in base branch: main
### Vulnerability DetailsThe Active Record component in Ruby on Rails before 3.0.14, 3.1.x before 3.1.6, and 3.2.x before 3.2.6 does not properly implement the passing of request data to a where method in an ActiveRecord class, which allows remote attackers to conduct certain SQL injection attacks via nested query parameters that leverage improper handling of nested hashes, a related issue to CVE-2012-2661.
Publish Date: 2012-06-22
URL: CVE-2012-2695
### CVSS 3 Score Details (7.3)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: Low - Integrity Impact: Low - Availability Impact: Low
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2012-2695
Release Date: 2012-06-22
Fix Resolution: 3.0.14,3.1.6,3.2.6
CVE-2012-2140
### Vulnerable Library - mail-2.2.19.gemA really Ruby Mail handler.
Library home page: https://rubygems.org/gems/mail-2.2.19.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /home/wss-scanner/.gem/ruby/3.2.0/cache/mail-2.2.19.gem
Dependency Hierarchy: - rails-3.0.7.gem (Root Library) - actionmailer-3.0.7.gem - :x: **mail-2.2.19.gem** (Vulnerable Library)
Found in HEAD commit: 4963c36f92723b7bbc7452c962577daa3cd2c98e
Found in base branch: main
### Vulnerability DetailsThe Mail gem before 2.4.3 for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a (1) sendmail or (2) exim delivery.
Publish Date: 2012-07-18
URL: CVE-2012-2140
### CVSS 3 Score Details (7.3)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: Low - Integrity Impact: Low - Availability Impact: Low
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2012-2140
Release Date: 2012-07-18
Fix Resolution: 2.4.3
CVE-2020-8167
### Vulnerable Library - rails-3.0.7.gemRuby on Rails is a full-stack web framework optimized for programmer happiness and sustainable productivity. It encourages beautiful code by favoring convention over configuration.
Library home page: https://rubygems.org/gems/rails-3.0.7.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /home/wss-scanner/.gem/ruby/3.2.0/cache/rails-3.0.7.gem
Dependency Hierarchy: - :x: **rails-3.0.7.gem** (Vulnerable Library)
Found in HEAD commit: 4963c36f92723b7bbc7452c962577daa3cd2c98e
Found in base branch: main
### Vulnerability DetailsA CSRF vulnerability exists in rails <= 6.0.3 rails-ujs module that could allow attackers to send CSRF tokens to wrong domains.
Publish Date: 2020-06-19
URL: CVE-2020-8167
### CVSS 3 Score Details (6.5)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: Required - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: High - Availability Impact: None
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://rubygems.org/gems/rails/versions/6.0.3.1
Release Date: 2020-06-19
Fix Resolution: 6.0.3.1,5.2.4.3
:rescue_worker_helmet: Automatic Remediation will be attempted for this issue.
CVE-2013-6417
### Vulnerable Library - actionpack-3.0.7.gemWeb apps on Rails. Simple, battle-tested conventions for building and testing MVC web applications. Works with any Rack-compatible server.
Library home page: https://rubygems.org/gems/actionpack-3.0.7.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /home/wss-scanner/.gem/ruby/3.2.0/cache/actionpack-3.0.7.gem
Dependency Hierarchy: - rails-3.0.7.gem (Root Library) - :x: **actionpack-3.0.7.gem** (Vulnerable Library)
Found in HEAD commit: 4963c36f92723b7bbc7452c962577daa3cd2c98e
Found in base branch: main
### Vulnerability Detailsactionpack/lib/action_dispatch/http/request.rb in Ruby on Rails before 3.2.16 and 4.x before 4.0.2 does not properly consider differences in parameter handling between the Active Record component and the JSON implementation, which allows remote attackers to bypass intended database-query restrictions and perform NULL checks or trigger missing WHERE clauses via a crafted request that leverages (1) third-party Rack middleware or (2) custom Rack middleware. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-0155.
Publish Date: 2013-12-07
URL: CVE-2013-6417
### CVSS 3 Score Details (6.5)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: Low - Integrity Impact: Low - Availability Impact: None
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2013-6417
Release Date: 2013-12-07
Fix Resolution: 3.2.16,4.0.2
:rescue_worker_helmet:Automatic Remediation will be attempted for this issue.