Ruby on Rails is a full-stack web framework optimized for programmer happiness and sustainable productivity. It encourages beautiful code by favoring convention over configuration.
*For some transitive vulnerabilities, there is no version of direct dependency with a fix. Check the "Details" section below to see if there is a version of transitive dependency where vulnerability is fixed.
**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation
Databases on Rails. Build a persistent domain model by mapping database tables to Ruby classes. Strong conventions for associations, validations, aggregations, migrations, and testing come baked-in.
A possible escalation to RCE vulnerability exists when using YAML serialized columns in Active Record < 7.0.3.1, <6.1.6.1, <6.0.5.1 and <5.2.8.1 which could allow an attacker, that can manipulate data in the database (via means like SQL injection), the ability to escalate to an RCE.
Databases on Rails. Build a persistent domain model by mapping database tables to Ruby classes. Strong conventions for associations, validations, aggregations, migrations, and testing come baked-in.
A vulnerability in ActiveRecord <6.0.6.1, v6.1.7.1 and v7.0.4.1 related to the sanitization of comments. If malicious user input is passed to either the `annotate` query method, the `optimizer_hints` query method, or through the QueryLogs interface which automatically adds annotations, it may be sent to the database withinsufficient sanitization and be able to inject SQL outside of the comment.
A ReDoS based DoS vulnerability in the GlobalID <1.0.1 which could allow an attacker supplying a carefully crafted input can cause the regular expression engine to take an unexpected amount of time. All users running an affected release should either upgrade or use one of the workarounds immediately.
Databases on Rails. Build a persistent domain model by mapping database tables to Ruby classes. Strong conventions for associations, validations, aggregations, migrations, and testing come baked-in.
A denial of service vulnerability present in ActiveRecord's PostgreSQL adapter <7.0.4.1 and <6.1.7.1. When a value outside the range for a 64bit signed integer is provided to the PostgreSQL connection adapter, it will treat the target column type as numeric. Comparing integer values against numeric values can result in a slow sequential scan resulting in potential Denial of Service.
Ruby on Rails is a full-stack web framework optimized for programmer happiness and sustainable productivity. It encourages beautiful code by favoring convention over configuration.
Databases on Rails. Build a persistent domain model by mapping database tables to Ruby classes. Strong conventions for associations, validations, aggregations, migrations, and testing come baked-in.
The PostgreSQL adapter in Active Record before 6.1.2.1, 6.0.3.5, 5.2.4.5 suffers from a regular expression denial of service (REDoS) vulnerability. Carefully crafted input can cause the input validation in the `money` type of the PostgreSQL adapter in Active Record to spend too much time in a regular expression, resulting in the potential for a DoS attack. This only impacts Rails applications that are using PostgreSQL along with money type columns that take user input.
:rescue_worker_helmet: Automatic Remediation will be attempted for this issue.
CVE-2020-8167
### Vulnerable Library - rails-5.0.7.2.gem
Ruby on Rails is a full-stack web framework optimized for programmer happiness and sustainable productivity. It encourages beautiful code by favoring convention over configuration.
:rescue_worker_helmet: Automatic Remediation will be attempted for this issue.
CVE-2010-3299
### Vulnerable Library - rails-5.0.7.2.gem
Ruby on Rails is a full-stack web framework optimized for programmer happiness and sustainable productivity. It encourages beautiful code by favoring convention over configuration.
:rescue_worker_helmet: Automatic Remediation will be attempted for this issue.
CVE-2023-28120
### Vulnerable Library - rails-5.0.7.2.gem
Ruby on Rails is a full-stack web framework optimized for programmer happiness and sustainable productivity. It encourages beautiful code by favoring convention over configuration.
A Possible XSS Security Vulnerability was discovered in ActiveSupport if the new bytesplice method is called on a SafeBuffer with untrusted user input. ActiveSupport if the new bytesplice method is called on a SafeBuffer with untrusted user input. All versions before 6.1.7.3 and 7.x before 7.0.4.3 are affected.
:rescue_worker_helmet: Automatic Remediation will be attempted for this issue.
CVE-2024-47889
### Vulnerable Library - actionmailer-5.0.7.2.gem
Email on Rails. Compose, deliver, receive, and test emails using the familiar controller/view pattern. First-class support for multipart email and attachments.
Action Mailer is a framework for designing email service layers. Starting in version 3.0.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1, there is a possible ReDoS vulnerability in the block_format helper in Action Mailer. Carefully crafted text can cause the block_format helper to take an unexpected amount of time, possibly resulting in a DoS vulnerability. All users running an affected release should either upgrade to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, or 7.2.1.1 or apply the relevant patch immediately. As a workaround, users can avoid calling the `block_format` helper or upgrade to Ruby 3.2. Ruby 3.2 has mitigations for this problem, so Rails applications using Ruby 3.2 or newer are unaffected. Rails 8.0.0.beta1 requires Ruby 3.2 or greater so is unaffected.
Ruby on Rails is a full-stack web framework optimized for programmer happiness and sustainable productivity. It encourages beautiful code by favoring convention over configuration.
Library home page: https://rubygems.org/gems/rails-5.0.7.2.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /em/ruby/2.7.0/cache/rails-5.0.7.2.gem
Found in HEAD commit: ab21a9f862ff3da3db0787ca394d129f490c3cfe
Vulnerabilities
*For some transitive vulnerabilities, there is no version of direct dependency with a fix. Check the "Details" section below to see if there is a version of transitive dependency where vulnerability is fixed.
**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation
Details
CVE-2022-32224
### Vulnerable Library - activerecord-5.0.7.2.gemDatabases on Rails. Build a persistent domain model by mapping database tables to Ruby classes. Strong conventions for associations, validations, aggregations, migrations, and testing come baked-in.
Library home page: https://rubygems.org/gems/activerecord-5.0.7.2.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /home/wss-scanner/.gem/ruby/2.7.0/cache/activerecord-5.0.7.2.gem
Dependency Hierarchy: - rails-5.0.7.2.gem (Root Library) - :x: **activerecord-5.0.7.2.gem** (Vulnerable Library)
Found in HEAD commit: ab21a9f862ff3da3db0787ca394d129f490c3cfe
Found in base branch: main
### Vulnerability DetailsA possible escalation to RCE vulnerability exists when using YAML serialized columns in Active Record < 7.0.3.1, <6.1.6.1, <6.0.5.1 and <5.2.8.1 which could allow an attacker, that can manipulate data in the database (via means like SQL injection), the ability to escalate to an RCE.
Publish Date: 2022-12-05
URL: CVE-2022-32224
### Threat AssessmentExploit Maturity: Not Defined
EPSS: 0.1%
### CVSS 3 Score Details (9.8)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://github.com/advisories/GHSA-3hhc-qp5v-9p2j
Release Date: 2022-12-05
Fix Resolution: activerecord - 5.2.8.1,6.0.5.1,6.1.6.1,7.0.3.1
CVE-2023-22794
### Vulnerable Library - activerecord-5.0.7.2.gemDatabases on Rails. Build a persistent domain model by mapping database tables to Ruby classes. Strong conventions for associations, validations, aggregations, migrations, and testing come baked-in.
Library home page: https://rubygems.org/gems/activerecord-5.0.7.2.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /home/wss-scanner/.gem/ruby/2.7.0/cache/activerecord-5.0.7.2.gem
Dependency Hierarchy: - rails-5.0.7.2.gem (Root Library) - :x: **activerecord-5.0.7.2.gem** (Vulnerable Library)
Found in HEAD commit: ab21a9f862ff3da3db0787ca394d129f490c3cfe
Found in base branch: main
### Vulnerability DetailsA vulnerability in ActiveRecord <6.0.6.1, v6.1.7.1 and v7.0.4.1 related to the sanitization of comments. If malicious user input is passed to either the `annotate` query method, the `optimizer_hints` query method, or through the QueryLogs interface which automatically adds annotations, it may be sent to the database withinsufficient sanitization and be able to inject SQL outside of the comment.
Publish Date: 2023-02-09
URL: CVE-2023-22794
### Threat AssessmentExploit Maturity: Not Defined
EPSS: 0.2%
### CVSS 3 Score Details (8.8)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: Low - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://github.com/advisories/GHSA-hq7p-j377-6v63
Release Date: 2023-02-09
Fix Resolution: activerecord - 6.0.6.1,6.1.7.1,7.0.4.1
CVE-2023-22799
### Vulnerable Library - globalid-1.0.0.gemURIs for your models makes it easy to pass references around.
Library home page: https://rubygems.org/gems/globalid-1.0.0.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /home/wss-scanner/.gem/ruby/2.7.0/cache/globalid-1.0.0.gem
Dependency Hierarchy: - rails-5.0.7.2.gem (Root Library) - actionmailer-5.0.7.2.gem - activejob-5.0.7.2.gem - :x: **globalid-1.0.0.gem** (Vulnerable Library)
Found in HEAD commit: ab21a9f862ff3da3db0787ca394d129f490c3cfe
Found in base branch: main
### Vulnerability DetailsA ReDoS based DoS vulnerability in the GlobalID <1.0.1 which could allow an attacker supplying a carefully crafted input can cause the regular expression engine to take an unexpected amount of time. All users running an affected release should either upgrade or use one of the workarounds immediately.
Publish Date: 2023-02-09
URL: CVE-2023-22799
### Threat AssessmentExploit Maturity: Not Defined
EPSS: 0.1%
### CVSS 3 Score Details (7.5)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://github.com/advisories/GHSA-23c2-gwp5-pxw9
Release Date: 2023-02-09
Fix Resolution: globalid - 1.0.1
CVE-2022-44566
### Vulnerable Library - activerecord-5.0.7.2.gemDatabases on Rails. Build a persistent domain model by mapping database tables to Ruby classes. Strong conventions for associations, validations, aggregations, migrations, and testing come baked-in.
Library home page: https://rubygems.org/gems/activerecord-5.0.7.2.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /home/wss-scanner/.gem/ruby/2.7.0/cache/activerecord-5.0.7.2.gem
Dependency Hierarchy: - rails-5.0.7.2.gem (Root Library) - :x: **activerecord-5.0.7.2.gem** (Vulnerable Library)
Found in HEAD commit: ab21a9f862ff3da3db0787ca394d129f490c3cfe
Found in base branch: main
### Vulnerability DetailsA denial of service vulnerability present in ActiveRecord's PostgreSQL adapter <7.0.4.1 and <6.1.7.1. When a value outside the range for a 64bit signed integer is provided to the PostgreSQL connection adapter, it will treat the target column type as numeric. Comparing integer values against numeric values can result in a slow sequential scan resulting in potential Denial of Service.
Publish Date: 2023-02-09
URL: CVE-2022-44566
### Threat AssessmentExploit Maturity: Not Defined
EPSS: 0.1%
### CVSS 3 Score Details (7.5)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://github.com/advisories/GHSA-579w-22j4-4749
Release Date: 2023-02-09
Fix Resolution: activerecord - 6.1.7.1,7.0.4.1
CVE-2021-22880
### Vulnerable Libraries - rails-5.0.7.2.gem, activerecord-5.0.7.2.gem### rails-5.0.7.2.gem
Ruby on Rails is a full-stack web framework optimized for programmer happiness and sustainable productivity. It encourages beautiful code by favoring convention over configuration.
Library home page: https://rubygems.org/gems/rails-5.0.7.2.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /em/ruby/2.7.0/cache/rails-5.0.7.2.gem
Dependency Hierarchy: - :x: **rails-5.0.7.2.gem** (Vulnerable Library) ### activerecord-5.0.7.2.gem
Databases on Rails. Build a persistent domain model by mapping database tables to Ruby classes. Strong conventions for associations, validations, aggregations, migrations, and testing come baked-in.
Library home page: https://rubygems.org/gems/activerecord-5.0.7.2.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /home/wss-scanner/.gem/ruby/2.7.0/cache/activerecord-5.0.7.2.gem
Dependency Hierarchy: - rails-5.0.7.2.gem (Root Library) - :x: **activerecord-5.0.7.2.gem** (Vulnerable Library)
Found in HEAD commit: ab21a9f862ff3da3db0787ca394d129f490c3cfe
Found in base branch: main
### Vulnerability DetailsThe PostgreSQL adapter in Active Record before 6.1.2.1, 6.0.3.5, 5.2.4.5 suffers from a regular expression denial of service (REDoS) vulnerability. Carefully crafted input can cause the input validation in the `money` type of the PostgreSQL adapter in Active Record to spend too much time in a regular expression, resulting in the potential for a DoS attack. This only impacts Rails applications that are using PostgreSQL along with money type columns that take user input.
Publish Date: 2021-02-11
URL: CVE-2021-22880
### Threat AssessmentExploit Maturity: Not Defined
EPSS: 0.6%
### CVSS 3 Score Details (7.5)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://discuss.rubyonrails.org/t/cve-2021-22880-possible-dos-vulnerability-in-active-record-postgresql-adapter/77129
Release Date: 2021-02-11
Fix Resolution: 5.2.4.5,6.0.3.5,6.1.2.1
:rescue_worker_helmet: Automatic Remediation will be attempted for this issue.
CVE-2020-8167
### Vulnerable Library - rails-5.0.7.2.gemRuby on Rails is a full-stack web framework optimized for programmer happiness and sustainable productivity. It encourages beautiful code by favoring convention over configuration.
Library home page: https://rubygems.org/gems/rails-5.0.7.2.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /em/ruby/2.7.0/cache/rails-5.0.7.2.gem
Dependency Hierarchy: - :x: **rails-5.0.7.2.gem** (Vulnerable Library)
Found in HEAD commit: ab21a9f862ff3da3db0787ca394d129f490c3cfe
Found in base branch: main
### Vulnerability DetailsA CSRF vulnerability exists in rails <= 6.0.3 rails-ujs module that could allow attackers to send CSRF tokens to wrong domains.
Publish Date: 2020-06-19
URL: CVE-2020-8167
### Threat AssessmentExploit Maturity: Not Defined
EPSS: 0.2%
### CVSS 3 Score Details (6.5)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: Required - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: High - Availability Impact: None
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://rubygems.org/gems/rails/versions/6.0.3.1
Release Date: 2020-06-19
Fix Resolution: 6.0.3.1,5.2.4.3
:rescue_worker_helmet: Automatic Remediation will be attempted for this issue.
CVE-2010-3299
### Vulnerable Library - rails-5.0.7.2.gemRuby on Rails is a full-stack web framework optimized for programmer happiness and sustainable productivity. It encourages beautiful code by favoring convention over configuration.
Library home page: https://rubygems.org/gems/rails-5.0.7.2.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /em/ruby/2.7.0/cache/rails-5.0.7.2.gem
Dependency Hierarchy: - :x: **rails-5.0.7.2.gem** (Vulnerable Library)
Found in HEAD commit: ab21a9f862ff3da3db0787ca394d129f490c3cfe
Found in base branch: main
### Vulnerability DetailsThe encrypt/decrypt functions in Ruby on Rails 2.3 are vulnerable to padding oracle attacks.
Publish Date: 2019-11-12
URL: CVE-2010-3299
### Threat AssessmentExploit Maturity: Not Defined
EPSS: 0.5%
### CVSS 3 Score Details (6.5)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: Required - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: None - Availability Impact: None
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3299
Release Date: 2019-11-12
Fix Resolution: rails - 5.2.0.beta1
:rescue_worker_helmet: Automatic Remediation will be attempted for this issue.
CVE-2023-28120
### Vulnerable Library - rails-5.0.7.2.gemRuby on Rails is a full-stack web framework optimized for programmer happiness and sustainable productivity. It encourages beautiful code by favoring convention over configuration.
Library home page: https://rubygems.org/gems/rails-5.0.7.2.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /em/ruby/2.7.0/cache/rails-5.0.7.2.gem
Dependency Hierarchy: - :x: **rails-5.0.7.2.gem** (Vulnerable Library)
Found in HEAD commit: ab21a9f862ff3da3db0787ca394d129f490c3cfe
Found in base branch: main
### Vulnerability DetailsA Possible XSS Security Vulnerability was discovered in ActiveSupport if the new bytesplice method is called on a SafeBuffer with untrusted user input. ActiveSupport if the new bytesplice method is called on a SafeBuffer with untrusted user input. All versions before 6.1.7.3 and 7.x before 7.0.4.3 are affected.
Publish Date: 2024-10-13
URL: CVE-2023-28120
### Threat AssessmentExploit Maturity: Not Defined
EPSS:
### CVSS 3 Score Details (6.1)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: Required - Scope: Changed - Impact Metrics: - Confidentiality Impact: Low - Integrity Impact: Low - Availability Impact: None
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://discuss.rubyonrails.org/t/cve-2023-28120-possible-xss-security-vulnerability-in-safebuffer-bytesplice/82469
Release Date: 2024-10-13
Fix Resolution: rails - 6.1.7.3,7.0.4.3
:rescue_worker_helmet: Automatic Remediation will be attempted for this issue.
CVE-2024-47889
### Vulnerable Library - actionmailer-5.0.7.2.gemEmail on Rails. Compose, deliver, receive, and test emails using the familiar controller/view pattern. First-class support for multipart email and attachments.
Library home page: https://rubygems.org/gems/actionmailer-5.0.7.2.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /home/wss-scanner/.gem/ruby/2.7.0/cache/actionmailer-5.0.7.2.gem
Dependency Hierarchy: - rails-5.0.7.2.gem (Root Library) - :x: **actionmailer-5.0.7.2.gem** (Vulnerable Library)
Found in HEAD commit: ab21a9f862ff3da3db0787ca394d129f490c3cfe
Found in base branch: main
### Vulnerability DetailsAction Mailer is a framework for designing email service layers. Starting in version 3.0.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1, there is a possible ReDoS vulnerability in the block_format helper in Action Mailer. Carefully crafted text can cause the block_format helper to take an unexpected amount of time, possibly resulting in a DoS vulnerability. All users running an affected release should either upgrade to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, or 7.2.1.1 or apply the relevant patch immediately. As a workaround, users can avoid calling the `block_format` helper or upgrade to Ruby 3.2. Ruby 3.2 has mitigations for this problem, so Rails applications using Ruby 3.2 or newer are unaffected. Rails 8.0.0.beta1 requires Ruby 3.2 or greater so is unaffected.
Publish Date: 2024-10-16
URL: CVE-2024-47889
### Threat AssessmentExploit Maturity: Not Defined
EPSS: 0.0%
### CVSS 3 Score Details (5.3)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: Low
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://github.com/rails/rails/security/advisories/GHSA-h47h-mwp9-c6q6
Release Date: 2024-10-16
Fix Resolution: actionmailer - 6.1.7.9,7.0.8.5,7.1.4.1,7.2.1.1
:rescue_worker_helmet:Automatic Remediation will be attempted for this issue.