Ruby on Rails is a full-stack web framework optimized for programmer happiness and sustainable productivity. It encourages beautiful code by favoring convention over configuration.
*For some transitive vulnerabilities, there is no version of direct dependency with a fix. Check the "Details" section below to see if there is a version of transitive dependency where vulnerability is fixed.
**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation
Databases on Rails. Build a persistent domain model by mapping database tables to Ruby classes. Strong conventions for associations, validations, aggregations, migrations, and testing come baked-in.
A possible escalation to RCE vulnerability exists when using YAML serialized columns in Active Record < 7.0.3.1, <6.1.6.1, <6.0.5.1 and <5.2.8.1 which could allow an attacker, that can manipulate data in the database (via means like SQL injection), the ability to escalate to an RCE.
Databases on Rails. Build a persistent domain model by mapping database tables to Ruby classes. Strong conventions for associations, validations, aggregations, migrations, and testing come baked-in.
A vulnerability in ActiveRecord <6.0.6.1, v6.1.7.1 and v7.0.4.1 related to the sanitization of comments. If malicious user input is passed to either the `annotate` query method, the `optimizer_hints` query method, or through the QueryLogs interface which automatically adds annotations, it may be sent to the database withinsufficient sanitization and be able to inject SQL outside of the comment.
A ReDoS based DoS vulnerability in the GlobalID <1.0.1 which could allow an attacker supplying a carefully crafted input can cause the regular expression engine to take an unexpected amount of time. All users running an affected release should either upgrade or use one of the workarounds immediately.
Databases on Rails. Build a persistent domain model by mapping database tables to Ruby classes. Strong conventions for associations, validations, aggregations, migrations, and testing come baked-in.
A denial of service vulnerability present in ActiveRecord's PostgreSQL adapter <7.0.4.1 and <6.1.7.1. When a value outside the range for a 64bit signed integer is provided to the PostgreSQL connection adapter, it will treat the target column type as numeric. Comparing integer values against numeric values can result in a slow sequential scan resulting in potential Denial of Service.
Databases on Rails. Build a persistent domain model by mapping database tables to Ruby classes. Strong conventions for associations, validations, aggregations, migrations, and testing come baked-in.
Ruby on Rails is a full-stack web framework optimized for programmer happiness and sustainable productivity. It encourages beautiful code by favoring convention over configuration.
The PostgreSQL adapter in Active Record before 6.1.2.1, 6.0.3.5, 5.2.4.5 suffers from a regular expression denial of service (REDoS) vulnerability. Carefully crafted input can cause the input validation in the `money` type of the PostgreSQL adapter in Active Record to spend too much time in a regular expression, resulting in the potential for a DoS attack. This only impacts Rails applications that are using PostgreSQL along with money type columns that take user input.
websocket-extensions ruby module prior to 0.1.5 allows Denial of Service (DoS) via Regex Backtracking. The extension parser may take quadratic time when parsing a header containing an unclosed string parameter value whose content is a repeating two-byte sequence of a backslash and some other character. This could be abused by an attacker to conduct Regex Denial Of Service (ReDoS) on a single-threaded server by providing a malicious payload with the Sec-WebSocket-Extensions header.
Ruby on Rails is a full-stack web framework optimized for programmer happiness and sustainable productivity. It encourages beautiful code by favoring convention over configuration.
There is a possible denial of service vulnerability in Action View (Rails) <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.11.1 where specially crafted accept headers can cause action view to consume 100% cpu and make the server unresponsive.
:rescue_worker_helmet: Automatic Remediation will be attempted for this issue.
CVE-2019-5418
### Vulnerable Library - rails-5.0.1.gem
Ruby on Rails is a full-stack web framework optimized for programmer happiness and sustainable productivity. It encourages beautiful code by favoring convention over configuration.
There is a File Content Disclosure vulnerability in Action View <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.11.1 and v3 where specially crafted accept headers can cause contents of arbitrary files on the target system's filesystem to be exposed.
:rescue_worker_helmet: Automatic Remediation will be attempted for this issue.
CVE-2018-16476
### Vulnerable Library - rails-5.0.1.gem
Ruby on Rails is a full-stack web framework optimized for programmer happiness and sustainable productivity. It encourages beautiful code by favoring convention over configuration.
A Broken Access Control vulnerability in Active Job versions >= 4.2.0 allows an attacker to craft user input which can cause Active Job to deserialize it using GlobalId and give them access to information that they should not have. This vulnerability has been fixed in versions 4.2.11, 5.0.7.1, 5.1.6.1, and 5.2.1.1.
:rescue_worker_helmet: Automatic Remediation will be attempted for this issue.
CVE-2020-8167
### Vulnerable Library - rails-5.0.1.gem
Ruby on Rails is a full-stack web framework optimized for programmer happiness and sustainable productivity. It encourages beautiful code by favoring convention over configuration.
:rescue_worker_helmet: Automatic Remediation will be attempted for this issue.
CVE-2010-3299
### Vulnerable Library - rails-5.0.1.gem
Ruby on Rails is a full-stack web framework optimized for programmer happiness and sustainable productivity. It encourages beautiful code by favoring convention over configuration.
:rescue_worker_helmet: Automatic Remediation will be attempted for this issue.
CVE-2023-28120
### Vulnerable Library - rails-5.0.1.gem
Ruby on Rails is a full-stack web framework optimized for programmer happiness and sustainable productivity. It encourages beautiful code by favoring convention over configuration.
A Possible XSS Security Vulnerability was discovered in ActiveSupport if the new bytesplice method is called on a SafeBuffer with untrusted user input. ActiveSupport if the new bytesplice method is called on a SafeBuffer with untrusted user input. All versions before 6.1.7.3 and 7.x before 7.0.4.3 are affected.
:rescue_worker_helmet: Automatic Remediation will be attempted for this issue.
CVE-2024-47889
### Vulnerable Library - actionmailer-5.0.1.gem
Email on Rails. Compose, deliver, receive, and test emails using the familiar controller/view pattern. First-class support for multipart email and attachments.
Action Mailer is a framework for designing email service layers. Starting in version 3.0.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1, there is a possible ReDoS vulnerability in the block_format helper in Action Mailer. Carefully crafted text can cause the block_format helper to take an unexpected amount of time, possibly resulting in a DoS vulnerability. All users running an affected release should either upgrade to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, or 7.2.1.1 or apply the relevant patch immediately. As a workaround, users can avoid calling the `block_format` helper or upgrade to Ruby 3.2. Ruby 3.2 has mitigations for this problem, so Rails applications using Ruby 3.2 or newer are unaffected. Rails 8.0.0.beta1 requires Ruby 3.2 or greater so is unaffected.
Ruby on Rails is a full-stack web framework optimized for programmer happiness and sustainable productivity. It encourages beautiful code by favoring convention over configuration.
Library home page: https://rubygems.org/gems/rails-5.0.1.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /he/rails-5.0.1.gem
Found in HEAD commit: 4f74f4cb61ae8aaa9de0e2a123d587b45caa7bdb
Vulnerabilities
*For some transitive vulnerabilities, there is no version of direct dependency with a fix. Check the "Details" section below to see if there is a version of transitive dependency where vulnerability is fixed.
**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation
Details
CVE-2022-32224
### Vulnerable Library - activerecord-5.0.1.gemDatabases on Rails. Build a persistent domain model by mapping database tables to Ruby classes. Strong conventions for associations, validations, aggregations, migrations, and testing come baked-in.
Library home page: https://rubygems.org/gems/activerecord-5.0.1.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /home/wss-scanner/.gem/ruby/2.7.0/cache/activerecord-5.0.1.gem
Dependency Hierarchy: - rails-5.0.1.gem (Root Library) - :x: **activerecord-5.0.1.gem** (Vulnerable Library)
Found in HEAD commit: 4f74f4cb61ae8aaa9de0e2a123d587b45caa7bdb
Found in base branch: main
### Vulnerability DetailsA possible escalation to RCE vulnerability exists when using YAML serialized columns in Active Record < 7.0.3.1, <6.1.6.1, <6.0.5.1 and <5.2.8.1 which could allow an attacker, that can manipulate data in the database (via means like SQL injection), the ability to escalate to an RCE.
Publish Date: 2022-12-05
URL: CVE-2022-32224
### Threat AssessmentExploit Maturity: Not Defined
EPSS: 0.1%
### CVSS 3 Score Details (9.8)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://github.com/advisories/GHSA-3hhc-qp5v-9p2j
Release Date: 2022-12-05
Fix Resolution: activerecord - 5.2.8.1,6.0.5.1,6.1.6.1,7.0.3.1
CVE-2023-22794
### Vulnerable Library - activerecord-5.0.1.gemDatabases on Rails. Build a persistent domain model by mapping database tables to Ruby classes. Strong conventions for associations, validations, aggregations, migrations, and testing come baked-in.
Library home page: https://rubygems.org/gems/activerecord-5.0.1.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /home/wss-scanner/.gem/ruby/2.7.0/cache/activerecord-5.0.1.gem
Dependency Hierarchy: - rails-5.0.1.gem (Root Library) - :x: **activerecord-5.0.1.gem** (Vulnerable Library)
Found in HEAD commit: 4f74f4cb61ae8aaa9de0e2a123d587b45caa7bdb
Found in base branch: main
### Vulnerability DetailsA vulnerability in ActiveRecord <6.0.6.1, v6.1.7.1 and v7.0.4.1 related to the sanitization of comments. If malicious user input is passed to either the `annotate` query method, the `optimizer_hints` query method, or through the QueryLogs interface which automatically adds annotations, it may be sent to the database withinsufficient sanitization and be able to inject SQL outside of the comment.
Publish Date: 2023-02-09
URL: CVE-2023-22794
### Threat AssessmentExploit Maturity: Not Defined
EPSS: 0.2%
### CVSS 3 Score Details (8.8)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: Low - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://github.com/advisories/GHSA-hq7p-j377-6v63
Release Date: 2023-02-09
Fix Resolution: activerecord - 6.0.6.1,6.1.7.1,7.0.4.1
CVE-2023-22799
### Vulnerable Library - globalid-0.3.7.gemURIs for your models makes it easy to pass references around.
Library home page: https://rubygems.org/gems/globalid-0.3.7.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /home/wss-scanner/.gem/ruby/2.7.0/cache/globalid-0.3.7.gem
Dependency Hierarchy: - rails-5.0.1.gem (Root Library) - actionmailer-5.0.1.gem - activejob-5.0.1.gem - :x: **globalid-0.3.7.gem** (Vulnerable Library)
Found in HEAD commit: 4f74f4cb61ae8aaa9de0e2a123d587b45caa7bdb
Found in base branch: main
### Vulnerability DetailsA ReDoS based DoS vulnerability in the GlobalID <1.0.1 which could allow an attacker supplying a carefully crafted input can cause the regular expression engine to take an unexpected amount of time. All users running an affected release should either upgrade or use one of the workarounds immediately.
Publish Date: 2023-02-09
URL: CVE-2023-22799
### Threat AssessmentExploit Maturity: Not Defined
EPSS: 0.1%
### CVSS 3 Score Details (7.5)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://github.com/advisories/GHSA-23c2-gwp5-pxw9
Release Date: 2023-02-09
Fix Resolution: globalid - 1.0.1
CVE-2022-44566
### Vulnerable Library - activerecord-5.0.1.gemDatabases on Rails. Build a persistent domain model by mapping database tables to Ruby classes. Strong conventions for associations, validations, aggregations, migrations, and testing come baked-in.
Library home page: https://rubygems.org/gems/activerecord-5.0.1.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /home/wss-scanner/.gem/ruby/2.7.0/cache/activerecord-5.0.1.gem
Dependency Hierarchy: - rails-5.0.1.gem (Root Library) - :x: **activerecord-5.0.1.gem** (Vulnerable Library)
Found in HEAD commit: 4f74f4cb61ae8aaa9de0e2a123d587b45caa7bdb
Found in base branch: main
### Vulnerability DetailsA denial of service vulnerability present in ActiveRecord's PostgreSQL adapter <7.0.4.1 and <6.1.7.1. When a value outside the range for a 64bit signed integer is provided to the PostgreSQL connection adapter, it will treat the target column type as numeric. Comparing integer values against numeric values can result in a slow sequential scan resulting in potential Denial of Service.
Publish Date: 2023-02-09
URL: CVE-2022-44566
### Threat AssessmentExploit Maturity: Not Defined
EPSS: 0.1%
### CVSS 3 Score Details (7.5)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://github.com/advisories/GHSA-579w-22j4-4749
Release Date: 2023-02-09
Fix Resolution: activerecord - 6.1.7.1,7.0.4.1
CVE-2021-22880
### Vulnerable Libraries - activerecord-5.0.1.gem, rails-5.0.1.gem### activerecord-5.0.1.gem
Databases on Rails. Build a persistent domain model by mapping database tables to Ruby classes. Strong conventions for associations, validations, aggregations, migrations, and testing come baked-in.
Library home page: https://rubygems.org/gems/activerecord-5.0.1.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /home/wss-scanner/.gem/ruby/2.7.0/cache/activerecord-5.0.1.gem
Dependency Hierarchy: - rails-5.0.1.gem (Root Library) - :x: **activerecord-5.0.1.gem** (Vulnerable Library) ### rails-5.0.1.gem
Ruby on Rails is a full-stack web framework optimized for programmer happiness and sustainable productivity. It encourages beautiful code by favoring convention over configuration.
Library home page: https://rubygems.org/gems/rails-5.0.1.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /he/rails-5.0.1.gem
Dependency Hierarchy: - :x: **rails-5.0.1.gem** (Vulnerable Library)
Found in HEAD commit: 4f74f4cb61ae8aaa9de0e2a123d587b45caa7bdb
Found in base branch: main
### Vulnerability DetailsThe PostgreSQL adapter in Active Record before 6.1.2.1, 6.0.3.5, 5.2.4.5 suffers from a regular expression denial of service (REDoS) vulnerability. Carefully crafted input can cause the input validation in the `money` type of the PostgreSQL adapter in Active Record to spend too much time in a regular expression, resulting in the potential for a DoS attack. This only impacts Rails applications that are using PostgreSQL along with money type columns that take user input.
Publish Date: 2021-02-11
URL: CVE-2021-22880
### Threat AssessmentExploit Maturity: Not Defined
EPSS: 0.6%
### CVSS 3 Score Details (7.5)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://discuss.rubyonrails.org/t/cve-2021-22880-possible-dos-vulnerability-in-active-record-postgresql-adapter/77129
Release Date: 2021-02-11
Fix Resolution: 5.2.4.5,6.0.3.5,6.1.2.1
:rescue_worker_helmet: Automatic Remediation will be attempted for this issue.
CVE-2020-7663
### Vulnerable Library - websocket-extensions-0.1.2.gemLibrary home page: https://rubygems.org/gems/websocket-extensions-0.1.2.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /home/wss-scanner/.gem/ruby/2.7.0/cache/websocket-extensions-0.1.2.gem
Dependency Hierarchy: - rails-5.0.1.gem (Root Library) - actioncable-5.0.1.gem - websocket-driver-0.6.4.gem - :x: **websocket-extensions-0.1.2.gem** (Vulnerable Library)
Found in HEAD commit: 4f74f4cb61ae8aaa9de0e2a123d587b45caa7bdb
Found in base branch: main
### Vulnerability Detailswebsocket-extensions ruby module prior to 0.1.5 allows Denial of Service (DoS) via Regex Backtracking. The extension parser may take quadratic time when parsing a header containing an unclosed string parameter value whose content is a repeating two-byte sequence of a backslash and some other character. This could be abused by an attacker to conduct Regex Denial Of Service (ReDoS) on a single-threaded server by providing a malicious payload with the Sec-WebSocket-Extensions header.
Publish Date: 2020-06-02
URL: CVE-2020-7663
### Threat AssessmentExploit Maturity: Not Defined
EPSS: 1.6%
### CVSS 3 Score Details (7.5)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7663
Release Date: 2020-09-17
Fix Resolution: websocket-extensions:0.1.5
CVE-2019-5419
### Vulnerable Library - rails-5.0.1.gemRuby on Rails is a full-stack web framework optimized for programmer happiness and sustainable productivity. It encourages beautiful code by favoring convention over configuration.
Library home page: https://rubygems.org/gems/rails-5.0.1.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /he/rails-5.0.1.gem
Dependency Hierarchy: - :x: **rails-5.0.1.gem** (Vulnerable Library)
Found in HEAD commit: 4f74f4cb61ae8aaa9de0e2a123d587b45caa7bdb
Found in base branch: main
### Vulnerability DetailsThere is a possible denial of service vulnerability in Action View (Rails) <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.11.1 where specially crafted accept headers can cause action view to consume 100% cpu and make the server unresponsive.
Publish Date: 2019-03-27
URL: CVE-2019-5419
### Threat AssessmentExploit Maturity: Not Defined
EPSS: 0.3%
### CVSS 3 Score Details (7.5)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://weblog.rubyonrails.org/2019/3/13/Rails-4-2-5-1-5-1-6-2-have-been-released/
Release Date: 2019-03-27
Fix Resolution: 4.2.11.1, 5.0.7.2, 5.1.6.2, 5.2.2.1
:rescue_worker_helmet: Automatic Remediation will be attempted for this issue.
CVE-2019-5418
### Vulnerable Library - rails-5.0.1.gemRuby on Rails is a full-stack web framework optimized for programmer happiness and sustainable productivity. It encourages beautiful code by favoring convention over configuration.
Library home page: https://rubygems.org/gems/rails-5.0.1.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /he/rails-5.0.1.gem
Dependency Hierarchy: - :x: **rails-5.0.1.gem** (Vulnerable Library)
Found in HEAD commit: 4f74f4cb61ae8aaa9de0e2a123d587b45caa7bdb
Found in base branch: main
### Vulnerability DetailsThere is a File Content Disclosure vulnerability in Action View <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.11.1 and v3 where specially crafted accept headers can cause contents of arbitrary files on the target system's filesystem to be exposed.
Publish Date: 2019-03-27
URL: CVE-2019-5418
### Threat AssessmentExploit Maturity: Not Defined
EPSS: 97.399994%
### CVSS 3 Score Details (7.5)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: None - Availability Impact: None
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://weblog.rubyonrails.org/2019/3/13/Rails-4-2-5-1-5-1-6-2-have-been-released/
Release Date: 2019-03-27
Fix Resolution: 4.2.11.1, 5.0.7.2, 5.1.6.2, 5.2.2.1
:rescue_worker_helmet: Automatic Remediation will be attempted for this issue.
CVE-2018-16476
### Vulnerable Library - rails-5.0.1.gemRuby on Rails is a full-stack web framework optimized for programmer happiness and sustainable productivity. It encourages beautiful code by favoring convention over configuration.
Library home page: https://rubygems.org/gems/rails-5.0.1.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /he/rails-5.0.1.gem
Dependency Hierarchy: - :x: **rails-5.0.1.gem** (Vulnerable Library)
Found in HEAD commit: 4f74f4cb61ae8aaa9de0e2a123d587b45caa7bdb
Found in base branch: main
### Vulnerability DetailsA Broken Access Control vulnerability in Active Job versions >= 4.2.0 allows an attacker to craft user input which can cause Active Job to deserialize it using GlobalId and give them access to information that they should not have. This vulnerability has been fixed in versions 4.2.11, 5.0.7.1, 5.1.6.1, and 5.2.1.1.
Publish Date: 2018-11-30
URL: CVE-2018-16476
### Threat AssessmentExploit Maturity: Not Defined
EPSS: 0.2%
### CVSS 3 Score Details (7.5)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: None - Availability Impact: None
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://weblog.rubyonrails.org/2018/11/27/Rails-4-2-5-0-5-1-5-2-have-been-released/
Release Date: 2018-11-30
Fix Resolution: 5.2.2
:rescue_worker_helmet: Automatic Remediation will be attempted for this issue.
CVE-2020-8167
### Vulnerable Library - rails-5.0.1.gemRuby on Rails is a full-stack web framework optimized for programmer happiness and sustainable productivity. It encourages beautiful code by favoring convention over configuration.
Library home page: https://rubygems.org/gems/rails-5.0.1.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /he/rails-5.0.1.gem
Dependency Hierarchy: - :x: **rails-5.0.1.gem** (Vulnerable Library)
Found in HEAD commit: 4f74f4cb61ae8aaa9de0e2a123d587b45caa7bdb
Found in base branch: main
### Vulnerability DetailsA CSRF vulnerability exists in rails <= 6.0.3 rails-ujs module that could allow attackers to send CSRF tokens to wrong domains.
Publish Date: 2020-06-19
URL: CVE-2020-8167
### Threat AssessmentExploit Maturity: Not Defined
EPSS: 0.2%
### CVSS 3 Score Details (6.5)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: Required - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: High - Availability Impact: None
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://rubygems.org/gems/rails/versions/6.0.3.1
Release Date: 2020-06-19
Fix Resolution: 6.0.3.1,5.2.4.3
:rescue_worker_helmet: Automatic Remediation will be attempted for this issue.
CVE-2010-3299
### Vulnerable Library - rails-5.0.1.gemRuby on Rails is a full-stack web framework optimized for programmer happiness and sustainable productivity. It encourages beautiful code by favoring convention over configuration.
Library home page: https://rubygems.org/gems/rails-5.0.1.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /he/rails-5.0.1.gem
Dependency Hierarchy: - :x: **rails-5.0.1.gem** (Vulnerable Library)
Found in HEAD commit: 4f74f4cb61ae8aaa9de0e2a123d587b45caa7bdb
Found in base branch: main
### Vulnerability DetailsThe encrypt/decrypt functions in Ruby on Rails 2.3 are vulnerable to padding oracle attacks.
Publish Date: 2019-11-12
URL: CVE-2010-3299
### Threat AssessmentExploit Maturity: Not Defined
EPSS: 0.5%
### CVSS 3 Score Details (6.5)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: Required - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: None - Availability Impact: None
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3299
Release Date: 2019-11-12
Fix Resolution: rails - 5.2.0.beta1
:rescue_worker_helmet: Automatic Remediation will be attempted for this issue.
CVE-2023-28120
### Vulnerable Library - rails-5.0.1.gemRuby on Rails is a full-stack web framework optimized for programmer happiness and sustainable productivity. It encourages beautiful code by favoring convention over configuration.
Library home page: https://rubygems.org/gems/rails-5.0.1.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /he/rails-5.0.1.gem
Dependency Hierarchy: - :x: **rails-5.0.1.gem** (Vulnerable Library)
Found in HEAD commit: 4f74f4cb61ae8aaa9de0e2a123d587b45caa7bdb
Found in base branch: main
### Vulnerability DetailsA Possible XSS Security Vulnerability was discovered in ActiveSupport if the new bytesplice method is called on a SafeBuffer with untrusted user input. ActiveSupport if the new bytesplice method is called on a SafeBuffer with untrusted user input. All versions before 6.1.7.3 and 7.x before 7.0.4.3 are affected.
Publish Date: 2024-10-13
URL: CVE-2023-28120
### Threat AssessmentExploit Maturity: Not Defined
EPSS:
### CVSS 3 Score Details (6.1)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: Required - Scope: Changed - Impact Metrics: - Confidentiality Impact: Low - Integrity Impact: Low - Availability Impact: None
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://discuss.rubyonrails.org/t/cve-2023-28120-possible-xss-security-vulnerability-in-safebuffer-bytesplice/82469
Release Date: 2024-10-13
Fix Resolution: rails - 6.1.7.3,7.0.4.3
:rescue_worker_helmet: Automatic Remediation will be attempted for this issue.
CVE-2024-47889
### Vulnerable Library - actionmailer-5.0.1.gemEmail on Rails. Compose, deliver, receive, and test emails using the familiar controller/view pattern. First-class support for multipart email and attachments.
Library home page: https://rubygems.org/gems/actionmailer-5.0.1.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /home/wss-scanner/.gem/ruby/2.7.0/cache/actionmailer-5.0.1.gem
Dependency Hierarchy: - rails-5.0.1.gem (Root Library) - :x: **actionmailer-5.0.1.gem** (Vulnerable Library)
Found in HEAD commit: 4f74f4cb61ae8aaa9de0e2a123d587b45caa7bdb
Found in base branch: main
### Vulnerability DetailsAction Mailer is a framework for designing email service layers. Starting in version 3.0.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1, there is a possible ReDoS vulnerability in the block_format helper in Action Mailer. Carefully crafted text can cause the block_format helper to take an unexpected amount of time, possibly resulting in a DoS vulnerability. All users running an affected release should either upgrade to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, or 7.2.1.1 or apply the relevant patch immediately. As a workaround, users can avoid calling the `block_format` helper or upgrade to Ruby 3.2. Ruby 3.2 has mitigations for this problem, so Rails applications using Ruby 3.2 or newer are unaffected. Rails 8.0.0.beta1 requires Ruby 3.2 or greater so is unaffected.
Publish Date: 2024-10-16
URL: CVE-2024-47889
### Threat AssessmentExploit Maturity: Not Defined
EPSS: 0.0%
### CVSS 3 Score Details (5.3)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: Low
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://github.com/rails/rails/security/advisories/GHSA-h47h-mwp9-c6q6
Release Date: 2024-10-16
Fix Resolution: actionmailer - 6.1.7.9,7.0.8.5,7.1.4.1,7.2.1.1
WS-2017-0252
### Vulnerable Library - actioncable-5.0.1.gemStructure many real-time application concerns into channels over a single WebSocket connection.
Library home page: https://rubygems.org/gems/actioncable-5.0.1.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /home/wss-scanner/.gem/ruby/2.7.0/cache/actioncable-5.0.1.gem
Dependency Hierarchy: - rails-5.0.1.gem (Root Library) - :x: **actioncable-5.0.1.gem** (Vulnerable Library)
Found in HEAD commit: 4f74f4cb61ae8aaa9de0e2a123d587b45caa7bdb
Found in base branch: main
### Vulnerability DetailsAffected versions of the package (greater than 5.1.1.beta) are vulnerable to Information Exposure.
Publish Date: 2016-05-20
URL: WS-2017-0252
### Threat AssessmentExploit Maturity: Not Defined
EPSS:
### CVSS 3 Score Details (3.5)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Adjacent - Attack Complexity: Low - Privileges Required: None - User Interaction: Required - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: Low - Integrity Impact: None - Availability Impact: None
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/WS-2017-0252
Release Date: 2016-05-20
Fix Resolution: actioncable - 5.0.4,5.1.2
:rescue_worker_helmet:Automatic Remediation will be attempted for this issue.