Search for packages
| purl | pkg:deb/debian/rails@2:5.2.2%2Bdfsg-1?distro=trixie |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-5x54-hckg-x7b8 | Exposure of Sensitive Information to an Unauthorized Actor A bypass vulnerability in Active Storage for Google Cloud Storage and Disk services allow an attacker to modify the `content-disposition` and `content-type` parameters which can be used in with HTML files and have them executed inline. Additionally, if combined with other techniques such as cookie bombing and specially crafted AppCache manifests, an attacker can gain access to private signed URLs within a specific storage path. This vulnerability has been fixed |
CVE-2018-16477
GHSA-7rr7-rcjw-56vj |
| VCID-6yr6-a21g-dyf5 | Deserialization of Untrusted Data A Broken Access Control vulnerability in Active Job |
CVE-2018-16476
GHSA-q2qw-rmrh-vv42 |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-16T09:54:40.534439+00:00 | Debian Importer | Fixing | VCID-6yr6-a21g-dyf5 | https://security-tracker.debian.org/tracker/data/json | 38.4.0 |
| 2026-04-16T09:10:11.155579+00:00 | Debian Importer | Fixing | VCID-5x54-hckg-x7b8 | https://security-tracker.debian.org/tracker/data/json | 38.4.0 |
| 2026-04-13T07:11:37.606767+00:00 | Debian Importer | Fixing | VCID-5x54-hckg-x7b8 | https://security-tracker.debian.org/tracker/data/json | 38.3.0 |
| 2026-04-13T06:37:55.702148+00:00 | Debian Importer | Fixing | VCID-6yr6-a21g-dyf5 | https://security-tracker.debian.org/tracker/data/json | 38.3.0 |
| 2026-04-03T07:51:47.347154+00:00 | Debian Importer | Fixing | VCID-5x54-hckg-x7b8 | https://security-tracker.debian.org/tracker/data/json | 38.1.0 |
| 2026-04-03T07:51:47.290320+00:00 | Debian Importer | Fixing | VCID-6yr6-a21g-dyf5 | https://security-tracker.debian.org/tracker/data/json | 38.1.0 |