VulnerableCode Package Details - pkg:ebuild/dev-ruby/rails@1.1.6

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:ebuild/dev-ruby/rails@1.1.6

Essentials
History (2)

purl	pkg:ebuild/dev-ruby/rails@1.1.6

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (2)

Vulnerability	Summary	Aliases
VCID-2mcx-b9k2-83bh	Ruby on Rails vulnerable to code injection Ruby on Rails before 1.1.5 allows remote attackers to execute Ruby code with "severe" or "serious" impact via a File Upload request with an HTTP header that modifies the LOAD_PATH variable, a different vulnerability than CVE-2006-4112.	CVE-2006-4111 GHSA-rvpq-5xqx-pfpp
VCID-877d-u9ag-qqdr	Rails Denial of Service vulnerability Unspecified vulnerability in the "dependency resolution mechanism" in Ruby on Rails 1.1.0 through 1.1.5 allows remote attackers to execute arbitrary Ruby code via a URL that is not properly handled in the routing code, which leads to a denial of service (application hang) or "data loss," a different vulnerability than CVE-2006-4111.	CVE-2006-4112 GHSA-9wrq-xvmp-xjc8

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-01T13:10:07.107547+00:00	Gentoo Importer	Fixing	VCID-877d-u9ag-qqdr	https://security.gentoo.org/glsa/200608-20	38.0.0
2026-04-01T13:10:07.098972+00:00	Gentoo Importer	Fixing	VCID-2mcx-b9k2-83bh	https://security.gentoo.org/glsa/200608-20	38.0.0