Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:gem/actionpack@6.1.2.0
purl pkg:gem/actionpack@6.1.2.0
Tags Ghost
Next non-vulnerable version 7.0.8.7
Latest non-vulnerable version 8.1.2.1
Risk 3.1
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-12x8-jxdf-jqdz
Aliases:
CVE-2021-22881
GHSA-8877-prq4-9xfw
Actionpack Open Redirect Vulnerability The Host Authorization middleware in Action Pack before 6.1.2.1, 6.0.3.5 suffers from an open redirect vulnerability. Specially crafted `Host` headers in combination with certain "allowed host" formats can cause the Host Authorization middleware in Action Pack to redirect users to a malicious website.
6.1.2.1
Affected by 16 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-02T16:56:12.174244+00:00 GHSA Importer Affected by VCID-12x8-jxdf-jqdz https://github.com/advisories/GHSA-8877-prq4-9xfw 38.1.0