{"url":"http://public2.vulnerablecode.io/api/packages/73619?format=json","purl":"pkg:gem/actionpack-page_caching@1.2.1","type":"gem","namespace":"","name":"actionpack-page_caching","version":"1.2.1","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/47751?format=json","vulnerability_id":"VCID-gjey-bqtd-kqa1","summary":"Action Pack contains Information Disclosure / Unintended Method Execution vulnerability\nImpact\n------\nThere is a possible information disclosure / unintended method execution vulnerability in Action Pack when using the `redirect_to` or `polymorphic_url` helper with untrusted user input.\n\nVulnerable code will look like this.\n\n```\nredirect_to(params[:some_param])\n```\n\nAll users running an affected release should either upgrade or use one of the workarounds immediately.\n\nReleases\n--------\nThe FIXED releases are available at the normal locations.\n\nWorkarounds\n-----------\nTo work around this problem, it is recommended to use an allow list for valid parameters passed from the user.  For example,\n\n```ruby\nprivate def check(param)\n  case param\n  when \"valid\"\n    param\n  else\n    \"/\"\n  end\nend\n\ndef index\n  redirect_to(check(params[:some_param]))\nend\n```\n\nOr force the user input to be cast to a string like this,\n\n```ruby\ndef index\n  redirect_to(params[:some_param].to_s)\nend\n```\n\nPatches\n-------\nTo aid users who aren't able to upgrade immediately we have provided patches for the two supported release series. They are in git-am format and consist of a single changeset.\n\n* 5-2-information-disclosure.patch - Patch for 5.2 series\n* 6-0-information-disclosure.patch - Patch for 6.0 series\n* 6-1-information-disclosure.patch - Patch for 6.1 series\n\nPlease note that only the 5.2, 6.0, and 6.1 series are supported at present. Users of earlier unsupported releases are advised to upgrade as soon as possible as we cannot guarantee the continued availability of security fixes for unsupported releases.\n\nCredits\n-------\n\nThanks to Benoit Côté-Jodoin from Shopify for reporting this.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22885.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22885.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-22885","reference_id":"","reference_type":"","scores":[{"value":"0.03096","scoring_system":"epss","scoring_elements":"0.86861","published_at":"2026-05-05T12:55:00Z"},{"value":"0.03096","scoring_system":"epss","scoring_elements":"0.86837","published_at":"2026-04-29T12:55:00Z"},{"value":"0.03096","scoring_system":"epss","scoring_elements":"0.86838","published_at":"2026-04-26T12:55:00Z"},{"value":"0.03096","scoring_system":"epss","scoring_elements":"0.86831","published_at":"2026-04-24T12:55:00Z"},{"value":"0.03096","scoring_system":"epss","scoring_elements":"0.86815","published_at":"2026-04-21T12:55:00Z"},{"value":"0.03096","scoring_system":"epss","scoring_elements":"0.86817","published_at":"2026-04-18T12:55:00Z"},{"value":"0.03096","scoring_system":"epss","scoring_elements":"0.86812","published_at":"2026-04-16T12:55:00Z"},{"value":"0.03096","scoring_system":"epss","scoring_elements":"0.86797","published_at":"2026-04-13T12:55:00Z"},{"value":"0.03096","scoring_system":"epss","scoring_elements":"0.86802","published_at":"2026-04-12T12:55:00Z"},{"value":"0.03096","scoring_system":"epss","scoring_elements":"0.86805","published_at":"2026-04-11T12:55:00Z"},{"value":"0.03096","scoring_system":"epss","scoring_elements":"0.86736","published_at":"2026-04-01T12:55:00Z"},{"value":"0.03096","scoring_system":"epss","scoring_elements":"0.86791","published_at":"2026-04-09T12:55:00Z"},{"value":"0.03096","scoring_system":"epss","scoring_elements":"0.86783","published_at":"2026-04-08T12:55:00Z"},{"value":"0.03096","scoring_system":"epss","scoring_elements":"0.86763","published_at":"2026-04-07T12:55:00Z"},{"value":"0.03096","scoring_system":"epss","scoring_elements":"0.86746","published_at":"2026-04-02T12:55:00Z"},{"value":"0.03096","scoring_system":"epss","scoring_elements":"0.86765","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-22885"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22880","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22880"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22885","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22885"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22904","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22904"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2021-22885.yml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2021-22885.yml"},{"reference_url":"https://groups.google.com/g/rubyonrails-security/c/NiQl-48cXYI","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":""},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/g/rubyonrails-security/c/NiQl-48cXYI"},{"reference_url":"https://hackerone.com/reports/1106652","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://hackerone.com/reports/1106652"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-22885","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-22885"},{"reference_url":"https://security.netapp.com/advisory/ntap-20210805-0009","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20210805-0009"},{"reference_url":"https://security.netapp.com/advisory/ntap-20210805-0009/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20210805-0009/"},{"reference_url":"https://www.debian.org/security/2021/dsa-4929","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2021/dsa-4929"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1957441","reference_id":"1957441","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1957441"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988214","reference_id":"988214","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988214"},{"reference_url":"https://security.archlinux.org/AVG-1920","reference_id":"AVG-1920","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1920"},{"reference_url":"https://security.archlinux.org/AVG-1921","reference_id":"AVG-1921","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1921"},{"reference_url":"https://security.archlinux.org/AVG-2090","reference_id":"AVG-2090","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2090"},{"reference_url":"https://security.archlinux.org/AVG-2223","reference_id":"AVG-2223","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2223"},{"reference_url":"https://github.com/advisories/GHSA-hjg4-8q5f-x6fm","reference_id":"GHSA-hjg4-8q5f-x6fm","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-hjg4-8q5f-x6fm"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4702","reference_id":"RHSA-2021:4702","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4702"}],"fixed_packages":[],"aliases":["CVE-2021-22885","GHSA-hjg4-8q5f-x6fm"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gjey-bqtd-kqa1"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34124?format=json","vulnerability_id":"VCID-3efe-hmaw-u7fn","summary":"Arbitrary file write in actionpack-page_caching gem\nThere is a vulnerability in actionpack_page-caching gem < v1.2.1 that allows an attacker to write arbitrary files to a web server, potentially resulting in remote code execution if the attacker can write unescaped ERB to a view.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-8159","reference_id":"","reference_type":"","scores":[{"value":"0.0542","scoring_system":"epss","scoring_elements":"0.90187","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0542","scoring_system":"epss","scoring_elements":"0.90143","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0542","scoring_system":"epss","scoring_elements":"0.90149","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0542","scoring_system":"epss","scoring_elements":"0.90157","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0542","scoring_system":"epss","scoring_elements":"0.90156","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0542","scoring_system":"epss","scoring_elements":"0.90151","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0542","scoring_system":"epss","scoring_elements":"0.90168","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0542","scoring_system":"epss","scoring_elements":"0.90165","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0542","scoring_system":"epss","scoring_elements":"0.90179","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0542","scoring_system":"epss","scoring_elements":"0.90178","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0542","scoring_system":"epss","scoring_elements":"0.90176","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0542","scoring_system":"epss","scoring_elements":"0.90108","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0542","scoring_system":"epss","scoring_elements":"0.90111","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0542","scoring_system":"epss","scoring_elements":"0.90123","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0542","scoring_system":"epss","scoring_elements":"0.90127","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-8159"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8159","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8159"},{"reference_url":"https://github.com/rails/actionpack-page_caching/commit/127da70a559bed4fc573fdb4a6d498a7d5815ce2","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rails/actionpack-page_caching/commit/127da70a559bed4fc573fdb4a6d498a7d5815ce2"},{"reference_url":"https://groups.google.com/forum/#!topic/rubyonrails-security/CFRVkEytdP8","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":""},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/forum/#!topic/rubyonrails-security/CFRVkEytdP8"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/07/msg00019.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2021/07/msg00019.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-8159","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-8159"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=960680","reference_id":"960680","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=960680"},{"reference_url":"https://github.com/advisories/GHSA-mg5p-95m9-rmfp","reference_id":"GHSA-mg5p-95m9-rmfp","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-mg5p-95m9-rmfp"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73619?format=json","purl":"pkg:gem/actionpack-page_caching@1.2.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gjey-bqtd-kqa1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/actionpack-page_caching@1.2.1"}],"aliases":["CVE-2020-8159","GHSA-mg5p-95m9-rmfp"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3efe-hmaw-u7fn"}],"risk_score":"4.0","resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/actionpack-page_caching@1.2.1"}