Search for packages
| purl | pkg:gem/rails@0.8.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-26je-urbt-8kee
Aliases: CVE-2014-0081 GHSA-m46p-ggm5-5j83 OSV-103439 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Multiple cross-site scripting (XSS) vulnerabilities in actionview/lib/action_view/helpers/number_helper.rb in Ruby on Rails beta2 allow remote attackers to inject arbitrary web script or HTML via the (1) format, (2) negative_format, or (3) units parameter to the (a) number_to_currency, (b) number_to_percentage, or (c) number_to_human helper. |
Affected by 8 other vulnerabilities. Affected by 11 other vulnerabilities. Affected by 10 other vulnerabilities. Affected by 11 other vulnerabilities. |
|
VCID-bkb7-2vvb-zfeq
Aliases: CVE-2006-4112 GHSA-9wrq-xvmp-xjc8 |
Rails Denial of Service vulnerability Unspecified vulnerability in the "dependency resolution mechanism" in Ruby on Rails 1.1.0 through 1.1.5 allows remote attackers to execute arbitrary Ruby code via a URL that is not properly handled in the routing code, which leads to a denial of service (application hang) or "data loss," a different vulnerability than CVE-2006-4111. |
Affected by 16 other vulnerabilities. |
|
VCID-c3hd-njh3-b3bg
Aliases: CVE-2008-4094 GHSA-xf96-32q2-9rw2 |
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Multiple SQL injection vulnerabilities in Ruby on Rails before 2.1.1 allow remote attackers to execute arbitrary SQL commands via the (1) :limit and (2) :offset parameters, related to ActiveRecord, ActiveSupport, ActiveResource, ActionPack, and ActionMailer. |
Affected by 15 other vulnerabilities. |
|
VCID-d7rs-7c74-xkex
Aliases: CVE-2009-2422 GHSA-rxq3-gm4p-5fj4 |
Improper Authentication The example code for the digest authentication functionality (http_authentication.rb) in Ruby on Rails before 2.3.3 defines an authenticate_or_request_with_http_digest block that returns nil instead of false when the user does not exist, which allows context-dependent attackers to bypass authentication for applications that are derived from this example by sending an invalid username without a password. |
Affected by 13 other vulnerabilities. |
|
VCID-fqcm-4af1-e3c1
Aliases: CVE-2006-4111 GHSA-rvpq-5xqx-pfpp |
Ruby on Rails vulnerable to code injection Ruby on Rails before 1.1.5 allows remote attackers to execute Ruby code with "severe" or "serious" impact via a File Upload request with an HTTP header that modifies the LOAD_PATH variable, a different vulnerability than CVE-2006-4112. |
Affected by 16 other vulnerabilities. |
|
VCID-fqw6-tq5j-2udc
Aliases: CVE-2007-5379 GHSA-fjfg-q662-gm6j OSV-40717 |
Moderate severity vulnerability that affects rails Rails before 1.2.4, as used for Ruby on Rails, allows remote attackers and ActiveResource servers to determine the existence of arbitrary files and read arbitrary XML files via the Hash.from_xml (Hash#from_xml) method, which uses XmlSimple (XML::Simple) unsafely, as demonstrated by reading passwords from the Pidgin (Gaim) .purple/accounts.xml file. |
Affected by 15 other vulnerabilities. Affected by 13 other vulnerabilities. |
|
VCID-gq64-ywx7-jyfq
Aliases: CVE-2007-3227 GHSA-gm25-fpmr-43fj OSV-36378 |
Moderate severity vulnerability that affects rails Cross-site scripting (XSS) vulnerability in the to_json (ActiveRecord::Base#to_json) function in Ruby on Rails before edge 9606 allows remote attackers to inject arbitrary web script via the input values. |
Affected by 13 other vulnerabilities. |
|
VCID-hud5-xxhh-u3ex
Aliases: CVE-2011-0446 GHSA-75w6-p6mg-vh8j |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Multiple cross-site scripting (XSS) vulnerabilities in the mail_to helper in Ruby on Rails before 2.3.11, and 3.x before 3.0.4, when javascript encoding is used, allow remote attackers to inject arbitrary web script or HTML via a crafted (1) name or (2) email value. |
Affected by 8 other vulnerabilities. Affected by 12 other vulnerabilities. |
|
VCID-j52w-azvw-1ycn
Aliases: CVE-2014-0130 GHSA-6x85-j5j2-27jx |
Directory Traversal Vulnerability With Certain Route Configurations The implicit render functionality allows controllers to render a template, even if there is no explicit action with the corresponding name. This module does not perform adequate input sanitization which could allow an attacker to use a specially crafted request to retrieve arbitrary files from the RoR application server. |
Affected by 7 other vulnerabilities. Affected by 10 other vulnerabilities. Affected by 10 other vulnerabilities. |
|
VCID-mvfq-sajq-bfb9
Aliases: CVE-2009-4214 GHSA-9p3v-wf2w-v29c |
Moderate severity vulnerability that affects rails Cross-site scripting (XSS) vulnerability in the strip_tags function in Ruby on Rails before 2.2.s, and 2.3.x before 2.3.5, allows remote attackers to inject arbitrary web script or HTML via vectors involving non-printing ASCII characters, related to HTML::Tokenizer and actionpack/lib/action_controller/vendor/html-scanner/html/node.rb. |
Affected by 14 other vulnerabilities. Affected by 11 other vulnerabilities. |
|
VCID-ns2u-nkbu-7fbp
Aliases: CVE-2019-5418 GHSA-86g5-2wh3-gc9j |
Path Traversal in Action View # File Content Disclosure in Action View Impact ------ There is a possible file content disclosure vulnerability in Action View. Specially crafted accept headers in combination with calls to `render file:` can cause arbitrary files on the target server to be rendered, disclosing the file contents. The impact is limited to calls to `render` which render file contents without a specified accept format. Impacted code in a controller looks something like this: ``` ruby class UserController < ApplicationController def index render file: "#{Rails.root}/some/file" end end ``` Rendering templates as opposed to files is not impacted by this vulnerability. All users running an affected release should either upgrade or use one of the workarounds immediately. Releases -------- The 6.0.0.beta3, 5.2.2.1, 5.1.6.2, 5.0.7.2, and 4.2.11.1 releases are available at the normal locations. Workarounds ----------- This vulnerability can be mitigated by specifying a format for file rendering, like this: ``` ruby class UserController < ApplicationController def index render file: "#{Rails.root}/some/file", formats: [:html] end end ``` In summary, impacted calls to `render` look like this: ``` render file: "#{Rails.root}/some/file" ``` The vulnerability can be mitigated by changing to this: ``` render file: "#{Rails.root}/some/file", formats: [:html] ``` Other calls to `render` are not impacted. Alternatively, the following monkey patch can be applied in an initializer: ``` ruby $ cat config/initializers/formats_filter.rb # frozen_string_literal: true ActionDispatch::Request.prepend(Module.new do def formats super().select do |format| format.symbol || format.ref == "*/*" end end end) ``` Credits ------- Thanks to John Hawthorn <john@hawthorn.email> of GitHub |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-sx3y-xa4f-gkcf
Aliases: CVE-2007-6077 GHSA-p4c6-77gc-694x |
The session fixation protection mechanism in cgi_process.rb in Rails 1.2.4, as used in Ruby on Rails, removes the :cookie_only attribute from the DEFAULT_SESSION_OPTIONS constant, which effectively causes cookie_only to be applied only to the first instantiation of CgiRequest, which allows remote attackers to conduct session fixation attacks. NOTE: this is due to an incomplete fix for CVE-2007-5380. |
Affected by 12 other vulnerabilities. |
|
VCID-tf9s-mg9q-1kfd
Aliases: CVE-2007-5380 GHSA-jwhv-rgqc-fqj5 |
Session fixation vulnerability in Rails before 1.2.4, as used for Ruby on Rails, allows remote attackers to hijack web sessions via unspecified vectors related to "URL-based sessions." |
Affected by 15 other vulnerabilities. |
|
VCID-uw5h-1fk2-abat
Aliases: CVE-2019-5419 GHSA-m63j-wh5w-c252 |
Allocation of Resources Without Limits or Throttling There is a possible denial of service vulnerability in Action View (Rails) where specially crafted accept headers can cause action view to consume % cpu and make the server unresponsive. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-vm51-p4w4-n3du
Aliases: CVE-2016-2097 GHSA-vx9j-46rh-fqr8 |
Possible Information Leak Vulnerability Applications that pass unverified user input to the `render` method in a controller may be vulnerable to an information leak vulnerability. Impacted code will look something like this: ``` def index; render params[:id]; end ``` Carefully crafted requests can cause the above code to render files from unexpected places like outside the application's view directory, and can possibly escalate this to a remote code execution attack. |
Affected by 6 other vulnerabilities. Affected by 7 other vulnerabilities. |
|
VCID-wj98-mgjt-6uay
Aliases: CVE-2008-5189 GHSA-jmgf-p46x-982h |
rails is vulnerable to CRLF injection CRLF injection vulnerability in Ruby on Rails before 2.0.5 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL to the redirect_to function. |
Affected by 13 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||