Search for packages
| purl | pkg:gem/rails@3.1.12 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-26je-urbt-8kee
Aliases: CVE-2014-0081 GHSA-m46p-ggm5-5j83 OSV-103439 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Multiple cross-site scripting (XSS) vulnerabilities in actionview/lib/action_view/helpers/number_helper.rb in Ruby on Rails beta2 allow remote attackers to inject arbitrary web script or HTML via the (1) format, (2) negative_format, or (3) units parameter to the (a) number_to_currency, (b) number_to_percentage, or (c) number_to_human helper. |
Affected by 8 other vulnerabilities. Affected by 11 other vulnerabilities. Affected by 10 other vulnerabilities. Affected by 11 other vulnerabilities. |
|
VCID-bkb7-2vvb-zfeq
Aliases: CVE-2006-4112 GHSA-9wrq-xvmp-xjc8 |
Rails Denial of Service vulnerability Unspecified vulnerability in the "dependency resolution mechanism" in Ruby on Rails 1.1.0 through 1.1.5 allows remote attackers to execute arbitrary Ruby code via a URL that is not properly handled in the routing code, which leads to a denial of service (application hang) or "data loss," a different vulnerability than CVE-2006-4111. | There are no reported fixed by versions. |
|
VCID-f8s8-epzh-3bhw
Aliases: CVE-2014-0082 GHSA-7cgp-c3g7-qvrw OSV-103440 |
Denial of Service Vulnerability when using render :text Strings sent in specially crafted headers will be converted to symbols. |
Affected by 8 other vulnerabilities. |
|
VCID-fqcm-4af1-e3c1
Aliases: CVE-2006-4111 GHSA-rvpq-5xqx-pfpp |
Ruby on Rails vulnerable to code injection Ruby on Rails before 1.1.5 allows remote attackers to execute Ruby code with "severe" or "serious" impact via a File Upload request with an HTTP header that modifies the LOAD_PATH variable, a different vulnerability than CVE-2006-4112. | There are no reported fixed by versions. |
|
VCID-ghfd-u91m-dbdz
Aliases: CVE-2013-6414 GHSA-mpxf-gcw2-pw5q OSV-100525 |
Denial of Service Vulnerability in Action View There is a denial of service vulnerability in the header handling component of Action View. Strings sent in specially crafted headers will be cached indefinitely. This can cause the cache to grow infinitely, which will eventually consume all memory on the target machine, causing a denial of service. |
Affected by 9 other vulnerabilities. Affected by 12 other vulnerabilities. |
|
VCID-j52w-azvw-1ycn
Aliases: CVE-2014-0130 GHSA-6x85-j5j2-27jx |
Directory Traversal Vulnerability With Certain Route Configurations The implicit render functionality allows controllers to render a template, even if there is no explicit action with the corresponding name. This module does not perform adequate input sanitization which could allow an attacker to use a specially crafted request to retrieve arbitrary files from the RoR application server. |
Affected by 7 other vulnerabilities. Affected by 10 other vulnerabilities. Affected by 10 other vulnerabilities. |
|
VCID-mvfq-sajq-bfb9
Aliases: CVE-2009-4214 GHSA-9p3v-wf2w-v29c |
Moderate severity vulnerability that affects rails Cross-site scripting (XSS) vulnerability in the strip_tags function in Ruby on Rails before 2.2.s, and 2.3.x before 2.3.5, allows remote attackers to inject arbitrary web script or HTML via vectors involving non-printing ASCII characters, related to HTML::Tokenizer and actionpack/lib/action_controller/vendor/html-scanner/html/node.rb. | There are no reported fixed by versions. |
|
VCID-ns2u-nkbu-7fbp
Aliases: CVE-2019-5418 GHSA-86g5-2wh3-gc9j |
Path Traversal in Action View # File Content Disclosure in Action View Impact ------ There is a possible file content disclosure vulnerability in Action View. Specially crafted accept headers in combination with calls to `render file:` can cause arbitrary files on the target server to be rendered, disclosing the file contents. The impact is limited to calls to `render` which render file contents without a specified accept format. Impacted code in a controller looks something like this: ``` ruby class UserController < ApplicationController def index render file: "#{Rails.root}/some/file" end end ``` Rendering templates as opposed to files is not impacted by this vulnerability. All users running an affected release should either upgrade or use one of the workarounds immediately. Releases -------- The 6.0.0.beta3, 5.2.2.1, 5.1.6.2, 5.0.7.2, and 4.2.11.1 releases are available at the normal locations. Workarounds ----------- This vulnerability can be mitigated by specifying a format for file rendering, like this: ``` ruby class UserController < ApplicationController def index render file: "#{Rails.root}/some/file", formats: [:html] end end ``` In summary, impacted calls to `render` look like this: ``` render file: "#{Rails.root}/some/file" ``` The vulnerability can be mitigated by changing to this: ``` render file: "#{Rails.root}/some/file", formats: [:html] ``` Other calls to `render` are not impacted. Alternatively, the following monkey patch can be applied in an initializer: ``` ruby $ cat config/initializers/formats_filter.rb # frozen_string_literal: true ActionDispatch::Request.prepend(Module.new do def formats super().select do |format| format.symbol || format.ref == "*/*" end end end) ``` Credits ------- Thanks to John Hawthorn <john@hawthorn.email> of GitHub |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-uw5h-1fk2-abat
Aliases: CVE-2019-5419 GHSA-m63j-wh5w-c252 |
Allocation of Resources Without Limits or Throttling There is a possible denial of service vulnerability in Action View (Rails) where specially crafted accept headers can cause action view to consume % cpu and make the server unresponsive. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-vm51-p4w4-n3du
Aliases: CVE-2016-2097 GHSA-vx9j-46rh-fqr8 |
Possible Information Leak Vulnerability Applications that pass unverified user input to the `render` method in a controller may be vulnerable to an information leak vulnerability. Impacted code will look something like this: ``` def index; render params[:id]; end ``` Carefully crafted requests can cause the above code to render files from unexpected places like outside the application's view directory, and can possibly escalate this to a remote code execution attack. |
Affected by 6 other vulnerabilities. Affected by 7 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||