VulnerableCode Package Details - pkg:gem/rails@6.1.4.6

Vulnerabilities affecting this package (3)

Vulnerability	Summary	Fixed by
VCID-6k4p-91ka-juh5 Aliases: CVE-2024-26144 GHSA-8h22-8cf7-hq6g	Rails has possible Sensitive Session Information Leak in Active Storage # Possible Sensitive Session Information Leak in Active Storage There is a possible sensitive session information leak in Active Storage. By default, Active Storage sends a `Set-Cookie` header along with the user's session cookie when serving blobs. It also sets `Cache-Control` to public. Certain proxies may cache the Set-Cookie, leading to an information leak. This vulnerability has been assigned the CVE identifier CVE-2024-26144. Versions Affected: >= 5.2.0, < 7.1.0 Not affected: < 5.2.0, > 7.1.0 Fixed Versions: 7.0.8.1, 6.1.7.7 Impact ------ A proxy which chooses to caches this request can cause users to share sessions. This may include a user receiving an attacker's session or vice versa. This was patched in 7.1.0 but not previously identified as a security vulnerability. All users running an affected release should either upgrade or use one of the workarounds immediately. Releases -------- The fixed releases are available at the normal locations. Workarounds ----------- Upgrade to Rails 7.1.X, or configure caching proxies not to cache the Set-Cookie headers. Credits ------- Thanks to [tyage](https://hackerone.com/tyage) for reporting this!	6.1.7.7 Affected by 0 other vulnerabilities. 7.0.8.1 Affected by 0 other vulnerabilities.
VCID-98gu-r7wd-cuah Aliases: CVE-2023-22792 GHSA-p84v-45xj-wwqj GMS-2023-58	ReDoS based DoS vulnerability in Action Dispatch There is a possible regular expression based DoS vulnerability in Action Dispatch. This vulnerability has been assigned the CVE identifier CVE-2023-22792. Versions Affected: >= 3.0.0 Not affected: < 3.0.0 Fixed Versions: 5.2.8.15 (Rails LTS), 6.1.7.1, 7.0.4.1 Impact Specially crafted cookies, in combination with a specially crafted X_FORWARDED_HOST header can cause the regular expression engine to enter a state of catastrophic backtracking. This can cause the process to use large amounts of CPU and memory, leading to a possible DoS vulnerability All users running an affected release should either upgrade or use one of the workarounds immediately. Releases The FIXED releases are available at the normal locations. Workarounds We recommend that all users upgrade to one of the FIXED versions. In the meantime, users can mitigate this vulnerability by using a load balancer or other device to filter out malicious X_FORWARDED_HOST headers before they reach the application. Patches To aid users who aren’t able to upgrade immediately we have provided patches for the two supported release series. They are in git-am format and consist of a single changeset. 6-1-Use-string-split-instead-of-regex-for-domain-parts.patch - Patch for 6.1 series 7-0-Use-string-split-instead-of-regex-for-domain-parts.patch - Patch for 7.0 series Please note that only the 7.0.Z and 6.1.Z series are supported at present, and 6.0.Z for severe vulnerabilities. Users of earlier unsupported releases are advised to upgrade as soon as possible as we cannot guarantee the continued availability of security fixes for unsupported releases. https://rubyonrails.org/2023/1/17/Rails-Versions-6-0-6-1-6-1-7-1-7-0-4-1-have-been-released	6.1.7.1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 7.0.4.1 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-k6aw-heeb-wke2 Aliases: CVE-2023-22795 GHSA-8xww-x3g3-6jcv GMS-2023-56	ReDoS based DoS vulnerability in Action Dispatch There is a possible regular expression based DoS vulnerability in Action Dispatch related to the If-None-Match header. This vulnerability has been assigned the CVE identifier CVE-2023-22795. Versions Affected: All Not affected: None Fixed Versions: 5.2.8.15 (Rails LTS), 6.1.7.1, 7.0.4.1 Impact A specially crafted HTTP If-None-Match header can cause the regular expression engine to enter a state of catastrophic backtracking, when on a version of Ruby below 3.2.0. This can cause the process to use large amounts of CPU and memory, leading to a possible DoS vulnerability All users running an affected release should either upgrade or use one of the workarounds immediately. Releases The FIXED releases are available at the normal locations. Workarounds We recommend that all users upgrade to one of the FIXED versions. In the meantime, users can mitigate this vulnerability by using a load balancer or other device to filter out malicious If-None-Match headers before they reach the application. Users on Ruby 3.2.0 or greater are not affected by this vulnerability. Patches To aid users who aren’t able to upgrade immediately we have provided patches for the two supported release series. They are in git-am format and consist of a single changeset. 6-1-Avoid-regex-backtracking-on-If-None-Match-header.patch - Patch for 6.1 series 7-0-Avoid-regex-backtracking-on-If-None-Match-header.patch - Patch for 7.0 series Please note that only the 7.0.Z and 6.1.Z series are supported at present, and 6.0.Z for severe vulnerabilities. Users of earlier unsupported releases are advised to upgrade as soon as possible as we cannot guarantee the continued availability of security fixes for unsupported releases.	6.1.7.1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 7.0.4.1 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}

Vulnerability

Summary

Fixed by

VCID-6k4p-91ka-juh5
Aliases:
CVE-2024-26144
GHSA-8h22-8cf7-hq6g

Rails has possible Sensitive Session Information Leak in Active Storage # Possible Sensitive Session Information Leak in Active Storage There is a possible sensitive session information leak in Active Storage. By default, Active Storage sends a `Set-Cookie` header along with the user's session cookie when serving blobs. It also sets `Cache-Control` to public. Certain proxies may cache the Set-Cookie, leading to an information leak. This vulnerability has been assigned the CVE identifier CVE-2024-26144. Versions Affected: >= 5.2.0, < 7.1.0 Not affected: < 5.2.0, > 7.1.0 Fixed Versions: 7.0.8.1, 6.1.7.7 Impact ------ A proxy which chooses to caches this request can cause users to share sessions. This may include a user receiving an attacker's session or vice versa. This was patched in 7.1.0 but not previously identified as a security vulnerability. All users running an affected release should either upgrade or use one of the workarounds immediately. Releases -------- The fixed releases are available at the normal locations. Workarounds ----------- Upgrade to Rails 7.1.X, or configure caching proxies not to cache the Set-Cookie headers. Credits ------- Thanks to [tyage](https://hackerone.com/tyage) for reporting this!

6.1.7.7
Affected by 0 other vulnerabilities.

7.0.8.1
Affected by 0 other vulnerabilities.

VCID-98gu-r7wd-cuah
Aliases:
CVE-2023-22792
GHSA-p84v-45xj-wwqj
GMS-2023-58

ReDoS based DoS vulnerability in Action Dispatch There is a possible regular expression based DoS vulnerability in Action Dispatch. This vulnerability has been assigned the CVE identifier CVE-2023-22792. Versions Affected: >= 3.0.0 Not affected: < 3.0.0 Fixed Versions: 5.2.8.15 (Rails LTS), 6.1.7.1, 7.0.4.1 Impact Specially crafted cookies, in combination with a specially crafted X_FORWARDED_HOST header can cause the regular expression engine to enter a state of catastrophic backtracking. This can cause the process to use large amounts of CPU and memory, leading to a possible DoS vulnerability All users running an affected release should either upgrade or use one of the workarounds immediately. Releases The FIXED releases are available at the normal locations. Workarounds We recommend that all users upgrade to one of the FIXED versions. In the meantime, users can mitigate this vulnerability by using a load balancer or other device to filter out malicious X_FORWARDED_HOST headers before they reach the application. Patches To aid users who aren’t able to upgrade immediately we have provided patches for the two supported release series. They are in git-am format and consist of a single changeset. 6-1-Use-string-split-instead-of-regex-for-domain-parts.patch - Patch for 6.1 series 7-0-Use-string-split-instead-of-regex-for-domain-parts.patch - Patch for 7.0 series Please note that only the 7.0.Z and 6.1.Z series are supported at present, and 6.0.Z for severe vulnerabilities. Users of earlier unsupported releases are advised to upgrade as soon as possible as we cannot guarantee the continued availability of security fixes for unsupported releases. https://rubyonrails.org/2023/1/17/Rails-Versions-6-0-6-1-6-1-7-1-7-0-4-1-have-been-released

6.1.7.1
Affected by 1 other vulnerability.

7.0.4.1
Affected by 2 other vulnerabilities.

VCID-k6aw-heeb-wke2
Aliases:
CVE-2023-22795
GHSA-8xww-x3g3-6jcv
GMS-2023-56

ReDoS based DoS vulnerability in Action Dispatch There is a possible regular expression based DoS vulnerability in Action Dispatch related to the If-None-Match header. This vulnerability has been assigned the CVE identifier CVE-2023-22795. Versions Affected: All Not affected: None Fixed Versions: 5.2.8.15 (Rails LTS), 6.1.7.1, 7.0.4.1 Impact A specially crafted HTTP If-None-Match header can cause the regular expression engine to enter a state of catastrophic backtracking, when on a version of Ruby below 3.2.0. This can cause the process to use large amounts of CPU and memory, leading to a possible DoS vulnerability All users running an affected release should either upgrade or use one of the workarounds immediately. Releases The FIXED releases are available at the normal locations. Workarounds We recommend that all users upgrade to one of the FIXED versions. In the meantime, users can mitigate this vulnerability by using a load balancer or other device to filter out malicious If-None-Match headers before they reach the application. Users on Ruby 3.2.0 or greater are not affected by this vulnerability. Patches To aid users who aren’t able to upgrade immediately we have provided patches for the two supported release series. They are in git-am format and consist of a single changeset. 6-1-Avoid-regex-backtracking-on-If-None-Match-header.patch - Patch for 6.1 series 7-0-Avoid-regex-backtracking-on-If-None-Match-header.patch - Patch for 7.0 series Please note that only the 7.0.Z and 6.1.Z series are supported at present, and 6.0.Z for severe vulnerabilities. Users of earlier unsupported releases are advised to upgrade as soon as possible as we cannot guarantee the continued availability of security fixes for unsupported releases.

6.1.7.1
Affected by 1 other vulnerability.

7.0.4.1
Affected by 2 other vulnerabilities.

Next non-vulnerable version	6.1.7.7
Latest non-vulnerable version	7.1.3.1
Risk

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-05-30T06:38:26.886161+00:00	GitLab Importer	Affected by	VCID-6k4p-91ka-juh5	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/rails/CVE-2024-26144.yml	38.6.0
2026-05-30T05:58:05.040295+00:00	GitLab Importer	Affected by	VCID-k6aw-heeb-wke2	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/rails/CVE-2023-22795.yml	38.6.0
2026-05-30T05:58:01.901505+00:00	GitLab Importer	Affected by	VCID-98gu-r7wd-cuah	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/rails/CVE-2023-22792.yml	38.6.0
2026-05-29T17:31:47.051327+00:00	GitLab Importer	Fixing	VCID-be5x-uyc6-sudm	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/rails/CVE-2022-23633.yml	38.6.0