Activesupport Project Activesupport — known CVE vulnerabilities
Every CVE whose affected-product data names Activesupport Project Activesupport, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2018-3779 — CVSS 9.8 (critical): active-support ruby gem 5.2.0 could allow a remote attacker to execute arbitrary code on the system, caused by containing a malicious…
CVE-2023-22796 — CVSS 7.5 (high): A regular expression based DoS vulnerability in Active Support <6.1.7.1 and <7.0.4.1. A specially crafted string passed to the underscore…