David Hansson Ruby On Rails — known CVE vulnerabilities
Every CVE whose affected-product data names David Hansson Ruby On Rails, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2007-5380 — CVSS 6.8 (medium): Session fixation vulnerability in Rails before 1.2.4, as used for Ruby on Rails, allows remote attackers to hijack web sessions via…
CVE-2007-5379 — CVSS 5.0 (medium): Rails before 1.2.4, as used for Ruby on Rails, allows remote attackers and ActiveResource servers to determine the existence of arbitrary…