Every CVE whose affected-product data names Rubyonrails Rails, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (117)
CVE-2013-0277 — CVSS 10.0 (critical): ActiveRecord in Ruby on Rails before 2.3.17 and 3.x before 3.1.0 allows remote attackers to cause a denial of service or execute arbitrary…
CVE-2019-5420 — CVSS 9.8 (critical): A remote code execution vulnerability in development mode Rails <5.2.2.1, <6.0.0.beta3 can allow an attacker to guess the automatically…
CVE-2026-33195 — CVSS 9.8 (critical): Active Storage allows users to attach cloud and local files in Rails applications. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1, Active…
CVE-2020-8165 — CVSS 9.8 (critical): A deserialization of untrusted data vulnernerability exists in rails < 5.2.4.3, rails < 6.0.3.1 that can allow an attacker to unmarshal…
CVE-2026-33202 — CVSS 9.1 (critical): Active Storage allows users to attach cloud and local files in Rails applications. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1, Active…
CVE-2020-8163 — CVSS 8.8 (high): The is a code injection vulnerability in versions of Rails prior to 5.0.1 that wouldallow an attacker who controlled the `locals` argument…
CVE-2017-17916 — CVSS 8.1 (high): SQL injection vulnerability in the 'find_by' method in Ruby on Rails 5.1.4 and earlier allows remote attackers to execute arbitrary SQL…
CVE-2017-17917 — CVSS 8.1 (high): SQL injection vulnerability in the 'where' method in Ruby on Rails 5.1.4 and earlier allows remote attackers to execute arbitrary SQL…
CVE-2022-23634 — CVSS 8.0 (high): Puma is a Ruby/Rack web server built for parallelism. Prior to `puma` version `5.6.2`, `puma` may not always call `close` on the response…
CVE-2021-22902 — CVSS 7.5 (high): The actionpack ruby gem (a framework for handling and responding to web requests in Rails) before 6.0.3.7, 6.1.3.2 suffers from a possible…
CVE-2011-0448 — CVSS 7.5 (high): Ruby on Rails 3.0.x before 3.0.4 does not ensure that arguments to the limit function specify integer values, which makes it easier for…
CVE-2011-0449 — CVSS 7.5 (high): actionpack/lib/action_view/template/resolver.rb in Ruby on Rails 3.0.x before 3.0.4, when a case-insensitive filesystem is used, does not…
CVE-2021-22885 — CVSS 7.5 (high): A possible information disclosure / unintended method execution vulnerability in Action Pack >= 2.0.0 when using the `redirect_to` or…
CVE-2021-22880 — CVSS 7.5 (high): The PostgreSQL adapter in Active Record before 6.1.2.1, 6.0.3.5, 5.2.4.5 suffers from a regular expression denial of service (REDoS)…
CVE-2011-2930 — CVSS 7.5 (high): Multiple SQL injection vulnerabilities in the quote_table_name method in the ActiveRecord adapters in activerecord/lib/active_record/connect…
CVE-2020-8164 — CVSS 7.5 (high): A deserialization of untrusted data vulnerability exists in rails < 5.2.4.3, rails < 6.0.3.1 which can allow an attacker to supply…
CVE-2020-8162 — CVSS 7.5 (high): A client side enforcement of server side security vulnerability exists in rails < 5.2.4.2 and rails < 6.0.3.1 ActiveStorage's S3 adapter…
CVE-2019-5419 — CVSS 7.5 (high): There is a possible denial of service vulnerability in Action View (Rails) <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.11.1 where specially crafted…
CVE-2018-16476 — CVSS 7.5 (high): A Broken Access Control vulnerability in Active Job versions >= 4.2.0 allows an attacker to craft user input which can cause Active Job to…
CVE-2016-6317 — CVSS 7.5 (high): Action Record in Ruby on Rails 4.2.x before 4.2.7.1 does not properly consider differences in parameter handling between the Active Record…
CVE-2012-2695 — CVSS 7.5 (high): The Active Record component in Ruby on Rails before 3.0.14, 3.1.x before 3.1.6, and 3.2.x before 3.2.6 does not properly implement the…
CVE-2006-4111 — CVSS 7.5 (high): Ruby on Rails before 1.1.5 allows remote attackers to execute Ruby code with "severe" or "serious" impact via a File Upload request with an…
CVE-2016-0751 — CVSS 7.5 (high): actionpack/lib/action_dispatch/http/mime_type.rb in Action Pack in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x…
CVE-2015-7581 — CVSS 7.5 (high): actionpack/lib/action_dispatch/routing/route_set.rb in Action Pack in Ruby on Rails 4.x before 4.2.5.1 and 5.x before 5.0.0.beta1.1 allows…
CVE-2012-6496 — CVSS 7.5 (high): SQL injection vulnerability in the Active Record component in Ruby on Rails before 3.0.18, 3.1.x before 3.1.9, and 3.2.x before 3.2.10…
CVE-2014-3514 — CVSS 7.5 (high): activerecord/lib/active_record/relation/query_methods.rb in Active Record in Ruby on Rails 4.0.x before 4.0.9 and 4.1.x before 4.1.5 allows…
CVE-2014-3483 — CVSS 7.5 (high): SQL injection vulnerability in activerecord/lib/active_record/connection_adapters/postgresql/quoting.rb in the PostgreSQL adapter for…
CVE-2013-0156 — CVSS 7.5 (high): active_support/core_ext/hash/conversions.rb in Ruby on Rails before 2.3.15, 3.0.x before 3.0.19, 3.1.x before 3.1.10, and 3.2.x before…
CVE-2014-3482 — CVSS 7.5 (high): SQL injection vulnerability in activerecord/lib/active_record/connection_adapters/postgresql_adapter.rb in the PostgreSQL adapter for…
CVE-2013-0333 — CVSS 7.5 (high): lib/active_support/json/backends/yaml.rb in Ruby on Rails 2.3.x before 2.3.16 and 3.0.x before 3.0.20 does not properly convert JSON data…
CVE-2006-4112 — CVSS 7.5 (high): Unspecified vulnerability in the "dependency resolution mechanism" in Ruby on Rails 1.1.0 through 1.1.5 allows remote attackers to execute…
CVE-2008-4094 — CVSS 7.5 (high): Multiple SQL injection vulnerabilities in Ruby on Rails before 2.1.1 allow remote attackers to execute arbitrary SQL commands via the (1)…
CVE-2026-33176 — CVSS 7.5 (high): Active Support is a toolkit of support libraries and Ruby core extensions extracted from the Rails framework. Prior to versions 8.1.2.1…
CVE-2026-33174 — CVSS 7.5 (high): Active Storage allows users to attach cloud and local files in Rails applications. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1, when…
CVE-2024-26142 — CVSS 7.5 (high): Rails is a web-application framework. Starting in version 7.1.0, there is a possible ReDoS vulnerability in the Accept header parsing…
CVE-2023-22795 — CVSS 7.5 (high): A regular expression based DoS vulnerability in Action Dispatch <6.1.7.1 and <7.0.4.1 related to the If-None-Match header. A specially…
CVE-2023-22792 — CVSS 7.5 (high): A regular expression based DoS vulnerability in Action Dispatch <6.0.6.1,< 6.1.7.1, and <7.0.4.1. Specially crafted cookies, in combination…
CVE-2021-22904 — CVSS 7.5 (high): The actionpack ruby gem before 6.1.3.2, 6.0.3.7, 5.2.4.6, 5.2.6 suffers from a possible denial of service vulnerability in the Token…
CVE-2022-23633 — CVSS 7.4 (high): Action Pack is a framework for handling and responding to web requests. Under certain circumstances response bodies will not be closed. In…
CVE-2016-2098 — CVSS 7.3 (high): Action Pack in Ruby on Rails before 3.2.22.2, 4.x before 4.1.14.2, and 4.2.x before 4.2.5.2 allows remote attackers to execute arbitrary…
CVE-2007-6077 — CVSS 6.8 (medium): The session fixation protection mechanism in cgi_process.rb in Rails 1.2.4, as used in Ruby on Rails, removes the :cookie_only attribute…
CVE-2011-0447 — CVSS 6.8 (medium): Ruby on Rails 2.1.x, 2.2.x, and 2.3.x before 2.3.11, and 3.x before 3.0.4, does not properly validate HTTP requests that contain an…
CVE-2014-0080 — CVSS 6.8 (medium): SQL injection vulnerability in activerecord/lib/active_record/connection_adapters/postgresql/cast.rb in Active Record in Ruby on Rails…
CVE-2008-7248 — CVSS 6.8 (medium): Ruby on Rails 2.1 before 2.1.3 and 2.2.x before 2.2.2 does not verify tokens for requests with certain content types, which allows remote…
CVE-2018-16477 — CVSS 6.5 (medium): A bypass vulnerability in Active Storage >= 5.2.0 for Google Cloud Storage and Disk services allow an attacker to modify the…
CVE-2020-8185 — CVSS 6.5 (medium): A denial of service vulnerability exists in Rails <6.0.3.2 that allowed an untrusted user to run any pending migrations on a Rails app…
CVE-2020-8167 — CVSS 6.5 (medium): A CSRF vulnerability exists in rails <= 6.0.3 rails-ujs module that could allow attackers to send CSRF tokens to wrong domains.
CVE-2026-33658 — CVSS 6.5 (medium): Active Storage allows users to attach cloud and local files in Rails applications. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1 Active…
CVE-2013-6417 — CVSS 6.4 (medium): actionpack/lib/action_dispatch/http/request.rb in Ruby on Rails before 3.2.16 and 4.x before 4.0.2 does not properly consider differences…
CVE-2012-2660 — CVSS 6.4 (medium): actionpack/lib/action_dispatch/http/request.rb in Ruby on Rails before 3.0.13, 3.1.x before 3.1.5, and 3.2.x before 3.2.4 does not properly…
CVE-2013-0155 — CVSS 6.4 (medium): Ruby on Rails 3.0.x before 3.0.19, 3.1.x before 3.1.10, and 3.2.x before 3.2.11 does not properly consider differences in parameter…
CVE-2013-3221 — CVSS 6.4 (medium): The Active Record component in Ruby on Rails 2.3.x, 3.0.x, 3.1.x, and 3.2.x does not ensure that the declared data type of a database…
CVE-2010-3933 — CVSS 6.4 (medium): Ruby on Rails 2.3.9 and 3.0.0 does not properly handle nested attributes, which allows remote attackers to modify arbitrary records by…
CVE-2021-22942 — CVSS 6.1 (medium): A possible open redirect vulnerability in the Host Authorization middleware in Action Pack >= 6.0.0 that could allow attackers to redirect…
CVE-2011-1497 — CVSS 6.1 (medium): A cross-site scripting vulnerability flaw was found in the auto_link function in Rails before version 3.0.6.
CVE-2021-22881 — CVSS 6.1 (medium): The Host Authorization middleware in Action Pack before 6.1.2.1, 6.0.3.5 suffers from an open redirect vulnerability. Specially crafted…
CVE-2020-8264 — CVSS 6.1 (medium): In actionpack gem >= 6.0.0, a possible XSS vulnerability exists when an application is running in development mode allowing an attacker to…
CVE-2021-22903 — CVSS 6.1 (medium): The actionpack ruby gem before 6.1.3.2 suffers from a possible open redirect vulnerability. Specially crafted Host headers in combination…
CVE-2016-6316 — CVSS 6.1 (medium): Cross-site scripting (XSS) vulnerability in Action View in Ruby on Rails 3.x before 3.2.22.3, 4.x before 4.2.7.1, and 5.x before 5.0.0.1…
CVE-2024-26143 — CVSS 6.1 (medium): Rails is a web-application framework. There is a possible XSS vulnerability when using the translation helpers in Action Controller…
CVE-2023-22797 — CVSS 6.1 (medium): An open redirect vulnerability is fixed in Rails 7.0.4.1 with the new protection against open redirects from calling redirect_to with…
CVE-2021-44528 — CVSS 6.1 (medium): A open redirect vulnerability exists in Action Pack >= 6.0.0 that could allow an attacker to craft a "X-Forwarded-Host" headers in…
CVE-2026-33170 — CVSS 6.1 (medium): Active Support is a toolkit of support libraries and Ruby core extensions extracted from the Rails framework. Prior to versions 8.1.2.1…
CVE-2024-32464 — CVSS 6.1 (medium): Action Text brings rich text content and editing to Rails. Instances of ActionText::Attachable::ContentAttachment included within a…
CVE-2013-1856 — CVSS 5.8 (medium): The ActiveSupport::XmlMini_JDOM backend in lib/active_support/xml_mini/jdom.rb in the Active Support component in Ruby on Rails 3.0.x and…
CVE-2024-28103 — CVSS 5.4 (medium): Action Pack is a framework for handling and responding to web requests. Since 6.1.0, the application configurable Permissions-Policy is…
CVE-2016-2097 — CVSS 5.3 (medium): Directory traversal vulnerability in Action View in Ruby on Rails before 3.2.22.2 and 4.x before 4.1.14.2 allows remote attackers to read…
CVE-2015-7577 — CVSS 5.3 (medium): activerecord/lib/active_record/nested_attributes.rb in Active Record in Ruby on Rails 3.1.x and 3.2.x before 3.2.22.1, 4.0.x and 4.1.x…
CVE-2016-0753 — CVSS 5.3 (medium): Active Model in Ruby on Rails 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 supports the use of instance-level…
CVE-2024-26144 — CVSS 5.3 (medium): Rails is a web-application framework. Starting with version 5.2.0, there is a possible sensitive session information leak in Active…
CVE-2026-33169 — CVSS 5.3 (medium): Active Support is a toolkit of support libraries and Ruby core extensions extracted from the Rails framework. `NumberToDelimitedConverter`…
CVE-2026-33173 — CVSS 5.3 (medium): Active Storage allows users to attach cloud and local files in Rails applications. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1…
CVE-2009-3086 — CVSS 5.0 (medium): A certain algorithm in Ruby on Rails 2.1.0 through 2.2.2, and 2.3.x before 2.3.4, leaks information about the complexity of message-digest…
CVE-2014-0082 — CVSS 5.0 (medium): actionpack/lib/action_view/template/text.rb in Action View in Ruby on Rails 3.x before 3.2.17 converts MIME type strings to symbols during…
CVE-2011-2929 — CVSS 5.0 (medium): The template selection functionality in actionpack/lib/action_view/template/resolver.rb in Ruby on Rails 3.0.x before 3.0.10 and 3.1.x…
CVE-2015-3227 — CVSS 5.0 (medium): The (1) jdom.rb and (2) rexml.rb components in Active Support in Ruby on Rails before 4.1.11 and 4.2.x before 4.2.2, when JDOM or REXML is…
CVE-2014-3916 — CVSS 5.0 (medium): The str_buf_cat function in string.c in Ruby 1.9.3, 2.0.0, and 2.1 allows context-dependent attackers to cause a denial of service…
CVE-2012-6497 — CVSS 5.0 (medium): The Authlogic gem for Ruby on Rails, when used with certain versions before 3.2.10, makes potentially unsafe find_by_id method calls, which…
CVE-2012-2661 — CVSS 5.0 (medium): The Active Record component in Ruby on Rails 3.0.x before 3.0.13, 3.1.x before 3.1.5, and 3.2.x before 3.2.4 does not properly implement…
CVE-2013-1854 — CVSS 5.0 (medium): The Active Record component in Ruby on Rails 2.3.x before 2.3.18, 3.1.x before 3.1.12, and 3.2.x before 3.2.13 processes certain queries by…
CVE-2013-6414 — CVSS 5.0 (medium): actionpack/lib/action_view/lookup_context.rb in Action View in Ruby on Rails 3.x before 3.2.16 and 4.x before 4.0.2 allows remote attackers…
CVE-2012-3424 — CVSS 5.0 (medium): The decode_credentials method in actionpack/lib/action_controller/metal/http_authentication.rb in Ruby on Rails 3.x before 3.0.16, 3.1.x…
CVE-2014-7829 — CVSS 5.0 (medium): Directory traversal vulnerability in actionpack/lib/action_dispatch/middleware/static.rb in Action Pack in Ruby on Rails 3.x before 3.2.21…
CVE-2008-5189 — CVSS 5.0 (medium): CRLF injection vulnerability in Ruby on Rails before 2.0.5 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP…
CVE-2011-2197 — CVSS 4.3 (medium): The cross-site scripting (XSS) prevention feature in Ruby on Rails 2.x before 2.3.12, 3.0.x before 3.0.8, and 3.1.x before 3.1.0.rc2 does…
CVE-2015-3226 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in json/encoding.rb in Active Support in Ruby on Rails 3.x and 4.1.x before 4.1.11 and 4.2.x…
CVE-2014-7818 — CVSS 4.3 (medium): Directory traversal vulnerability in actionpack/lib/action_dispatch/middleware/static.rb in Action Pack in Ruby on Rails 3.x before 3.2.20…
CVE-2011-0446 — CVSS 4.3 (medium): Multiple cross-site scripting (XSS) vulnerabilities in the mail_to helper in Ruby on Rails before 2.3.11, and 3.x before 3.0.4, when…
CVE-2013-0276 — CVSS 4.3 (medium): ActiveRecord in Ruby on Rails before 2.3.17, 3.1.x before 3.1.11, and 3.2.x before 3.2.12 allows remote attackers to bypass the…
CVE-2009-4214 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in the strip_tags function in Ruby on Rails before 2.2.s, and 2.3.x before 2.3.5, allows remote…
CVE-2009-3009 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in Ruby on Rails 2.x before 2.2.3, and 2.3.x before 2.3.4, allows remote attackers to inject…
CVE-2014-0081 — CVSS 4.3 (medium): Multiple cross-site scripting (XSS) vulnerabilities in actionview/lib/action_view/helpers/number_helper.rb in Ruby on Rails before 3.2.17…
CVE-2013-4389 — CVSS 4.3 (medium): Multiple format string vulnerabilities in log_subscriber.rb files in the log subscriber component in Action Mailer in Ruby on Rails 3.x…
CVE-2013-6416 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in the simple_format helper in actionpack/lib/action_view/helpers/text_helper.rb in Ruby on Rails…
CVE-2013-6415 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in the number_to_currency helper in actionpack/lib/action_view/helpers/number_helper.rb in Ruby on…
CVE-2007-3227 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in the to_json (ActiveRecord::Base#to_json) function in Ruby on Rails before edge 9606 allows…
CVE-2013-1855 — CVSS 4.3 (medium): The sanitize_css method in lib/action_controller/vendor/html-scanner/html/sanitizer.rb in the Action Pack component in Ruby on Rails before…
CVE-2013-4491 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in actionpack/lib/action_view/helpers/translation_helper.rb in the internationalization component…
CVE-2013-1857 — CVSS 4.3 (medium): The sanitize helper in lib/action_controller/vendor/html-scanner/html/sanitizer.rb in the Action Pack component in Ruby on Rails before…
CVE-2012-1099 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in actionpack/lib/action_view/helpers/form_options_helper.rb in the select helper in Ruby on Rails…
CVE-2012-3463 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in actionpack/lib/action_view/helpers/form_tag_helper.rb in Ruby on Rails 3.x before 3.0.17, 3.1.x…
CVE-2012-1098 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in Ruby on Rails 3.0.x before 3.0.12, 3.1.x before 3.1.4, and 3.2.x before 3.2.2 allows remote…
CVE-2011-4319 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in the i18n translations helper method in Ruby on Rails 3.0.x before 3.0.11 and 3.1.x before…
CVE-2011-3187 — CVSS 4.3 (medium): The to_s method in actionpack/lib/action_dispatch/middleware/remote_ip.rb in Ruby on Rails 3.0.5 does not validate the X-Forwarded-For…
CVE-2011-3186 — CVSS 4.3 (medium): CRLF injection vulnerability in actionpack/lib/action_controller/response.rb in Ruby on Rails 2.3.x before 2.3.13 allows remote attackers…
CVE-2011-2932 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in activesupport/lib/active_support/core_ext/string/output_safety.rb in Ruby on Rails 2.x before…
CVE-2011-2931 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in the strip_tags helper in actionpack/lib/action_controller/vendor/html-scanner/html/node.rb in…
CVE-2020-8166 — CVSS 4.3 (medium): A CSRF forgery vulnerability exists in rails < 5.2.5, rails < 6.0.4 that makes it possible for an attacker to, given a global CSRF token…
CVE-2012-3464 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in activesupport/lib/active_support/core_ext/string/output_safety.rb in Ruby on Rails before…
CVE-2012-3465 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in actionpack/lib/action_view/helpers/sanitize_helper.rb in the strip_tags helper in Ruby on Rails…
CVE-2012-2694 — CVSS 4.3 (medium): actionpack/lib/action_dispatch/http/request.rb in Ruby on Rails before 3.0.14, 3.1.x before 3.1.6, and 3.2.x before 3.2.6 does not properly…
CVE-2015-7576 — CVSS 3.7 (low): The http_basic_authenticate_with method in actionpack/lib/action_controller/metal/http_authentication.rb in the Basic Authentication…
CVE-2022-3704 — CVSS 3.5 (low): A vulnerability classified as problematic has been found in Ruby on Rails. This affects an unknown part of the file actionpack/lib/action_di…