rails vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the rails package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • M
Cross-site Scripting (XSS)

>=5.1.0, <6.1.7.3 >=7.0.0, <7.0.4.3
  • M
Cross-site Scripting (XSS)

<3.0.6
  • H
Open Redirect

>=6.1.0, <6.1.4.1 >=6.0.0, <6.0.4.1
  • H
Denial of Service (DoS)

>=4.2.0, <5.2.4.5 >=6.0.0.beta1, <6.0.3.5 >=6.1.0.rc1, <6.1.2.1
  • M
Improper Input Validation

>=2.3.9, <2.3.10 >=3.0.0, <3.0.1
  • M
Cross-site Scripting (XSS)

>=2.0.0, <2.3.12 >=3.0.0, <3.0.8 >=3.1.0.rc1, <3.1.0.rc2
  • H
SQL Injection

<2.1.1
  • M
Access Restriction Bypass

<3.0.14 >=3.1.0, <3.1.6 >=3.2.0, <3.2.6
  • H
SQL Injection

<3.0.14 >=3.1.0, <3.1.6 >=3.2.0, <3.2.6
  • H
Remote Code Execution (RCE)

>=1.1.0, <1.1.6
  • H
Denial of Service (DoS)

>=1.1.0, <1.1.6
  • M
Cross-site Scripting (XSS)

<1.2.5
  • M
Information Exposure

<1.2.4
  • M
Session Fixation

<1.2.4
  • M
Session Fixation

<1.2.6
  • M
Cross-Site Request Forgery (CSRF)

<2.0.5
  • M
Improper Input Validation

>=2.1.0, <2.1.3 >=2.2.0, <2.2.2
  • H
Improper Authentication

<2.3.3
  • M
Cross-site Scripting (XSS)

>=2.0.0, <2.2.3 >=2.3.0, <2.3.4
  • M
Information Exposure

>=2.1.0, <2.2.3 >=2.3.0, <2.3.4
  • M
Cross-site Scripting (XSS)

<2.2.2 >=2.3.0, <2.3.5