Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2022-21831: CVE-2022-21831 - GitHub Advisory Database

A code injection vulnerability exists in the Active Storage >= v5.2.0 that could allow an attacker to execute code via image_processing arguments.

CVE
#vulnerability#git#ruby

Package

bundler activestorage (RubyGems )

Affected versions

>= 5.2.0, <= 5.2.6.2

>= 6.0.0, <= 6.0.4.6

>= 6.1.0, <= 6.1.4.6

>= 7.0.0, <= 7.0.2.2

Patched versions

5.2.6.3

6.0.4.7

6.1.4.7

7.0.2.3

Related news

Debian Security Advisory 5372-1

Debian Linux Security Advisory 5372-1 - Multiple vulnerabilities were discovered in rails, the Ruby based server-side MVC web application framework, which could result in XSS, data disclosure and open redirect.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907