pkg:gem/actionview

Type gem

Name actionview

Known advisories, vulnerabilities and fixes for actionview package.

Repository: https://rubygems.org/gems/actionview

High 5

Medium 7

Type	Version	# CVEs	# Advisory ID	Title	Severity	Published
Affected	< 3.0.4	CVE-2011-0446	RUBYSEC:ACTIONVIEW-2011-0446	XSS vulnerabilities in the mail_to helper in rails/actionview	medium	2017-10-24T00:00:00 (7 years ago)
Fixed	= 2.3.11 >= 3.0.4	CVE-2011-0446	RUBYSEC:ACTIONVIEW-2011-0446	XSS vulnerabilities in the mail_to helper in rails/actionview	medium	2017-10-24T00:00:00 (7 years ago)
Affected	< 5.0.0.beta1.1 < 4.2.5.1 < 4.1.14.1	CVE-2016-0752	RUBYSEC:ACTIONVIEW-2016-0752	Possible Information Leak Vulnerability in Action View	high	2016-01-25T00:00:00 (8 years ago)
Fixed	>= 5.0.0.beta1.1 = 4.2.5 >= 4.2.5.1 = 4.1.14 >= 4.1.14.1	CVE-2016-0752	RUBYSEC:ACTIONVIEW-2016-0752	Possible Information Leak Vulnerability in Action View	high	2016-01-25T00:00:00 (8 years ago)
Affected	< 4.1.14.2	CVE-2016-2097	RUBYSEC:ACTIONVIEW-2016-2097	Possible Information Leak Vulnerability in Action View	medium	2016-02-29T00:00:00 (8 years ago)
Fixed	= 4.1.14 >= 4.1.14.2	CVE-2016-2097	RUBYSEC:ACTIONVIEW-2016-2097	Possible Information Leak Vulnerability in Action View	medium	2016-02-29T00:00:00 (8 years ago)
Unaffected	>= 4.2.0	CVE-2016-2097	RUBYSEC:ACTIONVIEW-2016-2097	Possible Information Leak Vulnerability in Action View	medium	2016-02-29T00:00:00 (8 years ago)
Affected	< 5.0.0.1 = 3.0.0	CVE-2016-6316	RUBYSEC:ACTIONVIEW-2016-6316	Possible XSS Vulnerability in Action View	medium	2016-08-11T00:00:00 (8 years ago)
Fixed	= 4.2.7.1 = 4.2.8 >= 5.0.0.1	CVE-2016-6316	RUBYSEC:ACTIONVIEW-2016-6316	Possible XSS Vulnerability in Action View	medium	2016-08-11T00:00:00 (8 years ago)
Unaffected	< 3.0.0	CVE-2016-6316	RUBYSEC:ACTIONVIEW-2016-6316	Possible XSS Vulnerability in Action View	medium	2016-08-11T00:00:00 (8 years ago)
Affected	< 4.2.11.1 < 5.0.7.2 < 5.1.6.2 < 5.2.2.1 < 6.0.0.beta3	CVE-2019-5418	RUBYSEC:ACTIONVIEW-2019-5418	File Content Disclosure in Action View	high	2019-03-13T00:00:00 (5 years ago)
Fixed	= 4.2.11 >= 4.2.11.1 = 5.0.7 >= 5.0.7.2 = 5.1.6 >= 5.1.6.2 = 5.2.2 >= 5.2.2.1 >= 6.0.0.beta3	CVE-2019-5418	RUBYSEC:ACTIONVIEW-2019-5418	File Content Disclosure in Action View	high	2019-03-13T00:00:00 (5 years ago)
Affected	< 6.0.0.beta3 < 5.2.2.1 < 5.1.6.2 < 5.0.7.2 < 4.2.11.1	CVE-2019-5419	RUBYSEC:ACTIONVIEW-2019-5419	Denial of Service Vulnerability in Action View	high	2019-03-13T00:00:00 (5 years ago)
Fixed	>= 6.0.0.beta3 = 5.2.2 >= 5.2.2.1 = 5.1.6 >= 5.1.6.2 = 5.0.7 >= 5.0.7.2 = 4.2.11 >= 4.2.11.1	CVE-2019-5419	RUBYSEC:ACTIONVIEW-2019-5419	Denial of Service Vulnerability in Action View	high	2019-03-13T00:00:00 (5 years ago)
Affected	< 5.2.4.4 < 6.0.3.3	CVE-2020-15169	RUBYSEC:ACTIONVIEW-2020-15169	Potential XSS vulnerability in Action View	medium	2020-09-09T00:00:00 (4 years ago)
Fixed	= 5.2.4 >= 5.2.4.4 >= 6.0.3.3	CVE-2020-15169	RUBYSEC:ACTIONVIEW-2020-15169	Potential XSS vulnerability in Action View	medium	2020-09-09T00:00:00 (4 years ago)
Affected	< 5.2.4.2 < 6.0.2.2	CVE-2020-5267	RUBYSEC:ACTIONVIEW-2020-5267	Possible XSS vulnerability in ActionView	medium	2020-03-19T00:00:00 (4 years ago)
Fixed	= 5.2.4 >= 5.2.4.2 >= 6.0.2.2	CVE-2020-5267	RUBYSEC:ACTIONVIEW-2020-5267	Possible XSS vulnerability in ActionView	medium	2020-03-19T00:00:00 (4 years ago)
Affected	< 4.2.11.2	CVE-2020-8163	RUBYSEC:ACTIONVIEW-2020-8163	Potential remote code execution of user-provided local names in ActionView	high	2020-05-15T00:00:00 (4 years ago)
Fixed	>= 4.2.11.2	CVE-2020-8163	RUBYSEC:ACTIONVIEW-2020-8163	Potential remote code execution of user-provided local names in ActionView	high	2020-05-15T00:00:00 (4 years ago)
Affected	< 5.2.4.3 < 6.0.3.1	CVE-2020-8167	RUBYSEC:ACTIONVIEW-2020-8167	CSRF Vulnerability in rails-ujs	medium	2020-05-18T00:00:00 (4 years ago)
Fixed	= 5.2.4 >= 5.2.4.3 >= 6.0.3.1	CVE-2020-8167	RUBYSEC:ACTIONVIEW-2020-8167	CSRF Vulnerability in rails-ujs	medium	2020-05-18T00:00:00 (4 years ago)
Affected	< 5.2.7.1 < 6.0.4.8 < 6.1.5.1 < 7.0.2.4	CVE-2022-27777	RUBYSEC:ACTIONVIEW-2022-27777	Possible XSS Vulnerability in Action View tag helpers	medium	2022-04-26T00:00:00 (2 years ago)
Fixed	= 5.2.7 >= 5.2.7.1 = 6.0.4 >= 6.0.4.8 = 6.1.5 >= 6.1.5.1 >= 7.0.2.4	CVE-2022-27777	RUBYSEC:ACTIONVIEW-2022-27777	Possible XSS Vulnerability in Action View tag helpers	medium	2022-04-26T00:00:00 (2 years ago)
Affected	< 7.0.4.3 = 5.1.0	CVE-2023-23913	RUBYSEC:ACTIONVIEW-2023-23913	DOM Based Cross-site Scripting in rails-ujs for contenteditable HTML Elements	high	2023-03-13T00:00:00 (18 months ago)
Fixed	= 6.1.7.3 >= 7.0.4.3	CVE-2023-23913	RUBYSEC:ACTIONVIEW-2023-23913	DOM Based Cross-site Scripting in rails-ujs for contenteditable HTML Elements	high	2023-03-13T00:00:00 (18 months ago)
Unaffected	< 5.1.0	CVE-2023-23913	RUBYSEC:ACTIONVIEW-2023-23913	DOM Based Cross-site Scripting in rails-ujs for contenteditable HTML Elements	high	2023-03-13T00:00:00 (18 months ago)