pkg:gem/actionview
Type
gem
Name
actionview
Known advisories, vulnerabilities and fixes for actionview package.
- Repository
- https://rubygems.org/gems/actionview
High
5
Medium
7
Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
---|---|---|---|---|---|---|---|
Affected | < 3.0.4 |
CVE-2011-0446
|
RUBYSEC:ACTIONVIEW-2011-0446 | XSS vulnerabilities in the mail_to helper in rails/actionview | medium |
2017-10-24T00:00:00
(7 years ago) |
|
Fixed | = 2.3.11 >= 3.0.4 |
CVE-2011-0446
|
RUBYSEC:ACTIONVIEW-2011-0446 | XSS vulnerabilities in the mail_to helper in rails/actionview | medium |
2017-10-24T00:00:00
(7 years ago) |
|
Affected | < 5.0.0.beta1.1 < 4.2.5.1 < 4.1.14.1 |
CVE-2016-0752
|
RUBYSEC:ACTIONVIEW-2016-0752 | Possible Information Leak Vulnerability in Action View | high |
2016-01-25T00:00:00
(8 years ago) |
|
Fixed | >= 5.0.0.beta1.1 = 4.2.5 >= 4.2.5.1 = 4.1.14 >= 4.1.14.1 |
CVE-2016-0752
|
RUBYSEC:ACTIONVIEW-2016-0752 | Possible Information Leak Vulnerability in Action View | high |
2016-01-25T00:00:00
(8 years ago) |
|
Affected | < 4.1.14.2 |
CVE-2016-2097
|
RUBYSEC:ACTIONVIEW-2016-2097 | Possible Information Leak Vulnerability in Action View | medium |
2016-02-29T00:00:00
(8 years ago) |
|
Fixed | = 4.1.14 >= 4.1.14.2 |
CVE-2016-2097
|
RUBYSEC:ACTIONVIEW-2016-2097 | Possible Information Leak Vulnerability in Action View | medium |
2016-02-29T00:00:00
(8 years ago) |
|
Unaffected | >= 4.2.0 |
CVE-2016-2097
|
RUBYSEC:ACTIONVIEW-2016-2097 | Possible Information Leak Vulnerability in Action View | medium |
2016-02-29T00:00:00
(8 years ago) |
|
Affected | < 5.0.0.1 = 3.0.0 |
CVE-2016-6316
|
RUBYSEC:ACTIONVIEW-2016-6316 | Possible XSS Vulnerability in Action View | medium |
2016-08-11T00:00:00
(8 years ago) |
|
Fixed | = 4.2.7.1 = 4.2.8 >= 5.0.0.1 |
CVE-2016-6316
|
RUBYSEC:ACTIONVIEW-2016-6316 | Possible XSS Vulnerability in Action View | medium |
2016-08-11T00:00:00
(8 years ago) |
|
Unaffected | < 3.0.0 |
CVE-2016-6316
|
RUBYSEC:ACTIONVIEW-2016-6316 | Possible XSS Vulnerability in Action View | medium |
2016-08-11T00:00:00
(8 years ago) |
|
Affected | < 4.2.11.1 < 5.0.7.2 < 5.1.6.2 < 5.2.2.1 < 6.0.0.beta3 |
CVE-2019-5418
|
RUBYSEC:ACTIONVIEW-2019-5418 | File Content Disclosure in Action View | high |
2019-03-13T00:00:00
(5 years ago) |
|
Fixed | = 4.2.11 >= 4.2.11.1 = 5.0.7 >= 5.0.7.2 = 5.1.6 >= 5.1.6.2 = 5.2.2 >= 5.2.2.1 >= 6.0.0.beta3 |
CVE-2019-5418
|
RUBYSEC:ACTIONVIEW-2019-5418 | File Content Disclosure in Action View | high |
2019-03-13T00:00:00
(5 years ago) |
|
Affected | < 6.0.0.beta3 < 5.2.2.1 < 5.1.6.2 < 5.0.7.2 < 4.2.11.1 |
CVE-2019-5419
|
RUBYSEC:ACTIONVIEW-2019-5419 | Denial of Service Vulnerability in Action View | high |
2019-03-13T00:00:00
(5 years ago) |
|
Fixed | >= 6.0.0.beta3 = 5.2.2 >= 5.2.2.1 = 5.1.6 >= 5.1.6.2 = 5.0.7 >= 5.0.7.2 = 4.2.11 >= 4.2.11.1 |
CVE-2019-5419
|
RUBYSEC:ACTIONVIEW-2019-5419 | Denial of Service Vulnerability in Action View | high |
2019-03-13T00:00:00
(5 years ago) |
|
Affected | < 5.2.4.4 < 6.0.3.3 |
CVE-2020-15169
|
RUBYSEC:ACTIONVIEW-2020-15169 | Potential XSS vulnerability in Action View | medium |
2020-09-09T00:00:00
(4 years ago) |
|
Fixed | = 5.2.4 >= 5.2.4.4 >= 6.0.3.3 |
CVE-2020-15169
|
RUBYSEC:ACTIONVIEW-2020-15169 | Potential XSS vulnerability in Action View | medium |
2020-09-09T00:00:00
(4 years ago) |
|
Affected | < 5.2.4.2 < 6.0.2.2 |
CVE-2020-5267
|
RUBYSEC:ACTIONVIEW-2020-5267 | Possible XSS vulnerability in ActionView | medium |
2020-03-19T00:00:00
(4 years ago) |
|
Fixed | = 5.2.4 >= 5.2.4.2 >= 6.0.2.2 |
CVE-2020-5267
|
RUBYSEC:ACTIONVIEW-2020-5267 | Possible XSS vulnerability in ActionView | medium |
2020-03-19T00:00:00
(4 years ago) |
|
Affected | < 4.2.11.2 |
CVE-2020-8163
|
RUBYSEC:ACTIONVIEW-2020-8163 | Potential remote code execution of user-provided local names in ActionView | high |
2020-05-15T00:00:00
(4 years ago) |
|
Fixed | >= 4.2.11.2 |
CVE-2020-8163
|
RUBYSEC:ACTIONVIEW-2020-8163 | Potential remote code execution of user-provided local names in ActionView | high |
2020-05-15T00:00:00
(4 years ago) |
|
Affected | < 5.2.4.3 < 6.0.3.1 |
CVE-2020-8167
|
RUBYSEC:ACTIONVIEW-2020-8167 | CSRF Vulnerability in rails-ujs | medium |
2020-05-18T00:00:00
(4 years ago) |
|
Fixed | = 5.2.4 >= 5.2.4.3 >= 6.0.3.1 |
CVE-2020-8167
|
RUBYSEC:ACTIONVIEW-2020-8167 | CSRF Vulnerability in rails-ujs | medium |
2020-05-18T00:00:00
(4 years ago) |
|
Affected | < 5.2.7.1 < 6.0.4.8 < 6.1.5.1 < 7.0.2.4 |
CVE-2022-27777
|
RUBYSEC:ACTIONVIEW-2022-27777 | Possible XSS Vulnerability in Action View tag helpers | medium |
2022-04-26T00:00:00
(2 years ago) |
|
Fixed | = 5.2.7 >= 5.2.7.1 = 6.0.4 >= 6.0.4.8 = 6.1.5 >= 6.1.5.1 >= 7.0.2.4 |
CVE-2022-27777
|
RUBYSEC:ACTIONVIEW-2022-27777 | Possible XSS Vulnerability in Action View tag helpers | medium |
2022-04-26T00:00:00
(2 years ago) |
|
Affected | < 7.0.4.3 = 5.1.0 |
CVE-2023-23913
|
RUBYSEC:ACTIONVIEW-2023-23913 | DOM Based Cross-site Scripting in rails-ujs for contenteditable HTML Elements | high |
2023-03-13T00:00:00
(18 months ago) |
|
Fixed | = 6.1.7.3 >= 7.0.4.3 |
CVE-2023-23913
|
RUBYSEC:ACTIONVIEW-2023-23913 | DOM Based Cross-site Scripting in rails-ujs for contenteditable HTML Elements | high |
2023-03-13T00:00:00
(18 months ago) |
|
Unaffected | < 5.1.0 |
CVE-2023-23913
|
RUBYSEC:ACTIONVIEW-2023-23913 | DOM Based Cross-site Scripting in rails-ujs for contenteditable HTML Elements | high |
2023-03-13T00:00:00
(18 months ago) |