pkg:gem/activestorage
Type
gem
Name
activestorage
Known advisories, vulnerabilities and fixes for activestorage package.
- Repository
- https://rubygems.org/gems/activestorage
Critical
1
High
1
Medium
2
Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
---|---|---|---|---|---|---|---|
Affected | < 5.2.1.1 = 5.2.0 |
CVE-2018-16477
|
RUBYSEC:ACTIVESTORAGE-2018-16477 | Bypass vulnerability in Active Storage | medium |
2018-11-27T00:00:00
(5 years ago) |
|
Fixed | >= 5.2.1.1 |
CVE-2018-16477
|
RUBYSEC:ACTIVESTORAGE-2018-16477 | Bypass vulnerability in Active Storage | medium |
2018-11-27T00:00:00
(5 years ago) |
|
Unaffected | < 5.2.0 |
CVE-2018-16477
|
RUBYSEC:ACTIVESTORAGE-2018-16477 | Bypass vulnerability in Active Storage | medium |
2018-11-27T00:00:00
(5 years ago) |
|
Affected | < 5.2.4.3 < 6.0.3.1 |
CVE-2020-8162
|
RUBYSEC:ACTIVESTORAGE-2020-8162 | Circumvention of file size limits in ActiveStorage | high |
2020-05-18T00:00:00
(4 years ago) |
|
Fixed | = 5.2.4 >= 5.2.4.3 >= 6.0.3.1 |
CVE-2020-8162
|
RUBYSEC:ACTIVESTORAGE-2020-8162 | Circumvention of file size limits in ActiveStorage | high |
2020-05-18T00:00:00
(4 years ago) |
|
Affected | < 5.2.6.3 < 6.0.4.7 < 6.1.4.7 < 7.0.2.3 = 5.2.0 |
CVE-2022-21831
|
RUBYSEC:ACTIVESTORAGE-2022-21831 | Possible code injection vulnerability in Rails / Active Storage | critical |
2022-03-08T00:00:00
(2 years ago) |
|
Fixed | = 5.2.6 >= 5.2.6.3 = 6.0.4 >= 6.0.4.7 = 6.1.4 >= 6.1.4.7 >= 7.0.2.3 |
CVE-2022-21831
|
RUBYSEC:ACTIVESTORAGE-2022-21831 | Possible code injection vulnerability in Rails / Active Storage | critical |
2022-03-08T00:00:00
(2 years ago) |
|
Unaffected | < 5.2.0 |
CVE-2022-21831
|
RUBYSEC:ACTIVESTORAGE-2022-21831 | Possible code injection vulnerability in Rails / Active Storage | critical |
2022-03-08T00:00:00
(2 years ago) |
|
Affected | < 6.1.7.7 < 7.0.8.1 = 5.2.0 |
CVE-2024-26144
|
RUBYSEC:ACTIVESTORAGE-2024-26144 | Possible Sensitive Session Information Leak in Active Storage | medium |
2024-02-21T00:00:00
(7 months ago) |
|
Fixed | = 6.1.7 >= 6.1.7.7 >= 7.0.8.1 |
CVE-2024-26144
|
RUBYSEC:ACTIVESTORAGE-2024-26144 | Possible Sensitive Session Information Leak in Active Storage | medium |
2024-02-21T00:00:00
(7 months ago) |
|
Unaffected | < 5.2.0 >= 7.1.0 |
CVE-2024-26144
|
RUBYSEC:ACTIVESTORAGE-2024-26144 | Possible Sensitive Session Information Leak in Active Storage | medium |
2024-02-21T00:00:00
(7 months ago) |