Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
rubyonrails rails 2.3.11 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2011-3186
CRLF injection vulnerability in actionpack/lib/action_controller/response.rb in Ruby on Rails 2.3.x prior to 2.3.13 allows remote malicious users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the Content-Type header.
Rubyonrails Rails 2.3.2
Rubyonrails Rails 2.3.3
Rubyonrails Rails 2.3.4
Rubyonrails Rails 2.3.9
Rubyonrails Rails 2.3.10
Rubyonrails Rails 2.3.11
Rubyonrails Rails 2.3.12
4.3
CVSSv2
CVE-2011-4319
Cross-site scripting (XSS) vulnerability in the i18n translations helper method in Ruby on Rails 3.0.x prior to 3.0.11 and 3.1.x prior to 3.1.2, and the rails_xss plugin in Ruby on Rails 2.3.x, allows remote malicious users to inject arbitrary web script or HTML via vectors relat...
Rubyonrails Ruby On Rails 3.0.4
Rubyonrails Rails 3.0.0
Rubyonrails Rails 3.0.1
Rubyonrails Rails 3.0.2
Rubyonrails Rails 3.0.10
Rubyonrails Rails 3.0.3
Rubyonrails Rails 3.0.4
Rubyonrails Rails 3.0.5
Rubyonrails Rails 3.0.6
Rubyonrails Rails 3.0.7
Rubyonrails Rails 3.0.8
Rubyonrails Rails 3.0.9
Rubyonrails Rails 3.1.0
Rubyonrails Rails 3.1.1
Rubyonrails Rails 2.3.2
Rubyonrails Rails 2.3.3
Rubyonrails Rails 2.3.4
Rubyonrails Rails 2.3.9
Rubyonrails Rails 2.3.10
Rubyonrails Rails 2.3.11
Rubyonrails Rails 2.3.12
4.3
CVSSv2
CVE-2011-2197
The cross-site scripting (XSS) prevention feature in Ruby on Rails 2.x prior to 2.3.12, 3.0.x prior to 3.0.8, and 3.1.x prior to 3.1.0.rc2 does not properly handle mutation of safe buffers, which makes it easier for remote malicious users to conduct XSS attacks via crafted string...
Rubyonrails Rails 2.0.1
Rubyonrails Rails 2.0.2
Rubyonrails Rails 2.0.4
Rubyonrails Rails 2.1.0
Rubyonrails Rails 2.1.1
Rubyonrails Rails 2.1.2
Rubyonrails Rails 2.2.0
Rubyonrails Rails 2.2.1
Rubyonrails Rails 2.2.2
Rubyonrails Rails 2.3.2
Rubyonrails Rails 2.3.3
Rubyonrails Rails 2.3.4
Rubyonrails Rails 2.3.9
Rubyonrails Rails 2.3.10
Rubyonrails Rails 2.3.11
Rubyonrails Rails 2.0.0
Rubyonrails Ruby On Rails 3.0.4
Rubyonrails Rails 3.0.0
Rubyonrails Rails 3.0.1
Rubyonrails Rails 3.0.2
Rubyonrails Rails 3.0.3
Rubyonrails Rails 3.0.4
7.5
CVSSv2
CVE-2011-2930
Multiple SQL injection vulnerabilities in the quote_table_name method in the ActiveRecord adapters in activerecord/lib/active_record/connection_adapters/ in Ruby on Rails prior to 2.3.13, 3.0.x prior to 3.0.10, and 3.1.x prior to 3.1.0.rc5 allow remote malicious users to execute ...
Rubyonrails Ruby On Rails 3.0.4
Rubyonrails Rails 2.0.1
Rubyonrails Rails 2.0.2
Rubyonrails Rails 2.0.4
Rubyonrails Rails 2.1.0
Rubyonrails Rails 2.1.1
Rubyonrails Rails 2.1.2
Rubyonrails Rails 2.2.0
Rubyonrails Rails 2.2.1
Rubyonrails Rails 2.2.2
Rubyonrails Rails 2.3.2
Rubyonrails Rails 2.3.3
Rubyonrails Rails 2.3.4
Rubyonrails Rails 2.3.9
Rubyonrails Rails 2.3.10
Rubyonrails Rails 2.3.11
Rubyonrails Rails 2.3.12
Rubyonrails Rails 2.0.0
Rubyonrails Rails 3.0.0
Rubyonrails Rails 3.0.1
Rubyonrails Rails 3.0.2
Rubyonrails Rails 3.0.10
4.3
CVSSv2
CVE-2011-2931
Cross-site scripting (XSS) vulnerability in the strip_tags helper in actionpack/lib/action_controller/vendor/html-scanner/html/node.rb in Ruby on Rails prior to 2.3.13, 3.0.x prior to 3.0.10, and 3.1.x prior to 3.1.0.rc5 allows remote malicious users to inject arbitrary web scrip...
Rubyonrails Ruby On Rails 3.0.4
Rubyonrails Rails 2.0.1
Rubyonrails Rails 2.0.2
Rubyonrails Rails 2.0.4
Rubyonrails Rails 2.1.0
Rubyonrails Rails 2.1.1
Rubyonrails Rails 2.1.2
Rubyonrails Rails 2.2.0
Rubyonrails Rails 2.2.1
Rubyonrails Rails 2.2.2
Rubyonrails Rails 2.3.2
Rubyonrails Rails 2.3.3
Rubyonrails Rails 2.3.4
Rubyonrails Rails 2.3.9
Rubyonrails Rails 2.3.10
Rubyonrails Rails 2.3.11
Rubyonrails Rails 2.3.12
Rubyonrails Rails 2.0.0
Rubyonrails Rails 3.0.0
Rubyonrails Rails 3.0.1
Rubyonrails Rails 3.0.2
Rubyonrails Rails 3.0.10
4.3
CVSSv2
CVE-2011-2932
Cross-site scripting (XSS) vulnerability in activesupport/lib/active_support/core_ext/string/output_safety.rb in Ruby on Rails 2.x prior to 2.3.13, 3.0.x prior to 3.0.10, and 3.1.x prior to 3.1.0.rc5 allows remote malicious users to inject arbitrary web script or HTML via a malfo...
Rubyonrails Ruby On Rails 3.0.4
Rubyonrails Rails 2.0.1
Rubyonrails Rails 2.0.2
Rubyonrails Rails 2.0.4
Rubyonrails Rails 2.1.0
Rubyonrails Rails 2.1.1
Rubyonrails Rails 2.1.2
Rubyonrails Rails 2.2.0
Rubyonrails Rails 2.2.1
Rubyonrails Rails 2.2.2
Rubyonrails Rails 2.3.2
Rubyonrails Rails 2.3.3
Rubyonrails Rails 2.3.4
Rubyonrails Rails 2.3.9
Rubyonrails Rails 2.3.10
Rubyonrails Rails 2.3.11
Rubyonrails Rails 2.3.12
Rubyonrails Rails 2.0.0
Rubyonrails Rails 3.0.0
Rubyonrails Rails 3.0.1
Rubyonrails Rails 3.0.2
Rubyonrails Rails 3.0.10
7.5
CVSSv2
CVE-2013-0333
lib/active_support/json/backends/yaml.rb in Ruby on Rails 2.3.x prior to 2.3.16 and 3.0.x prior to 3.0.20 does not properly convert JSON data to YAML data for processing by a YAML parser, which allows remote malicious users to execute arbitrary code, conduct SQL injection attacks...
Rubyonrails Rails 2.3.0
Rubyonrails Rails 2.3.1
Rubyonrails Rails 2.3.2
Rubyonrails Rails 2.3.3
Rubyonrails Rails 2.3.4
Rubyonrails Rails 2.3.9
Rubyonrails Rails 2.3.10
Rubyonrails Rails 2.3.11
Rubyonrails Rails 2.3.12
Rubyonrails Rails 2.3.13
Rubyonrails Rails 2.3.14
Rubyonrails Rails 2.3.15
Rubyonrails Ruby On Rails 3.0.4
Rubyonrails Rails 3.0.0
Rubyonrails Rails 3.0.1
Rubyonrails Rails 3.0.2
Rubyonrails Rails 3.0.10
Rubyonrails Rails 3.0.12
Rubyonrails Rails 3.0.13
Rubyonrails Rails 3.0.3
Rubyonrails Rails 3.0.11
Rubyonrails Rails 3.0.14
1 EDB exploit
3 Github repositories
4.3
CVSSv2
CVE-2013-0276
ActiveRecord in Ruby on Rails prior to 2.3.17, 3.1.x prior to 3.1.11, and 3.2.x prior to 3.2.12 allows remote malicious users to bypass the attr_protected protection mechanism and modify protected model attributes via a crafted request.
Rubyonrails Rails 3.2.0
Rubyonrails Rails 3.2.7
Rubyonrails Rails 3.2.8
Rubyonrails Rails 3.2.9
Rubyonrails Rails 3.2.1
Rubyonrails Rails 3.2.5
Rubyonrails Rails 3.2.6
Rubyonrails Rails 3.2.10
Rubyonrails Rails 3.2.11
Rubyonrails Rails 3.2.2
Rubyonrails Rails 3.2.3
Rubyonrails Rails 3.2.4
Rubyonrails Rails 3.1.0
Rubyonrails Rails 3.1.1
Rubyonrails Rails 3.1.2
Rubyonrails Rails 3.1.4
Rubyonrails Rails 3.1.5
Rubyonrails Rails 3.1.3
Rubyonrails Rails 3.1.6
Rubyonrails Rails 3.1.7
Rubyonrails Rails 3.1.8
Rubyonrails Rails 3.1.9
3 Github repositories
10
CVSSv2
CVE-2013-0277
ActiveRecord in Ruby on Rails prior to 2.3.17 and 3.x prior to 3.1.0 allows remote malicious users to cause a denial of service or execute arbitrary code via crafted serialized attributes that cause the +serialize+ helper to deserialize arbitrary YAML.
Rubyonrails Ruby On Rails 3.0.4
Rubyonrails Rails 3.0.0
Rubyonrails Rails 3.0.1
Rubyonrails Rails 3.0.2
Rubyonrails Rails 3.0.10
Rubyonrails Rails 3.0.12
Rubyonrails Rails 3.0.13
Rubyonrails Rails 3.0.3
Rubyonrails Rails 3.0.11
Rubyonrails Rails 3.0.14
Rubyonrails Rails 3.0.16
Rubyonrails Rails 3.0.17
Rubyonrails Rails 3.0.18
Rubyonrails Rails 3.0.19
Rubyonrails Rails 3.0.20
Rubyonrails Rails 3.0.4
Rubyonrails Rails 3.0.5
Rubyonrails Rails 3.0.6
Rubyonrails Rails 3.0.7
Rubyonrails Rails 3.0.8
Rubyonrails Rails 3.0.9
Rubyonrails Rails 2.3.0
5
CVSSv2
CVE-2013-1854
The Active Record component in Ruby on Rails 2.3.x prior to 2.3.18, 3.1.x prior to 3.1.12, and 3.2.x prior to 3.2.13 processes certain queries by converting hash keys to symbols, which allows remote malicious users to cause a denial of service via crafted input to a where method.
Rubyonrails Ruby On Rails 2.3.17
Rubyonrails Ruby On Rails 3.1.11
Rubyonrails Rails 2.3.0
Rubyonrails Rails 2.3.1
Rubyonrails Rails 2.3.2
Rubyonrails Rails 2.3.3
Rubyonrails Rails 2.3.4
Rubyonrails Rails 2.3.9
Rubyonrails Rails 2.3.10
Rubyonrails Rails 2.3.11
Rubyonrails Rails 2.3.12
Rubyonrails Rails 2.3.13
Rubyonrails Rails 2.3.14
Rubyonrails Rails 2.3.15
Rubyonrails Rails 2.3.16
Rubyonrails Rails 3.1.0
Rubyonrails Rails 3.1.1
Rubyonrails Rails 3.1.2
Rubyonrails Rails 3.1.4
Rubyonrails Rails 3.1.5
Rubyonrails Rails 3.2.0
Rubyonrails Rails 3.2.7
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5834
CVE-2024-30100
CVE-2024-4577
physical
dos
CVE-2024-30099
CVE-2024-27801
CVE-2024-32146
logic flaw
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »