| Vulnerability Name |
CVE
CWE
|
CWE |
Severity |
|
Ruby Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-0256)
|
CVE-2013-0256
CWE-707
|
CWE-707
|
Medium
|
|
Ruby Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2011-3624)
|
CVE-2011-3624
CWE-138
|
CWE-138
|
Medium
|
|
Ruby Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2019-16254)
|
CVE-2019-16254
CWE-138
|
CWE-138
|
Medium
|
|
Ruby Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2013-4164)
|
CVE-2013-4164
CWE-119
|
CWE-119
|
Medium
|
|
Ruby Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2014-4975)
|
CVE-2014-4975
CWE-119
|
CWE-119
|
Medium
|
|
Ruby Numeric Errors Vulnerability (CVE-2009-1904)
|
CVE-2009-1904
|
|
Medium
|
|
Ruby Numeric Errors Vulnerability (CVE-2011-0188)
|
CVE-2011-0188
|
|
Medium
|
|
Ruby on Rails Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2007-6077)
|
CVE-2007-6077
CWE-362
|
CWE-362
|
Medium
|
|
Ruby on Rails Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2008-5189)
|
CVE-2008-5189
CWE-352
|
CWE-352
|
Medium
|
|
Ruby on Rails Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2011-0447)
|
CVE-2011-0447
CWE-352
|
CWE-352
|
Medium
|
|
Ruby on Rails Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-8166)
|
CVE-2020-8166
CWE-352
|
CWE-352
|
Medium
|
|
Ruby on Rails Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-8167)
|
CVE-2020-8167
CWE-352
|
CWE-352
|
Medium
|
|
Ruby on Rails CVE-2015-3227 Vulnerability (CVE-2015-3227)
|
CVE-2015-3227
|
|
Medium
|
|
Ruby on Rails CVE-2018-16477 Vulnerability (CVE-2018-16477)
|
CVE-2018-16477
|
|
Medium
|
|
Ruby on Rails CVE-2022-23633 Vulnerability (CVE-2022-23633)
|
CVE-2022-23633
|
|
Medium
|
|
Ruby on Rails CVE-2022-23634 Vulnerability (CVE-2022-23634)
|
CVE-2022-23634
|
|
Medium
|
|
Ruby on Rails Data Processing Errors Vulnerability (CVE-2014-3916)
|
CVE-2014-3916
|
|
Medium
|
|
Ruby on Rails Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2009-3086)
|
CVE-2009-3086
CWE-200
|
CWE-200
|
Medium
|
|
Ruby on Rails Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-6497)
|
CVE-2012-6497
CWE-200
|
CWE-200
|
Medium
|
|
Ruby on Rails Improper Access Control Vulnerability (CVE-2015-7577)
|
CVE-2015-7577
CWE-284
|
CWE-284
|
Medium
|
|
Ruby on Rails Improper Authentication Vulnerability (CVE-2012-3424)
|
CVE-2012-3424
CWE-287
|
CWE-287
|
Medium
|
|
Ruby on Rails Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2011-3186)
|
CVE-2011-3186
CWE-94
|
CWE-94
|
Medium
|
|
Ruby on Rails Improper Input Validation Vulnerability (CVE-2008-7248)
|
CVE-2008-7248
CWE-20
|
CWE-20
|
Medium
|
|
Ruby on Rails Improper Input Validation Vulnerability (CVE-2010-3933)
|
CVE-2010-3933
CWE-20
|
CWE-20
|
Medium
|
|
Ruby on Rails Improper Input Validation Vulnerability (CVE-2011-2929)
|
CVE-2011-2929
CWE-20
|
CWE-20
|
Medium
|
|
Ruby on Rails Improper Input Validation Vulnerability (CVE-2011-3187)
|
CVE-2011-3187
CWE-20
|
CWE-20
|
Medium
|
|
Ruby on Rails Improper Input Validation Vulnerability (CVE-2013-1854)
|
CVE-2013-1854
CWE-20
|
CWE-20
|
Medium
|
|
Ruby on Rails Improper Input Validation Vulnerability (CVE-2013-1856)
|
CVE-2013-1856
CWE-20
|
CWE-20
|
Medium
|
|
Ruby on Rails Improper Input Validation Vulnerability (CVE-2013-3221)
|
CVE-2013-3221
CWE-20
|
CWE-20
|
Medium
|
|
Ruby on Rails Improper Input Validation Vulnerability (CVE-2013-6414)
|
CVE-2013-6414
CWE-20
|
CWE-20
|
Medium
|
|
Ruby on Rails Improper Input Validation Vulnerability (CVE-2014-0082)
|
CVE-2014-0082
CWE-20
|
CWE-20
|
Medium
|
|
Ruby on Rails Improper Input Validation Vulnerability (CVE-2016-0753)
|
CVE-2016-0753
CWE-20
|
CWE-20
|
Medium
|
|
Ruby on Rails Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2014-0130)
|
CVE-2014-0130
CWE-22
|
CWE-22
|
Medium
|
|
Ruby on Rails Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2014-7818)
|
CVE-2014-7818
CWE-22
|
CWE-22
|
Medium
|
|
Ruby on Rails Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2014-7829)
|
CVE-2014-7829
CWE-22
|
CWE-22
|
Medium
|
|
Ruby on Rails Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2016-2097)
|
CVE-2016-2097
CWE-22
|
CWE-22
|
Medium
|
|
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2007-3227)
|
CVE-2007-3227
CWE-707
|
CWE-707
|
Medium
|
|
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-3009)
|
CVE-2009-3009
CWE-707
|
CWE-707
|
Medium
|
|
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-4214)
|
CVE-2009-4214
CWE-707
|
CWE-707
|
Medium
|
|
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-0446)
|
CVE-2011-0446
CWE-707
|
CWE-707
|
Medium
|
|
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-1497)
|
CVE-2011-1497
CWE-707
|
CWE-707
|
Medium
|
|
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-2197)
|
CVE-2011-2197
CWE-707
|
CWE-707
|
Medium
|
|
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-2931)
|
CVE-2011-2931
CWE-707
|
CWE-707
|
Medium
|
|
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-2932)
|
CVE-2011-2932
CWE-707
|
CWE-707
|
Medium
|
|
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4319)
|
CVE-2011-4319
CWE-707
|
CWE-707
|
Medium
|
|
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-1098)
|
CVE-2012-1098
CWE-707
|
CWE-707
|
Medium
|
|
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-1099)
|
CVE-2012-1099
CWE-707
|
CWE-707
|
Medium
|
|
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-3463)
|
CVE-2012-3463
CWE-707
|
CWE-707
|
Medium
|
|
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-3464)
|
CVE-2012-3464
CWE-707
|
CWE-707
|
Medium
|
|
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-3465)
|
CVE-2012-3465
CWE-707
|
CWE-707
|
Medium
|
|
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-1855)
|
CVE-2013-1855
CWE-707
|
CWE-707
|
Medium
|
|
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-1857)
|
CVE-2013-1857
CWE-707
|
CWE-707
|
Medium
|
|
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-4491)
|
CVE-2013-4491
CWE-707
|
CWE-707
|
Medium
|
|
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-6415)
|
CVE-2013-6415
CWE-707
|
CWE-707
|
Medium
|
|
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-6416)
|
CVE-2013-6416
CWE-707
|
CWE-707
|
Medium
|
|
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-0081)
|
CVE-2014-0081
CWE-707
|
CWE-707
|
Medium
|
|
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-3226)
|
CVE-2015-3226
CWE-707
|
CWE-707
|
Medium
|
|
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-6316)
|
CVE-2016-6316
CWE-707
|
CWE-707
|
Medium
|
|
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-8264)
|
CVE-2020-8264
CWE-707
|
CWE-707
|
Medium
|
|
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-32464)
|
CVE-2024-32464
CWE-707
|
CWE-707
|
Medium
|
|
Ruby on Rails Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-2661)
|
CVE-2012-2661
CWE-138
|
CWE-138
|
Medium
|
|
Ruby on Rails Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2014-0080)
|
CVE-2014-0080
CWE-138
|
CWE-138
|
Medium
|
|
Ruby on Rails Missing Encryption of Sensitive Data Vulnerability (CVE-2010-3299)
|
CVE-2010-3299
CWE-311
|
CWE-311
|
Medium
|
|
Ruby on Rails Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-2660)
|
CVE-2012-2660
CWE-264
|
CWE-264
|
Medium
|
|
Ruby on Rails Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-2694)
|
CVE-2012-2694
CWE-264
|
CWE-264
|
Medium
|
|
Ruby on Rails Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-0155)
|
CVE-2013-0155
CWE-264
|
CWE-264
|
Medium
|
|
Ruby on Rails Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-0276)
|
CVE-2013-0276
CWE-264
|
CWE-264
|
Medium
|
|
Ruby on Rails Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-6417)
|
CVE-2013-6417
CWE-264
|
CWE-264
|
Medium
|
|
Ruby on Rails Running in Development Mode
|
CWE-200
|
CWE-200
|
Medium
|
|
Ruby on Rails Uncontrolled Resource Consumption Vulnerability (CVE-2020-8185)
|
CVE-2020-8185
CWE-400
|
CWE-400
|
Medium
|
|
Ruby on Rails URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2021-22881)
|
CVE-2021-22881
CWE-601
|
CWE-601
|
Medium
|
|
Ruby on Rails URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2021-22903)
|
CVE-2021-22903
CWE-601
|
CWE-601
|
Medium
|
|
Ruby on Rails URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2021-22942)
|
CVE-2021-22942
CWE-601
|
CWE-601
|
Medium
|
|
Ruby on Rails URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2021-44528)
|
CVE-2021-44528
CWE-601
|
CWE-601
|
Medium
|
|
Ruby on Rails URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2023-22797)
|
CVE-2023-22797
CWE-601
|
CWE-601
|
Medium
|
