By the Year
In 2023 there have been 1 vulnerability in Actionpackproject Actionpack with an average score of 6.1 out of ten. Actionpack did not have any published security vulnerabilities last year. That is, 1 more vulnerability have already been reported in 2023 as compared to last year.
It may take a day or so for new Actionpack vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Actionpackproject Actionpack Security Vulnerabilities
An open redirect vulnerability is fixed in Rails 220.127.116.11 with the new protection against open redirects
6.1 - Medium
- February 09, 2023
An open redirect vulnerability is fixed in Rails 18.104.22.168 with the new protection against open redirects from calling redirect_to with untrusted user input. In prior versions the developer was fully responsible for only providing trusted input. However the check introduced could allow an attacker to bypass with a carefully crafted URL resulting in an open redirect vulnerability.