Actionpackproject Actionpack
By the Year
In 2023 there have been 1 vulnerability in Actionpackproject Actionpack with an average score of 6.1 out of ten. Actionpack did not have any published security vulnerabilities last year. That is, 1 more vulnerability have already been reported in 2023 as compared to last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2023 | 1 | 6.10 |
| 2022 | 0 | 0.00 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Actionpack vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Actionpackproject Actionpack Security Vulnerabilities
An open redirect vulnerability is fixed in Rails 7.0.4.1 with the new protection against open redirects
CVE-2023-22797
6.1 - Medium
- February 09, 2023
An open redirect vulnerability is fixed in Rails 7.0.4.1 with the new protection against open redirects from calling redirect_to with untrusted user input. In prior versions the developer was fully responsible for only providing trusted input. However the check introduced could allow an attacker to bypass with a carefully crafted URL resulting in an open redirect vulnerability.
Open Redirect
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Actionpackproject Actionpack or by Actionpackproject? Click the Watch button to subscribe.
