pkg:Bitnami/rails

All known vulnerabilities

• HIGH8.8CVE-2020-8163rails - security update
  from 0, < 5.0.1
• HIGH7.5CVE-2024-26142Rails possible ReDoS vulnerability in Accept header parsing in Action Dispatch
  >= 7.1.0, < 7.1.4
• MEDIUM6.1CVE-2024-32464ActionText ContentAttachment can Contain Unsanitized HTML
  >= 7.1.0, < 7.1.4
• MEDIUM6.1Rails Possible XSS Vulnerability in Action Controller
  >= 7.0.0, < 7.0.9, >= 7.1.0, < 7.1.4
• MEDIUM6.1actionpack Open Redirect in Host Authorization Middleware
  >= 7.0.0-rc2, <= 7.0.0-rc2
• MEDIUM5.4Action Pack is missing security headers on non-HTML responses
  >= 6.1.0, < 6.1.8, >= 7.0.0, < 7.0.9, >= 7.1.0, < 7.1.4
• MEDIUM5.4A vulnerability classified as problematic has been found in Ruby on Rails.
• MEDIUM5.3Possible Sensitive Session Information Leak in Active Storage
  >= 5.2.0, < 6.1.8, >= 7.0.0, < 7.0.9
• —Possible Content Security Policy bypass in Action Dispatch
  >= 5.2.0, < 7.0.9, >= 7.1.0, < 7.1.4, >= 7.2.0, < 7.2.2-2-0, >= 8.0.0, < 8.0.1
• —Action Mailer has possible ReDoS vulnerability in block_format
  >= 3.0.0, < 6.1.8, >= 7.0.0, < 7.0.9, >= 7.1.0, < 7.1.4, >= 7.2.0, < 7.2.2
• —Action Text has possible ReDoS vulnerability in plain_text_for_blockquote_node
  >= 6.0.0, < 6.1.8, >= 7.0.0, < 7.0.9, >= 7.1.0, < 7.1.4, >= 7.2.0, < 7.2.2
• —Action Controller has possible ReDoS vulnerability in HTTP Token authentication
  >= 4.0.0, < 6.1.8, >= 7.0.0, < 7.0.9, >= 7.1.0, < 7.1.5, >= 7.2.0, < 7.2.2
• —Action Dispatch has possible ReDoS vulnerability in query parameter filtering
  >= 3.1.0, < 6.1.8, >= 7.0.0, < 7.0.9, >= 7.1.0, < 7.1.4 | >= 7.2.0, < 7.2.2