pkg:RubyGems/activesupport

All known vulnerabilities

• CRITICAL9.8CVE-2020-8165ActiveSupport potentially unintended unmarshalling of user-provided objects in MemCacheStore and RedisCacheStore
  >= 5.0.0, < 5.2.4.3
• HIGH7.5CVE-2026-33176Rails Active Support has a possible DoS vulnerability in its number helpers
  >= 8.1.0.beta1, < 8.1.2.1
• HIGH7.5CVE-2023-22796ReDoS based DoS vulnerability in Active Support's underscore
  from 0, < 6.1.7.1
• MEDIUM6.1Rails Active Support has a possible XSS vulnerability in SafeBuffer#%
  >= 8.1.0.beta1, < 8.1.2.1
• MEDIUM5.5Active Support Possibly Discloses Locally Encrypted Files
  >= 5.2.0, < 6.1.7.5
• MEDIUM5.3Rails Active Support has a possible ReDoS vulnerability in number_to_delimited
  >= 8.1.0.beta1, < 8.1.2.1
• MEDIUM5.3Possible XSS Security Vulnerability in SafeBuffer#bytesplice
  >= 7.0.0, < 7.0.4.3
• —rails - several
  >= 2.1.0, < 2.2.3
• —rails - several
  >= 2.0.0, < 2.3.13
• —rails - cross-site scripting
  >= 2.0.0, < 2.2.3
• —rails Cross-site Scripting vulnerability
  >= 2.0.0, < 2.3.12
• —activesupport Cross-site Scripting vulnerability
  >= 3.0.0, < 3.0.12
• —activesupport Improper Input Validation vulnerability
  >= 3.0.0, < 3.1.12
• —rails - insufficient input validation
  >= 2.3.2, < 2.3.16
• —activesupport Cross-site Scripting vulnerability
  >= 3.0.0.beta, < 3.0.17
• —rails - security update
  >= 4.1.0, < 4.1.11
• —ruby-activesupport-3.2 - security update
  >= 4.0.0.beta1, < 4.1.11