The http_basic_authenticate_with method in actionpack/lib/action_controller/metal/http_authentication.rb in the Basic Authentication implementation in Action Controller in Ruby on Rails before. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.
Authentication Bypass
Rails
Ruby On Rails
NVD
CVSS 3.0
3.7
EPSS
1.6%