Active Storage
1 CVEs
product
Monthly
A code injection vulnerability exists in the Active Storage >= v5.2.0 that could allow an attacker to execute code via image_processing arguments. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
RCE
Code Injection
Active Storage
Debian Linux
NVD
GitHub
CVSS 3.1
9.8
EPSS
2.7%
CVE-2022-21831
Ruby
EPSS 3%
CVSS 9.8
CRITICAL
PATCH
Act Now
A code injection vulnerability exists in the Active Storage >= v5.2.0 that could allow an attacker to execute code via image_processing arguments. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
RCE
Code Injection
Active Storage
+1
NVD
GitHub