Skip to main content

Active Storage

1 CVEs product

Monthly

CVE-2022-21831 Ruby CRITICAL PATCH Act Now

A code injection vulnerability exists in the Active Storage >= v5.2.0 that could allow an attacker to execute code via image_processing arguments. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Code Injection Active Storage Debian Linux
NVD GitHub
CVSS 3.1
9.8
EPSS
2.7%
EPSS 3% CVSS 9.8
CRITICAL PATCH Act Now

A code injection vulnerability exists in the Active Storage >= v5.2.0 that could allow an attacker to execute code via image_processing arguments. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Code Injection Active Storage +1
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy