CVE-2022-44566
Given a value outside the range for a 64bit signed integer type
PostgreSQL will treat the column type as numeric. Comparing
integer values against numeric values can result in a slow
sequential scan.
This behavior is configurable via
ActiveRecord::Base.raise_int_wider_than_64bit which
defaults to true.
CVE-2023-28362
The redirect_to method in Rails allows provided values
to contain characters which are not legal in an HTTP header
value. This results in the potential for downstream services
which enforce RFC compliance on HTTP response headers to remove
the assigned Location header.
CVE-2023-38037
ActiveSupport::EncryptedFile writes contents that will be
encrypted to a temporary file. The temporary file's permissions
are defaulted to the user's current `umask` settings, meaning
that it's possible for other users on the same system to read
the contents of the temporary file. Attackers that have access
Get the latest Linux and open source security news straight to your inbox.