Total vulnerabilities in the database
A remote code execution vulnerability in development mode Rails <5.2.2.1, <6.0.0.beta3 can allow an attacker to guess the automatically generated development mode secret token. This secret token can be used in combination with other Rails internals to escalate to a remote code execution exploit.
Software | From | Fixed in |
---|---|---|
rubyonrails / rails | - | 5.2.2.1 |
rubyonrails / rails | 6.0.0-beta1 | 6.0.0-beta1.x |
rubyonrails / rails | 6.0.0-beta2 | 6.0.0-beta2.x |
debian / debian_linux | 8.0 | 8.0.x |
fedoraproject / fedora | 30 | 30.x |
![]() |
5.2.0 | 5.2.2.1 |