CVE Tracker
Track known exploited vulnerabilities, CISA KEV alerts, and linked threat intelligence.
2,234
Total CVEs
1,589
CISA KEV
41
Known Exploits
8.8
Avg CVSS Score
Showing 3 of 3 CVEs matching "Rails"
CVE-2019-5418KEV
High
Rails Ruby on Rails contains a path traversal vulnerability in Action View. Specially crafted accept headers in combination with calls to `render file:` can cause arbitrary files on the target server to be rendered, disclosing the file contents.
RailsEPSS 94.3%
CVE-2016-0752KEV
High
Directory traversal vulnerability in Action View in Ruby on Rails allows remote attackers to read arbitrary files.
RailsEPSS 92.7%
CVE-2014-0130KEV
High
Directory traversal vulnerability in actionpack/lib/abstract_controller/base.rb in the implicit-render implementation in Ruby on Rails allows remote attackers to read arbitrary files via a crafted request.
RailsEPSS 45.4%