DSA-5372-1
- Source
- https://storage.googleapis.com/debian-osv/dsa-osv/DSA-5372-1.json
- Aliases
-
- CVE-2021-22942 ( GHSA-2rqw-v265-jf8c )
- CVE-2021-44528 ( GHSA-qphc-hf5q-v8fc )
- CVE-2022-21831 ( DLA-3093-1, GHSA-w749-p3v6-hccq )
- CVE-2022-22577 ( DLA-3093-1, GHSA-mm33-5vfq-3mm3 )
- CVE-2022-23633 ( DLA-3093-1, GHSA-wh98-p28r-vrc9 )
- CVE-2022-27777 ( DLA-3093-1, GHSA-ch3h-j2vf-95pv )
- CVE-2023-22792 ( GHSA-p84v-45xj-wwqj )
- CVE-2023-22794 ( GHSA-hq7p-j377-6v63 )
- CVE-2023-22795 ( GHSA-8xww-x3g3-6jcv )
- CVE-2023-22796 ( GHSA-j6gc-792m-qgm2 )
- Published
- 2023-03-13T00:00:00Z
- Modified
- 2023-03-14T01:20:28.472284Z
- Details
-
Multiple vulnerabilities were discovered in rails, the Ruby based server-side MVC web application framework, which could result in XSS, data disclosure and open redirect.
For the stable distribution (bullseye), these problems have been fixed in version 2:6.0.3.7+dfsg-2+deb11u1.
We recommend that you upgrade your rails packages.
For the detailed security status of rails please refer to its security tracker page at: \ https://security-tracker.debian.org/tracker/rails
- References