Multiple vulnerabilities were discovered in rails, the Ruby based server-side MVC web application framework, which could result in XSS, data disclosure and open redirect.
For the stable distribution (bullseye), these problems have been fixed in version 2:6.0.3.7+dfsg-2+deb11u1.
We recommend that you upgrade your rails packages.
For the detailed security status of rails please refer to its security tracker page at: \ https://security-tracker.debian.org/tracker/rails