It was discovered that Rails did not correctly handle parsing block formats in email service layers. An attacker could possibly use this issue to cause a denial of service. (CVE-2024-47889)
It was discovered that Rails did not correctly handle parsing block quotes in rich text content. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 22.04 LTS. (CVE-2024-47888)
It was discovered that Rails did not correctly handle parsing HTTP token authentication headers. An attacker could possibly use this issue to cause a denial of service. (CVE-2024-47887)
It was discovered that Rails did not correctly handle parsing query parameters in web requests. An attacker could possibly use this issue to cause a denial of service. (CVE-2024-41128)
{ "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro", "binaries": [ { "binary_version": "2:4.2.6-1ubuntu0.1~esm1", "binary_name": "rails" }, { "binary_version": "2:4.2.6-1ubuntu0.1~esm1", "binary_name": "ruby-actionmailer" }, { "binary_version": "2:4.2.6-1ubuntu0.1~esm1", "binary_name": "ruby-actionpack" }, { "binary_version": "2:4.2.6-1ubuntu0.1~esm1", "binary_name": "ruby-actionview" }, { "binary_version": "2:4.2.6-1ubuntu0.1~esm1", "binary_name": "ruby-activejob" }, { "binary_version": "2:4.2.6-1ubuntu0.1~esm1", "binary_name": "ruby-activemodel" }, { "binary_version": "2:4.2.6-1ubuntu0.1~esm1", "binary_name": "ruby-activerecord" }, { "binary_version": "2:4.2.6-1ubuntu0.1~esm1", "binary_name": "ruby-activesupport" }, { "binary_version": "2:4.2.6-1ubuntu0.1~esm1", "binary_name": "ruby-rails" }, { "binary_version": "2:4.2.6-1ubuntu0.1~esm1", "binary_name": "ruby-railties" } ] }
{ "cves_map": { "cves": [ { "severity": [ { "type": "CVSS_V4", "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U" }, { "type": "Ubuntu", "score": "medium" } ], "id": "CVE-2024-41128" }, { "severity": [ { "type": "CVSS_V4", "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U" }, { "type": "Ubuntu", "score": "medium" } ], "id": "CVE-2024-47887" }, { "severity": [ { "type": "CVSS_V4", "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U" }, { "type": "Ubuntu", "score": "medium" } ], "id": "CVE-2024-47888" }, { "severity": [ { "type": "CVSS_V4", "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U" }, { "type": "Ubuntu", "score": "medium" } ], "id": "CVE-2024-47889" } ], "ecosystem": "Ubuntu:Pro:16.04:LTS" } }
{ "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro", "binaries": [ { "binary_version": "2:4.2.10-0ubuntu4+esm1", "binary_name": "rails" }, { "binary_version": "2:4.2.10-0ubuntu4+esm1", "binary_name": "ruby-actionmailer" }, { "binary_version": "2:4.2.10-0ubuntu4+esm1", "binary_name": "ruby-actionpack" }, { "binary_version": "2:4.2.10-0ubuntu4+esm1", "binary_name": "ruby-actionview" }, { "binary_version": "2:4.2.10-0ubuntu4+esm1", "binary_name": "ruby-activejob" }, { "binary_version": "2:4.2.10-0ubuntu4+esm1", "binary_name": "ruby-activemodel" }, { "binary_version": "2:4.2.10-0ubuntu4+esm1", "binary_name": "ruby-activerecord" }, { "binary_version": "2:4.2.10-0ubuntu4+esm1", "binary_name": "ruby-activesupport" }, { "binary_version": "2:4.2.10-0ubuntu4+esm1", "binary_name": "ruby-rails" }, { "binary_version": "2:4.2.10-0ubuntu4+esm1", "binary_name": "ruby-railties" } ] }
{ "cves_map": { "cves": [ { "severity": [ { "type": "CVSS_V4", "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U" }, { "type": "Ubuntu", "score": "medium" } ], "id": "CVE-2024-41128" }, { "severity": [ { "type": "CVSS_V4", "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U" }, { "type": "Ubuntu", "score": "medium" } ], "id": "CVE-2024-47887" }, { "severity": [ { "type": "CVSS_V4", "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U" }, { "type": "Ubuntu", "score": "medium" } ], "id": "CVE-2024-47888" }, { "severity": [ { "type": "CVSS_V4", "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U" }, { "type": "Ubuntu", "score": "medium" } ], "id": "CVE-2024-47889" } ], "ecosystem": "Ubuntu:Pro:18.04:LTS" } }
{ "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro", "binaries": [ { "binary_version": "2:5.2.3+dfsg-3ubuntu0.1~esm1", "binary_name": "rails" }, { "binary_version": "2:5.2.3+dfsg-3ubuntu0.1~esm1", "binary_name": "ruby-actioncable" }, { "binary_version": "2:5.2.3+dfsg-3ubuntu0.1~esm1", "binary_name": "ruby-actionmailer" }, { "binary_version": "2:5.2.3+dfsg-3ubuntu0.1~esm1", "binary_name": "ruby-actionpack" }, { "binary_version": "2:5.2.3+dfsg-3ubuntu0.1~esm1", "binary_name": "ruby-actionview" }, { "binary_version": "2:5.2.3+dfsg-3ubuntu0.1~esm1", "binary_name": "ruby-activejob" }, { "binary_version": "2:5.2.3+dfsg-3ubuntu0.1~esm1", "binary_name": "ruby-activemodel" }, { "binary_version": "2:5.2.3+dfsg-3ubuntu0.1~esm1", "binary_name": "ruby-activerecord" }, { "binary_version": "2:5.2.3+dfsg-3ubuntu0.1~esm1", "binary_name": "ruby-activestorage" }, { "binary_version": "2:5.2.3+dfsg-3ubuntu0.1~esm1", "binary_name": "ruby-activesupport" }, { "binary_version": "2:5.2.3+dfsg-3ubuntu0.1~esm1", "binary_name": "ruby-rails" }, { "binary_version": "2:5.2.3+dfsg-3ubuntu0.1~esm1", "binary_name": "ruby-railties" } ] }
{ "cves_map": { "cves": [ { "severity": [ { "type": "CVSS_V4", "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U" }, { "type": "Ubuntu", "score": "medium" } ], "id": "CVE-2024-41128" }, { "severity": [ { "type": "CVSS_V4", "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U" }, { "type": "Ubuntu", "score": "medium" } ], "id": "CVE-2024-47887" }, { "severity": [ { "type": "CVSS_V4", "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U" }, { "type": "Ubuntu", "score": "medium" } ], "id": "CVE-2024-47888" }, { "severity": [ { "type": "CVSS_V4", "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U" }, { "type": "Ubuntu", "score": "medium" } ], "id": "CVE-2024-47889" } ], "ecosystem": "Ubuntu:Pro:20.04:LTS" } }
{ "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro", "binaries": [ { "binary_version": "2:6.1.4.1+dfsg-8ubuntu2+esm1", "binary_name": "rails" }, { "binary_version": "2:6.1.4.1+dfsg-8ubuntu2+esm1", "binary_name": "ruby-actioncable" }, { "binary_version": "2:6.1.4.1+dfsg-8ubuntu2+esm1", "binary_name": "ruby-actionmailbox" }, { "binary_version": "2:6.1.4.1+dfsg-8ubuntu2+esm1", "binary_name": "ruby-actionmailer" }, { "binary_version": "2:6.1.4.1+dfsg-8ubuntu2+esm1", "binary_name": "ruby-actionpack" }, { "binary_version": "2:6.1.4.1+dfsg-8ubuntu2+esm1", "binary_name": "ruby-actiontext" }, { "binary_version": "2:6.1.4.1+dfsg-8ubuntu2+esm1", "binary_name": "ruby-actionview" }, { "binary_version": "2:6.1.4.1+dfsg-8ubuntu2+esm1", "binary_name": "ruby-activejob" }, { "binary_version": "2:6.1.4.1+dfsg-8ubuntu2+esm1", "binary_name": "ruby-activemodel" }, { "binary_version": "2:6.1.4.1+dfsg-8ubuntu2+esm1", "binary_name": "ruby-activerecord" }, { "binary_version": "2:6.1.4.1+dfsg-8ubuntu2+esm1", "binary_name": "ruby-activestorage" }, { "binary_version": "2:6.1.4.1+dfsg-8ubuntu2+esm1", "binary_name": "ruby-activesupport" }, { "binary_version": "2:6.1.4.1+dfsg-8ubuntu2+esm1", "binary_name": "ruby-rails" }, { "binary_version": "2:6.1.4.1+dfsg-8ubuntu2+esm1", "binary_name": "ruby-railties" } ] }
{ "cves_map": { "cves": [ { "severity": [ { "type": "CVSS_V4", "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U" }, { "type": "Ubuntu", "score": "medium" } ], "id": "CVE-2024-41128" }, { "severity": [ { "type": "CVSS_V4", "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U" }, { "type": "Ubuntu", "score": "medium" } ], "id": "CVE-2024-47887" }, { "severity": [ { "type": "CVSS_V4", "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U" }, { "type": "Ubuntu", "score": "medium" } ], "id": "CVE-2024-47888" }, { "severity": [ { "type": "CVSS_V4", "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U" }, { "type": "Ubuntu", "score": "medium" } ], "id": "CVE-2024-47889" } ], "ecosystem": "Ubuntu:Pro:22.04:LTS" } }