VYPR

apk package

chainguard/gitlab-rails-ce-18.10

pkg:apk/chainguard/gitlab-rails-ce-18.10

Vulnerabilities (68)

  • CVE-2026-33202Mar 23, 2026
    affected < 18.10.3-r1fixed 18.10.3-r1

    Active Storage allows users to attach cloud and local files in Rails applications. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1, Active Storage's `DiskService#delete_prefixed` passes blob keys directly to `Dir.glob` without escaping glob metacharacters. If a blob key contains

  • CVE-2026-33195Mar 23, 2026
    affected < 18.10.3-r1fixed 18.10.3-r1

    Active Storage allows users to attach cloud and local files in Rails applications. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1, Active Storage's `DiskService#path_for` does not validate that the resolved filesystem path remains within the storage root directory. If a blob key

  • CVE-2026-33176Mar 23, 2026
    affected < 18.10.3-r1fixed 18.10.3-r1

    Active Support is a toolkit of support libraries and Ruby core extensions extracted from the Rails framework. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1, Active Support number helpers accept strings containing scientific notation (e.g. `1e10000`), which `BigDecimal` expands

  • CVE-2026-33173Mar 23, 2026
    affected < 18.10.3-r1fixed 18.10.3-r1

    Active Storage allows users to attach cloud and local files in Rails applications. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1, `DirectUploadsController` accepts arbitrary metadata from the client and persists it on the blob. Because internal flags like `identified` and `anal

  • CVE-2026-33168LowMar 23, 2026
    affected < 18.10.3-r1fixed 18.10.3-r1

    Action View provides conventions and helpers for building web pages with the Rails framework. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1, when a blank string is used as an HTML attribute name in Action View tag helpers, the attribute escaping is bypassed, producing malformed

  • CVE-2026-33170Mar 23, 2026
    affected < 18.10.3-r1fixed 18.10.3-r1

    Active Support is a toolkit of support libraries and Ruby core extensions extracted from the Rails framework. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1, `SafeBuffer#%` does not propagate the `@html_unsafe` flag to the newly created buffer. If a `SafeBuffer` is mutated in pl

  • CVE-2026-33169Mar 23, 2026
    affected < 18.10.3-r1fixed 18.10.3-r1

    Active Support is a toolkit of support libraries and Ruby core extensions extracted from the Rails framework. `NumberToDelimitedConverter` uses a lookahead-based regular expression with `gsub!` to insert thousands delimiters. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1, the i

  • CVE-2025-15558Mar 4, 2026
    affected < 0fixed 0

    Docker CLI for Windows searches for plugin binaries in C:\ProgramData\Docker\cli-plugins, a directory that does not exist by default. A low-privileged attacker can create this directory and place malicious CLI plugin binaries (docker-compose.exe, docker-buildx.exe, etc.) that are

Page 4 of 4