VYPR

apk package

chainguard/ruby3.2-rails-8.1

pkg:apk/chainguard/ruby3.2-rails-8.1

Vulnerabilities (25)

  • CVE-2026-54906lowJun 19, 2026
    affected < 8.1.3-r6fixed 8.1.3-r6

    ### Summary `Concurrent::ReadWriteLock#release_write_lock` does not verify that the calling thread acquired the write lock. Any thread with access to the lock object can release an active write lock held by another thread. A second writer can then enter its critical section while

  • CVE-2026-54905lowJun 19, 2026
    affected < 8.1.3-r6fixed 8.1.3-r6

    ### Summary `Concurrent::ReentrantReadWriteLock` can incorrectly grant a write lock after one thread acquires the read lock 32,768 times. The lock stores a thread's local read and write hold counts in one integer. The low 15 bits are used for the read hold count, and bit 15 is u

  • CVE-2026-54904higJun 19, 2026
    affected < 8.1.3-r6fixed 8.1.3-r6

    ### Summary `Concurrent::AtomicReference#update` can enter a permanent busy retry loop when the current value is `Float::NAN`. The issue is caused by the interaction between: - `AtomicReference#update`, which retries until `compare_and_set(old_value, new_value)` succeeds. - Nume

  • CVE-2026-47242Jun 9, 2026
    affected < 8.1.3-r5fixed 8.1.3-r5

    ### Summary Two `Net::IMAP` commands, `#id` and `#enable`, do not validate their arguments. Arguments to either command could be used by an attacker to inject arbitrary IMAP commands. Please note that passing untrusted inputs to these commands is usually inappropriate and expe

  • CVE-2026-47241lowJun 9, 2026
    affected < 8.1.3-r5fixed 8.1.3-r5

    ### Summary Several Net::IMAP commands accept a raw string argument which is only validated to prevent CRLF injection and then sent verbatim. If this string is derived from user-controlled input, an attacker can force the next command to be absorbed as a continuation of the fir

  • CVE-2026-47240Jun 9, 2026
    affected < 8.1.3-r5fixed 8.1.3-r5

    Several Net::IMAP commands accept a "raw data" argument that is sent verbatim after validation to prevent command injection. However, if a server does not support non-synchronizing literals, it may still be possible to inject arbitrary IMAP commands inside non-synchronizing lite

  • CVE-2026-42258CriMay 9, 2026
    affected < 8.1.3-r3fixed 8.1.3-r3

    Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to versions 0.4.24, 0.5.14, and 0.6.4, symbol arguments to commands are vulnerable to a CRLF Injection / IMAP Command injection via Symbol arguments passed to IMAP commands. This issu

  • CVE-2026-42257CriMay 9, 2026
    affected < 8.1.3-r3fixed 8.1.3-r3

    Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to versions 0.4.24, 0.5.14, and 0.6.4, several Net::IMAP commands accept a raw string argument that is sent to the server without validation or escaping. If this string is derived fro

  • CVE-2026-42256MedMay 9, 2026
    affected < 8.1.3-r3fixed 8.1.3-r3

    Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. From versions 0.4.0 to before 0.4.24, 0.5.0 to before 0.5.14, and 0.6.0 to before 0.6.4, when authenticating a connection with SCRAM-SHA1 or SCRAM-SHA256, a hostile server can perform a com

  • CVE-2026-42246HigMay 9, 2026
    affected < 8.1.3-r3fixed 8.1.3-r3

    Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to versions 0.3.10, 0.4.24, 0.5.14, and 0.6.4, a man-in-the-middle attacker can cause Net::IMAP#starttls to return "successfully", without starting TLS. This issue has been patched in

  • CVE-2026-42245HigMay 9, 2026
    affected < 8.1.3-r3fixed 8.1.3-r3

    Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to versions 0.4.24, 0.5.14, and 0.6.4, Net::IMAP::ResponseReader has quadratic time complexity when reading large responses containing many string literals. A hostile server can send

  • CVE-2026-41316HigApr 24, 2026
    affected < 8.1.3-r3fixed 8.1.3-r3

    ERB is a templating system for Ruby. Ruby 2.7.0 (before ERB 2.2.0 was published on rubygems.org) introduced an `@_init` instance variable guard in `ERB#result` and `ERB#run` to prevent code execution when an ERB object is reconstructed via `Marshal.load` (deserialization). Howeve

  • CVE-2026-39324CriApr 7, 2026
    affected < 8.1.3-r3fixed 8.1.3-r3

    Rack::Session is a session management implementation for Rack. From 2.0.0 to before 2.1.2, Rack::Session::Cookie incorrectly handles decryption failures when configured with secrets:. If cookie decryption fails, the implementation falls back to a default decoder instead of reject

  • CVE-2026-33202Mar 23, 2026
    affected < 8.1.3-r0fixed 8.1.3-r0

    Active Storage allows users to attach cloud and local files in Rails applications. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1, Active Storage's `DiskService#delete_prefixed` passes blob keys directly to `Dir.glob` without escaping glob metacharacters. If a blob key contains

  • CVE-2026-33195Mar 23, 2026
    affected < 8.1.3-r0fixed 8.1.3-r0

    Active Storage allows users to attach cloud and local files in Rails applications. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1, Active Storage's `DiskService#path_for` does not validate that the resolved filesystem path remains within the storage root directory. If a blob key

  • CVE-2026-33176Mar 23, 2026
    affected < 8.1.3-r0fixed 8.1.3-r0

    Active Support is a toolkit of support libraries and Ruby core extensions extracted from the Rails framework. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1, Active Support number helpers accept strings containing scientific notation (e.g. `1e10000`), which `BigDecimal` expands

  • CVE-2026-33174Mar 23, 2026
    affected < 8.1.3-r0fixed 8.1.3-r0

    Active Storage allows users to attach cloud and local files in Rails applications. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1, when serving files through Active Storage's proxy delivery mode, the proxy controller loads the entire requested byte range into memory before sendi

  • CVE-2026-33173Mar 23, 2026
    affected < 8.1.3-r0fixed 8.1.3-r0

    Active Storage allows users to attach cloud and local files in Rails applications. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1, `DirectUploadsController` accepts arbitrary metadata from the client and persists it on the blob. Because internal flags like `identified` and `anal

  • CVE-2026-33168LowMar 23, 2026
    affected < 8.1.3-r0fixed 8.1.3-r0

    Action View provides conventions and helpers for building web pages with the Rails framework. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1, when a blank string is used as an HTML attribute name in Action View tag helpers, the attribute escaping is bypassed, producing malformed

  • CVE-2026-33170Mar 23, 2026
    affected < 8.1.3-r0fixed 8.1.3-r0

    Active Support is a toolkit of support libraries and Ruby core extensions extracted from the Rails framework. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1, `SafeBuffer#%` does not propagate the `@html_unsafe` flag to the newly created buffer. If a `SafeBuffer` is mutated in pl

Page 1 of 2