VYPR

RubyGems package

railties

pkg:gem/railties

Vulnerabilities (1)

  • CVE-2019-5420Mar 27, 2019
    affected >= 5.2.0, < 5.2.2.1fixed 5.2.2.1

    A remote code execution vulnerability in development mode Rails <5.2.2.1, <6.0.0.beta3 can allow an attacker to guess the automatically generated development mode secret token. This secret token can be used in combination with other Rails internals to escalate to a remote code ex