VIR Vulnerability Intelligence Relay

Package impact

ruby RubyGems / actionview

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2016-6316 medium 6.1 6.1 10y ago Cross-site scripting (XSS) vulnerability in Action View in Ruby on Rails 3.x before 3.2.22.3, 4.x before 4.2.7.1, and 5.x before 5.0.0.1 might allow remote attackers to inject arbitrary web script or… susedebianruby
CVE-2016-2097 medium 5.3 5.3 10y ago Directory traversal vulnerability in Action View in Ruby on Rails before 3.2.22.2 and 4.x before 4.1.14.2 allows remote attackers to read arbitrary files by leveraging an application's unrestricted u… susedebianruby
CVE-2011-0446 medium 4.3 9y ago Multiple cross-site scripting (XSS) vulnerabilities in the mail_to helper in Ruby on Rails before 2.3.11, and 3.x before 3.0.4, when javascript encoding is used, allow remote attackers to inject arbi… debianruby
CVE-2026-33168 low 2.5 2mo ago Rails has a possible XSS vulnerability in its Action View tag helpers susedebianruby