Rails


reports in last 90 days

33

disclosed resolved issues

1

disclosed informative issues

0

disclosed N/A issues

Listed on HackerOne — Updated on 2019/10/15

Bug Title Bug Type Found By Report Info Report Status

Medium Validation bypass for Active Record and Active Model

Violation of Secure Design Principles backus Time to triage: 19 Days and 9 hours


Time to close: 0 Days and 7 hours
Resolved

High JSON keys are not properly escaped

Cross-site Scripting (XSS) - Generic einstein_ Time to triage: 125 Days and 16 hours


Time to close: 1 Days and 1 hours
Resolved

High Explicit, dynamic render path: Dir. Trav + RCE

Code Injection forced-request Time to triage: 8 Days and 23 hours


Time to close: 349 Days and 11 hours
Resolved

High Nested attributes reject_if proc can be circumvented by providing "_destroy" parameter

None supplied jcoyne Time to triage: 122 Days and 2 hours


Time to close: 0 Days and 7 hours
Resolved

No rating http_basic_authenticate_with is suseptible to timing attacks.

Improper Authentication - Generic d_w Time to triage: 9 Days and 9 hours


Time to close: 89 Days and 5 hours
Resolved

No rating Unsafe Query Generation (CVE-2012-2660, CVE-2012-2694 and CVE-2013-0155) mitigation bypass

None supplied joernchen Time to triage: 0 Days and 13 hours


Time to close: 85 Days and 15 hours
Resolved

No rating Regarding [CVE-2016-0752] Possible Information Leak Vulnerability in Action View

Code Injection jyotisingh Time to triage: 0 Days and 9 hours


Time to close: 28 Days and 0 hours
Resolved

No rating Remote code execution using render :inline

Code Injection kratob2 Time to triage: 0 Days and 0 hours


Time to close: 28 Days and 0 hours
Resolved

High ActiveStorage service's signed URLs can be hijacked via AppCache+Cookie stuffing trick when using GCS or DiskService

Information Disclosure rosa Time to triage: 19 Days and 21 hours


Time to close: 61 Days and 3 hours
Resolved

High RCE which may occur due to `ActiveSupport::MessageVerifier` or `ActiveSupport::MessageEncryptor` (especially Active storage)

Command Injection - Generic ooooooo_q Time to triage: 35 Days and 14 hours


Time to close: 35 Days and 0 hours
Resolved

Medium Specially constructed multi-part requests cause multi-second response times; vulnerable to DoS

None supplied bjeanes Time to triage: 1 Days and 21 hours


Time to close: 3 Days and 23 hours
Resolved

High ActiveStorage service's signed URLs can be hijacked via AppCache+Cookie stuffing trick when using GCS or DiskService

Information Disclosure rosa Time to triage: 19 Days and 21 hours


Time to close: 61 Days and 3 hours
Resolved

No rating Validation bypass for queries generated for PostgreSQL

None supplied ooooooo_q Issue was not triaged


Time to close: 98 Days and 6 hours
Resolved

Medium Path Traversal on Default Installed Rails Application (Asset Pipeline)

Path Traversal orange Time to triage: 0 Days and 1 hours


Time to close: 148 Days and 3 hours
Resolved

Medium XSS vulnerability in sanitize-method when parsing link's href

Cross-site Scripting (XSS) - Generic kaarloh Time to triage: 0 Days and 3 hours


Time to close: 1 Days and 0 hours
Resolved

No rating Denial of Service in Action Pack Exception Handling

Denial of Service ff7f00 Time to triage: 0 Days and 2 hours


Time to close: 159 Days and 20 hours
Resolved

No rating Remote code execution using render :inline

Code Injection kratob2 Time to triage: 0 Days and 0 hours


Time to close: 28 Days and 0 hours
Resolved

No rating Regarding [CVE-2016-0752] Possible Information Leak Vulnerability in Action View

Code Injection jyotisingh Time to triage: 0 Days and 9 hours


Time to close: 28 Days and 0 hours
Resolved

No rating http_basic_authenticate_with is suseptible to timing attacks.

Improper Authentication - Generic d_w Time to triage: 9 Days and 9 hours


Time to close: 89 Days and 5 hours
Resolved

No rating Data-Tags and the New HTML Sanitizer Subverts CSRF protection

Cross-site Scripting (XSS) - Generic benmmurphy Time to triage: 383 Days and 17 hours


Time to close: 0 Days and 7 hours
Resolved

No rating Unsafe Query Generation (CVE-2012-2660, CVE-2012-2694 and CVE-2013-0155) mitigation bypass

None supplied joernchen Time to triage: 0 Days and 13 hours


Time to close: 85 Days and 15 hours
Resolved

High JSON keys are not properly escaped

Cross-site Scripting (XSS) - Generic einstein_ Time to triage: 125 Days and 16 hours


Time to close: 1 Days and 1 hours
Resolved

High Explicit, dynamic render path: Dir. Trav + RCE

Code Injection forced-request Time to triage: 8 Days and 23 hours


Time to close: 349 Days and 11 hours
Resolved

Medium Validation bypass for Active Record and Active Model

Violation of Secure Design Principles backus Time to triage: 19 Days and 9 hours


Time to close: 0 Days and 7 hours
Resolved

High Nested attributes reject_if proc can be circumvented by providing "_destroy" parameter

None supplied jcoyne Time to triage: 122 Days and 2 hours


Time to close: 0 Days and 7 hours
Resolved