Package impact
RubyGems / actionview
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-27777 | high | — | 8.0 | 4y ago | A XSS Vulnerability in Action View tag helpers >= 5.2.0 and < 5.2.0 which would allow an attacker to inject content if able to control input into specific attributes. | |||
| CVE-2026-33168 | low | — | 2.5 | 2mo ago | Action View provides conventions and helpers for building web pages with the Rails framework. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1, when a blank string is used as an HTML attribute name in… | |||
| CVE-2019-5418 | unknown | — | 2.5 | 7y ago | Rails Ruby on Rails contains a path traversal vulnerability in Action View. Specially crafted accept headers in combination with calls to `render file:` can cause arbitrary files on the target server… | |||
| CVE-2016-0752 | unknown | — | 2.5 | 11y ago | Directory traversal vulnerability in Action View in Ruby on Rails allows remote attackers to read arbitrary files. |