Oct 15 CVE-2024-47889 (actionmailer): Possible ReDoS vulnerability in block_format in Action Mailer posted in •
Oct 15 CVE-2024-47888 (actiontext): Possible ReDoS vulnerability in plain_text_for_blockquote_node in Action Text posted in •
Oct 15 CVE-2024-47887 (actionpack): Possible ReDoS vulnerability in HTTP Token authentication in Action Controller posted in •
Oct 15 CVE-2024-41128 (actionpack): Possible ReDoS vulnerability in query parameter filtering in Action Dispatch posted in •
Oct 02 CVE-2024-46977 (openc3): OpenC3 Path Traversal via screen controller (`GHSL-2024-127`) posted in •
Oct 02 CVE-2024-43795 (openc3): OpenC3 Cross-site Scripting in Login functionality (`GHSL-2024-128`) posted in •
Oct 01 CVE-2024-41673 (decidim): Decidim has a cross-site scripting vulnerability in the version control page posted in •
Sep 25 GHSA-75j2-9gmc-m855 (camaleon_cms): Camaleon CMS vulnerable to stored XSS through user file upload (GHSL-2024-184) posted in •