Lucene search
HackeroneCVELIST:CVE-2022-21831HistoryMay 26, 2022 - 12:00 a.m.
CVE-2022-21831
2022-05-2600:00:00
CWE-94
hackerone
www.cve.org
2
code injection
active storage
vulnerability
image processing
executable code
A code injection vulnerability exists in the Active Storage >= v5.2.0 that could allow an attacker to execute code via image_processing arguments.
CNA Affected
[
{
"vendor": "n/a",
"product": "https://github.com/rails/rails",
"versions": [
{
"version": "7.0.2.3, 6.1.4.7, 6.0.4.7, 5.2.6.3",
"status": "affected"
}
]
}
]Related
hackerone
hackerone
gitlab
gitlab
Duplicate of ./gem/activestorage/CVE-2022-21831.yml
2022-03-08 00:00:00
Improper Control of Generation of Code ('Code Injection')
2022-05-26 00:00:00
osv
osv
Possible code injection vulnerability in Rails / Active Storage
2022-03-08 21:25:54
rails - security update
2022-09-03 00:00:00
rails - security update
2023-03-13 00:00:00
prion
prion
Code injection
2022-05-26 17:15:00
cve
cve
CVE-2022-21831
2022-05-26 17:15:09
ubuntucve
ubuntucve
CVE-2022-21831
2022-05-26 00:00:00
veracode
veracode
Arbitrary Code Injection
2022-03-09 10:16:43
ibm
ibm
nvd
nvd
CVE-2022-21831
2022-05-26 17:15:09
debiancve
debiancve
CVE-2022-21831
2022-05-26 17:15:09
github
github
Possible code injection vulnerability in Rails / Active Storage
2022-03-08 21:25:54
redhatcve
redhatcve
CVE-2022-21831
2022-03-16 13:57:33
rubygems
rubygems
Possible code injection vulnerability in Rails / Active Storage
2022-03-07 21:00:00
nessus
nessus
Debian DLA-3093-1 : rails - LTS security update
2022-09-13 00:00:00
Debian DSA-5372-1 : rails - security update
2023-03-14 00:00:00
openvas
openvas
Debian: Security Advisory (DLA-3093-1)
2022-09-04 00:00:00
Debian: Security Advisory (DSA-5372-1)
2023-03-14 00:00:00
debian
debian
[SECURITY] [DLA 3093-1] rails security update
2022-09-03 11:34:10
[SECURITY] [DSA 5372-1] rails security update
2023-03-13 03:06:47