Risk Scores
EPSS Score
0.52%
66.5th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu | Ubuntu Linux | |
| IBM | IBM License Metric Tool | |
| Open Source | Open Source Ruby on Rails <7.2.1.1 | |
| Open Source | Open Source Ruby on Rails <6.1.7.9 | |
| SUSE | SUSE Linux | |
| Debian | Debian Linux | |
| SUSE | SUSE openSUSE | |
| Open Source | Open Source Ruby on Rails <7.1.4.1 | |
| Open Source | Open Source Ruby on Rails <7.0.8.5 | |
| Open Source | Open Source Ruby on Rails <8.0.0.beta1 |
Timeline
- CVE Published
- Jan 21, 1970 Security Advisory
- Oct 16, 2024 Coalition ESS Score
- Oct 17, 2024 EPSS Score
- Oct 18, 2024 Coalition ESS Score
- Nov 4, 2024 EPSS Score
- Nov 22, 2024 EPSS Score
- Nov 28, 2024 PoC Published
- Dec 11, 2024 EPSS Score
- Dec 29, 2024 EPSS Score
- Jan 16, 2025 EPSS Score
- Feb 3, 2025 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3205.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3205 advisory
- https://rubyonrails.org/2024/10/15/Rails-Versions-7-0-8-5-7-1-4-1-and-7-2-1-1-have-been-released advisory
- https://discuss.rubyonrails.org/t/cve-2024-47887-possible-redos-vulnerability-in-http-token-authentication-in-action-controller/87698 advisory
- https://discuss.rubyonrails.org/t/cve-2024-41128-possible-redos-vulnerability-in-query-parameter-filtering-in-action-dispatch/87699 advisory
- https://discuss.rubyonrails.org/t/cve-2024-47888-possible-redos-vulnerability-in-plain-text-for-blockquote-node-in-action-text/87696 advisory
- https://discuss.rubyonrails.org/t/cve-2024-47889-possible-redos-vulnerability-in-block-format-in-action-mailer/87695 advisory
- https://lists.suse.com/pipermail/sle-security-updates/2024-November/019753.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2024-November/019752.html advisory
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/2ZXD3WUVCXVEO5FFUTSYTZJ7QX6AZ2IV/ advisory
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/E5RFF3ZIT4H2PQE3C2J6GEEUHXNGWLFM/ advisory
- https://www.ibm.com/support/pages/node/7178365 advisory
- https://ubuntu.com/security/notices/USN-7290-1 advisory
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/4B3C7EQABILQDJAY4PQHNY5OARLFZ6WA/ advisory
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/3C5WPU2RXUSPKAI3EANLIGCY34ZDBZ4Y/ advisory
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/XJHTNJXYCEBS7N5NPJTMRZTDIN52UBE4/ advisory
- https://lists.debian.org/debian-lts-announce/2025/11/msg00026.html advisory