CVE-2024-53847 — Vulnetix

CVE-2024-53847 PUBLISHED

Ruby on Rails ist ein in der Programmiersprache Ruby geschriebenes und quelloffenes Web Application Framework.

EPSS 0.22% · 44.9th percentile

Risk Scores

EPSS Score

0.22%

44.9th percentile

Affected Products

Vendor	Product	Versions
SUSE	SUSE openSUSE
Open Source	Open Source Ruby on Rails <7.2.2.1
Open Source	Open Source Ruby on Rails <7.1.5.1
Debian	Debian Linux
Open Source	Open Source Ruby on Rails <7.0.8.7
Open Source	Open Source Ruby on Rails <8.0.0.1

Exploit Intelligence

CIRCL seen: CVE-2024-53847 (circl-sighting)
https://github.com/basecamp/trix/security/advisories/GHSA-6vx4-v2jw-qwqh (circl)
https://github.com/basecamp/trix/commit/272c7e27e722608732a67108ad3fe7870e233ac8 (circl)
.bundler-audit.yml (github-poc)
.bundler-audit.yml (github-poc)
.bundler-audit.yml (github-poc)
.bundler-audit.yml (github-poc)
.bundler-audit.yml (github-poc)
.bundler-audit.yml (github-poc)
.bundler-audit.yml (github-poc)

…and 113 more exploits

Timeline

Jan 21, 1970 Security Advisory
Dec 9, 2024 CVE Published
Dec 9, 2024 PoC Published
Dec 10, 2024 EPSS Score
Dec 27, 2024 EPSS Score
Jan 13, 2025 EPSS Score
Jan 29, 2025 EPSS Score
Feb 15, 2025 EPSS Score
Mar 4, 2025 EPSS Score
Mar 21, 2025 EPSS Score
Apr 6, 2025 EPSS Score
Apr 23, 2025 EPSS Score

References

…and 2 more

Open in Interactive Console →

$ Console Community · 100/wk Open console ›