VDB
CVE-2024-54133
CVE-2024-54133
PUBLISHED
Ruby on Rails ist ein in der Programmiersprache Ruby geschriebenes und quelloffenes Web Application Framework.
EPSS 0.19% · 40.7th percentile
Risk Scores
EPSS Score
0.19%
40.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Open Source | Open Source Ruby on Rails <7.1.5.1 | |
| Open Source | Open Source Ruby on Rails <7.0.8.7 | |
| Open Source | Open Source Ruby on Rails <7.2.2.1 | |
| Debian | Debian Linux | |
| SUSE | SUSE openSUSE | |
| Open Source | Open Source Ruby on Rails <8.0.0.1 |
Exploit Intelligence
- [CVE-2024-54133] Possible Content Security Policy bypass in Action Dispatch (hackerone)
- [CVE-2024-54133] Possible Content Security Policy bypass in Action Dispatch (hackerone)
- [CVE-2024-54133] Possible Content Security Policy bypass in Action Dispatch (hackerone)
- CIRCL seen: CVE-2024-54133 (circl-sighting)
- CIRCL seen: CVE-2024-54133 (circl-sighting)
- CIRCL seen: CVE-2024-54133 (circl-sighting)
- CIRCL seen: CVE-2024-54133 (circl-sighting)
- https://security.netapp.com/advisory/ntap-20250306-0010/ (circl)
- https://github.com/rails/rails/security/advisories/GHSA-vfm5-rmrh-j26v (circl)
- https://github.com/rails/rails/commit/2e3f41e4538b9ca1044357f6644f037bbb7c6c49 (circl)
…and 138 more exploits
Timeline
- CVE Published
- Jan 21, 1970 Security Advisory
- Dec 10, 2024 PoC Published
- Dec 11, 2024 EPSS Score
- Dec 28, 2024 EPSS Score
- Jan 13, 2025 EPSS Score
- Jan 30, 2025 EPSS Score
- Feb 6, 2025 PoC Published
- Feb 6, 2025 PoC Published
- Feb 16, 2025 EPSS Score
- Mar 5, 2025 EPSS Score
- Mar 8, 2025 Coalition ESS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3665.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3665 advisory
- https://rubyonrails.org/2024/12/10/Rails-Versions-8-0-0-1-7-2-2-1-7-1-5-1-7-0-8-7-have-been-released advisory
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/57WH4TRSAIYG3XFEGCTFYFGT2W7X3QHI/ advisory
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/B26VNHJCTTV4SDWVULMCA5HFYA5FQILE/ advisory
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/WYBFRW6P5ZJ3PZDVWOULBBATCQQTW7R6/ advisory
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/UJTHTQ5QR4QSMGFPEY374EL3USFU3N3T/ advisory
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/O5XHFH7OVM644AQSSFTYM5V776DBN4T4/ advisory
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/H4H3ACOZN6VPYMXICIOB4X7BCOG34REC/ advisory
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/GO4SQCVLXITKR32JMNSPHSKZ4I2H6NKD/ advisory
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/7HZ3DF5OW2OF3ZDQSEJX2YNX7G5FIQ62/ advisory
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/3WQTKVWQA72DJ3WGT3IQU3B3QQIUDFGW/ advisory
- https://lists.debian.org/debian-security-announce/2025/msg00043.html advisory
- https://lists.debian.org/debian-lts-announce/2025/11/msg00026.html advisory
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NBP7BI7LGLA6EHTDHRHS7SJI47OPALVD/ advisory
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/26IIWFPRHHNP4VPXF2WETR4B5LVOZXFF/ advisory
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/CCCBJH52E7S62DXUPZBSZOS2J77HWFBN/ advisory
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/HVQN3RHCEOBO2GFUPRIXXBHDAQP62MEV/ advisory
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/G4NWONIOUALCKTA6GEA3PCAK4YAINBCN/ advisory
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/HXWPYEMUEX4OQYGAJNXCM24JE3IKMVLZ/ advisory
…and 2 more