CVE-2026-44836
- EPSS 0.34%
- Veröffentlicht 26.05.2026 19:43:58
- Zuletzt bearbeitet 01.06.2026 18:22:32
view_component is a framework for building reusable, testable, and encapsulated view components in Ruby on Rails. From 3.0.0 to 4.9.0, the preview route derives an example name from the URL and calls it with public_send. The code does not verify that...
CVE-2026-44837
- EPSS 0.41%
- Veröffentlicht 26.05.2026 19:40:47
- Zuletzt bearbeitet 02.06.2026 18:43:53
view_component is a framework for building reusable, testable, and encapsulated view components in Ruby on Rails. From 3.0.0 to 4.9.0, the system test entrypoint canonicalizes a user-controlled file path with File.realpath, then checks whether the re...
CVE-2024-21636
- EPSS 0.5%
- Veröffentlicht 04.01.2024 20:15:25
- Zuletzt bearbeitet 21.11.2024 08:54:46
view_component is a framework for building reusable, testable, and encapsulated view components in Ruby on Rails. Versions prior to 3.9.0 and 2.83.0 have a cross-site scripting vulnerability that has the potential to impact anyone rendering a compone...