December 2013 Rails Vulnerabilities

Posted about 5 years ago by Vasily

Surprise, new Rails vulnerabilities!

It’s that time of the year again! A handful of Rails vulnerabilities was just published by Aaron Patterson last night. It’s time to upgrade Rails as soon as possible.

The latest versions to upgrade to are: 4.0.2 and 3.2.16. You can read more about them in the official Rails blog.

December 3, 2013 Vulnerabilities

Folks from the National Vulnerability Database haven’t assigned any impact scores to these yet. However, all of these vulnerabilities look pretty severe. Stay safe!

Did you learn about these vulnerabilities from a blog post or your Twitter feed? Sign up with Hakiri and get security updates for your specific versions of Rails via email. We also support a whole bunch of other technologies (such as Apache, Unicorn, Postgres, etc.) and gems.