Ruby/activejob/4.2.6
Declare job classes that can be run by a variety of queuing backends.
https://rubygems.org/gems/activejob
MIT
1 Security Vulnerabilities
Improper Access Control in activejob
Published date: 2018-12-05T17:24:27Z
CVE: CVE-2018-16476
Links:
- https://nvd.nist.gov/vuln/detail/CVE-2018-16476
- https://github.com/advisories/GHSA-q2qw-rmrh-vv42
- https://access.redhat.com/errata/RHSA-2019:0600
- https://groups.google.com/d/msg/rubyonrails-security/FL4dSdzr2zw/zjKVhF4qBAAJ
- https://weblog.rubyonrails.org/2018/11/27/Rails-4-2-5-0-5-1-5-2-have-been-released/
- https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activejob/CVE-2018-16476.yml
- https://groups.google.com/forum/#!topic/rubyonrails-security/FL4dSdzr2zw
- https://github.com/rails/rails/commit/970b0d754be7c71a760d9b807eea32297fd838e3
A Broken Access Control vulnerability in Active Job versions >= 4.2.0 allows an attacker to craft user input which can cause Active Job to deserialize it using GlobalId and give them access to information that they should not have.
Affected versions:
["5.2.1", "5.2.0", "5.2.1.rc1", "5.1.6", "5.1.5", "5.1.5.rc1", "5.1.4.rc1", "5.1.3", "5.1.3.rc2", "5.1.3.rc1", "5.1.2", "5.1.0", "5.1.4", "5.1.3.rc3", "5.1.2.rc1", "5.1.1", "5.0.7", "5.0.6", "5.0.4", "5.0.3", "5.0.1.rc2", "5.0.0.1", "5.0.6.rc1", "5.0.5", "5.0.5.rc2", "5.0.5.rc1", "5.0.4.rc1", "5.0.2", "5.0.2.rc1", "5.0.1", "5.0.1.rc1", "5.0.0", "4.2.10.rc1", "4.2.9", "4.2.9.rc2", "4.2.8", "4.2.7.1", "4.2.7", "4.2.7.rc1", "4.2.6.rc1", "4.2.5", "4.2.5.rc1", "4.2.4.rc1", "4.2.3.rc1", "4.2.2", "4.2.1.rc3", "4.2.1.rc1", "4.2.0", "4.2.10", "4.2.9.rc1", "4.2.8.rc1", "4.2.6", "4.2.5.2", "4.2.5.1", "4.2.5.rc2", "4.2.4", "4.2.3", "4.2.1", "4.2.1.rc4", "4.2.1.rc2"]
Secure versions:
[0, 4.2.0.beta1, 4.2.0.beta2, 4.2.0.beta3, 4.2.0.beta4, 4.2.0.rc1, 4.2.0.rc2, 4.2.0.rc3, 4.2.11, 4.2.11.1, 4.2.11.2, 4.2.11.3, 5.0.7.1, 5.0.7.2, 5.1.0.beta1, 5.1.0.rc1, 5.1.0.rc2, 5.1.6.1, 5.1.6.2, 5.1.7, 5.1.7.rc1, 5.2.1.1, 5.2.2, 5.2.2.1, 5.2.2.rc1, 5.2.3, 5.2.3.rc1, 5.2.4, 5.2.4.1, 5.2.4.2, 5.2.4.3, 5.2.4.4, 5.2.4.5, 5.2.4.6, 5.2.4.rc1, 5.2.5, 5.2.6, 5.2.6.1, 5.2.6.2, 5.2.6.3, 5.2.7, 5.2.7.1, 5.2.8, 5.2.8.1, 6.0.0, 6.0.0.beta1, 6.0.0.beta2, 6.0.0.beta3, 6.0.0.rc1, 6.0.0.rc2, 6.0.1, 6.0.1.rc1, 6.0.2, 6.0.2.1, 6.0.2.2, 6.0.2.rc1, 6.0.2.rc2, 6.0.3, 6.0.3.1, 6.0.3.2, 6.0.3.3, 6.0.3.4, 6.0.3.5, 6.0.3.6, 6.0.3.7, 6.0.3.rc1, 6.0.4, 6.0.4.1, 6.0.4.2, 6.0.4.3, 6.0.4.4, 6.0.4.5, 6.0.4.6, 6.0.4.7, 6.0.4.8, 6.0.5, 6.0.5.1, 6.0.6, 6.0.6.1, 6.1.0, 6.1.0.rc1, 6.1.0.rc2, 6.1.1, 6.1.2, 6.1.2.1, 6.1.3, 6.1.3.1, 6.1.3.2, 6.1.4, 6.1.4.1, 6.1.4.2, 6.1.4.3, 6.1.4.4, 6.1.4.5, 6.1.4.6, 6.1.4.7, 6.1.5, 6.1.5.1, 6.1.6, 6.1.6.1, 6.1.7, 6.1.7.1, 6.1.7.10, 6.1.7.2, 6.1.7.3, 6.1.7.4, 6.1.7.5, 6.1.7.6, 6.1.7.7, 6.1.7.8, 6.1.7.9, 7.0.0, 7.0.0.alpha1, 7.0.0.alpha2, 7.0.0.rc1, 7.0.0.rc2, 7.0.0.rc3, 7.0.1, 7.0.2, 7.0.2.1, 7.0.2.2, 7.0.2.3, 7.0.2.4, 7.0.3, 7.0.3.1, 7.0.4, 7.0.4.1, 7.0.4.2, 7.0.4.3, 7.0.5, 7.0.5.1, 7.0.6, 7.0.7, 7.0.7.1, 7.0.7.2, 7.0.8, 7.0.8.1, 7.0.8.2, 7.0.8.3, 7.0.8.4, 7.0.8.5, 7.0.8.6, 7.0.8.7, 7.1.0, 7.1.0.beta1, 7.1.0.rc1, 7.1.0.rc2, 7.1.1, 7.1.2, 7.1.3, 7.1.3.1, 7.1.3.2, 7.1.3.3, 7.1.3.4, 7.1.4, 7.1.4.1, 7.1.4.2, 7.1.5, 7.1.5.1, 7.2.0, 7.2.0.beta1, 7.2.0.beta2, 7.2.0.beta3, 7.2.0.rc1, 7.2.1, 7.2.1.1, 7.2.1.2, 7.2.2, 7.2.2.1, 8.0.0, 8.0.0.1, 8.0.0.beta1, 8.0.0.rc1, 8.0.0.rc2, 8.0.1, 8.0.2]
Recommendation:
Update to version 8.0.2.
248 Other Versions
| Version | License | Security | Released | |
|---|---|---|---|---|
| 6.0.5 | MIT | 2022-05-09 - 13:50 | about 3 years | |
| 6.0.4.8 | MIT | 2022-04-26 - 19:27 | about 3 years | |
| 6.0.4.7 | MIT | 2022-03-08 - 17:47 | over 3 years | |
| 6.0.4.6 | MIT | 2022-02-11 - 19:39 | over 3 years | |
| 6.0.4.5 | MIT | 2022-02-11 - 18:24 | over 3 years | |
| 6.0.4.4 | MIT | 2021-12-15 - 22:46 | over 3 years | |
| 6.0.4.3 | MIT | 2021-12-14 - 23:00 | over 3 years | |
| 6.0.4.2 | MIT | 2021-12-14 - 20:10 | over 3 years | |
| 6.0.4.1 | MIT | 2021-08-19 - 16:22 | almost 4 years | |
| 6.0.4 | MIT | 2021-06-15 - 20:17 | about 4 years | |
| 6.0.3.7 | MIT | 2021-05-05 - 16:01 | about 4 years | |
| 6.0.3.6 | MIT | 2021-03-26 - 17:32 | over 4 years | |
| 6.0.3.5 | MIT | 2021-02-10 - 20:39 | over 4 years | |
| 6.0.3.4 | MIT | 2020-10-07 - 16:50 | over 4 years | |
| 6.0.3.3 | MIT | 2020-09-09 - 18:24 | almost 5 years | |
| 6.0.3.2 | MIT | 2020-06-17 - 14:54 | about 5 years | |
| 6.0.3.1 | MIT | 2020-05-18 - 15:47 | about 5 years | |
| 6.0.3 | MIT | 2020-05-06 - 18:04 | about 5 years | |
| 6.0.3.rc1 | MIT | 2020-05-01 - 17:18 | about 5 years | |
| 6.0.2.2 | MIT | 2020-03-19 - 16:43 | over 5 years | |
| 6.0.2.1 | MIT | 2019-12-18 - 19:08 | over 5 years | |
| 6.0.2 | MIT | 2019-12-13 - 18:20 | over 5 years | |
| 6.0.2.rc2 | MIT | 2019-12-09 - 16:12 | over 5 years | |
| 6.0.2.rc1 | MIT | 2019-11-27 - 15:12 | over 5 years | |
| 6.0.1 | MIT | 2019-11-05 - 14:39 | over 5 years | |
| 6.0.1.rc1 | MIT | 2019-10-31 - 20:05 | over 5 years | |
| 6.0.0 | MIT | 2019-08-16 - 18:00 | almost 6 years | |
| 6.0.0.rc2 | MIT | 2019-07-22 - 21:10 | almost 6 years | |
| 6.0.0.rc1 | MIT | 2019-04-24 - 18:51 | about 6 years | |
| 6.0.0.beta3 | MIT | 2019-03-13 - 17:02 | over 6 years | |
| 6.0.0.beta2 | MIT | 2019-02-25 - 22:45 | over 6 years | |
| 6.0.0.beta1 | MIT | 2019-01-18 - 20:46 | over 6 years | |
| 5.2.8.1 | MIT | 2022-07-12 - 17:26 | almost 3 years | |
| 5.2.8 | MIT | 2022-05-09 - 13:58 | about 3 years | |
| 5.2.7.1 | MIT | 2022-04-26 - 19:23 | about 3 years | |
| 5.2.7 | MIT | 2022-03-11 - 00:00 | over 3 years | |
| 5.2.6.3 | MIT | 2022-03-08 - 17:45 | over 3 years | |
| 5.2.6.2 | MIT | 2022-02-11 - 19:37 | over 3 years | |
| 5.2.6.1 | MIT | 2022-02-11 - 18:44 | over 3 years | |
| 5.2.6 | MIT | 2021-05-05 - 17:08 | about 4 years | |
| 5.2.5 | MIT | 2021-03-26 - 17:20 | over 4 years | |
| 5.2.4.6 | MIT | 2021-05-05 - 15:29 | about 4 years | |
| 5.2.4.5 | MIT | 2021-02-10 - 20:35 | over 4 years | |
| 5.2.4.4 | MIT | 2020-09-09 - 18:36 | almost 5 years | |
| 5.2.4.3 | MIT | 2020-05-18 - 15:42 | about 5 years | |
| 5.2.4.2 | MIT | 2020-03-19 - 16:37 | over 5 years | |
| 5.2.4.1 | MIT | 2019-12-18 - 19:02 | over 5 years | |
| 5.2.4 | MIT | 2019-11-27 - 15:46 | over 5 years | |
| 5.2.4.rc1 | MIT | 2019-11-23 - 00:28 | over 5 years | |
| 5.2.3 | MIT | 2019-03-28 - 03:02 | over 6 years |