Ruby/activejob/5.1.0
Declare job classes that can be run by a variety of queuing backends.
https://rubygems.org/gems/activejob
MIT
1 Security Vulnerabilities
Improper Access Control in activejob
Published date: 2018-12-05T17:24:27Z
CVE: CVE-2018-16476
Links:
- https://nvd.nist.gov/vuln/detail/CVE-2018-16476
- https://github.com/advisories/GHSA-q2qw-rmrh-vv42
- https://access.redhat.com/errata/RHSA-2019:0600
- https://groups.google.com/d/msg/rubyonrails-security/FL4dSdzr2zw/zjKVhF4qBAAJ
- https://weblog.rubyonrails.org/2018/11/27/Rails-4-2-5-0-5-1-5-2-have-been-released/
- https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activejob/CVE-2018-16476.yml
- https://groups.google.com/forum/#!topic/rubyonrails-security/FL4dSdzr2zw
- https://github.com/rails/rails/commit/970b0d754be7c71a760d9b807eea32297fd838e3
A Broken Access Control vulnerability in Active Job versions >= 4.2.0 allows an attacker to craft user input which can cause Active Job to deserialize it using GlobalId and give them access to information that they should not have.
Affected versions:
["5.2.1", "5.2.0", "5.2.1.rc1", "5.1.6", "5.1.5", "5.1.5.rc1", "5.1.4.rc1", "5.1.3", "5.1.3.rc2", "5.1.3.rc1", "5.1.2", "5.1.0", "5.1.4", "5.1.3.rc3", "5.1.2.rc1", "5.1.1", "5.0.7", "5.0.6", "5.0.4", "5.0.3", "5.0.1.rc2", "5.0.0.1", "5.0.6.rc1", "5.0.5", "5.0.5.rc2", "5.0.5.rc1", "5.0.4.rc1", "5.0.2", "5.0.2.rc1", "5.0.1", "5.0.1.rc1", "5.0.0", "4.2.10.rc1", "4.2.9", "4.2.9.rc2", "4.2.8", "4.2.7.1", "4.2.7", "4.2.7.rc1", "4.2.6.rc1", "4.2.5", "4.2.5.rc1", "4.2.4.rc1", "4.2.3.rc1", "4.2.2", "4.2.1.rc3", "4.2.1.rc1", "4.2.0", "4.2.10", "4.2.9.rc1", "4.2.8.rc1", "4.2.6", "4.2.5.2", "4.2.5.1", "4.2.5.rc2", "4.2.4", "4.2.3", "4.2.1", "4.2.1.rc4", "4.2.1.rc2"]
Secure versions:
[0, 4.2.0.beta1, 4.2.0.beta2, 4.2.0.beta3, 4.2.0.beta4, 4.2.0.rc1, 4.2.0.rc2, 4.2.0.rc3, 4.2.11, 4.2.11.1, 4.2.11.2, 4.2.11.3, 5.0.7.1, 5.0.7.2, 5.1.0.beta1, 5.1.0.rc1, 5.1.0.rc2, 5.1.6.1, 5.1.6.2, 5.1.7, 5.1.7.rc1, 5.2.1.1, 5.2.2, 5.2.2.1, 5.2.2.rc1, 5.2.3, 5.2.3.rc1, 5.2.4, 5.2.4.1, 5.2.4.2, 5.2.4.3, 5.2.4.4, 5.2.4.5, 5.2.4.6, 5.2.4.rc1, 5.2.5, 5.2.6, 5.2.6.1, 5.2.6.2, 5.2.6.3, 5.2.7, 5.2.7.1, 5.2.8, 5.2.8.1, 6.0.0, 6.0.0.beta1, 6.0.0.beta2, 6.0.0.beta3, 6.0.0.rc1, 6.0.0.rc2, 6.0.1, 6.0.1.rc1, 6.0.2, 6.0.2.1, 6.0.2.2, 6.0.2.rc1, 6.0.2.rc2, 6.0.3, 6.0.3.1, 6.0.3.2, 6.0.3.3, 6.0.3.4, 6.0.3.5, 6.0.3.6, 6.0.3.7, 6.0.3.rc1, 6.0.4, 6.0.4.1, 6.0.4.2, 6.0.4.3, 6.0.4.4, 6.0.4.5, 6.0.4.6, 6.0.4.7, 6.0.4.8, 6.0.5, 6.0.5.1, 6.0.6, 6.0.6.1, 6.1.0, 6.1.0.rc1, 6.1.0.rc2, 6.1.1, 6.1.2, 6.1.2.1, 6.1.3, 6.1.3.1, 6.1.3.2, 6.1.4, 6.1.4.1, 6.1.4.2, 6.1.4.3, 6.1.4.4, 6.1.4.5, 6.1.4.6, 6.1.4.7, 6.1.5, 6.1.5.1, 6.1.6, 6.1.6.1, 6.1.7, 6.1.7.1, 6.1.7.10, 6.1.7.2, 6.1.7.3, 6.1.7.4, 6.1.7.5, 6.1.7.6, 6.1.7.7, 6.1.7.8, 6.1.7.9, 7.0.0, 7.0.0.alpha1, 7.0.0.alpha2, 7.0.0.rc1, 7.0.0.rc2, 7.0.0.rc3, 7.0.1, 7.0.2, 7.0.2.1, 7.0.2.2, 7.0.2.3, 7.0.2.4, 7.0.3, 7.0.3.1, 7.0.4, 7.0.4.1, 7.0.4.2, 7.0.4.3, 7.0.5, 7.0.5.1, 7.0.6, 7.0.7, 7.0.7.1, 7.0.7.2, 7.0.8, 7.0.8.1, 7.0.8.2, 7.0.8.3, 7.0.8.4, 7.0.8.5, 7.0.8.6, 7.0.8.7, 7.1.0, 7.1.0.beta1, 7.1.0.rc1, 7.1.0.rc2, 7.1.1, 7.1.2, 7.1.3, 7.1.3.1, 7.1.3.2, 7.1.3.3, 7.1.3.4, 7.1.4, 7.1.4.1, 7.1.4.2, 7.1.5, 7.1.5.1, 7.2.0, 7.2.0.beta1, 7.2.0.beta2, 7.2.0.beta3, 7.2.0.rc1, 7.2.1, 7.2.1.1, 7.2.1.2, 7.2.2, 7.2.2.1, 8.0.0, 8.0.0.1, 8.0.0.beta1, 8.0.0.rc1, 8.0.0.rc2, 8.0.1, 8.0.2]
Recommendation:
Update to version 8.0.2.
248 Other Versions
| Version | License | Security | Released | |
|---|---|---|---|---|
| 8.0.2 | MIT | 2025-03-12 - 03:08 | 4 months | |
| 8.0.1 | MIT | 2024-12-13 - 20:02 | 7 months | |
| 8.0.0.1 | MIT | 2024-12-10 - 21:46 | 7 months | |
| 8.0.0 | MIT | 2024-11-07 - 22:30 | 8 months | |
| 8.0.0.rc2 | MIT | 2024-10-30 - 00:31 | 8 months | |
| 8.0.0.rc1 | MIT | 2024-10-19 - 01:43 | 9 months | |
| 8.0.0.beta1 | MIT | 2024-09-26 - 15:05 | 9 months | |
| 7.2.2.1 | MIT | 2024-12-10 - 21:42 | 7 months | |
| 7.2.2 | MIT | 2024-10-31 - 01:47 | 8 months | |
| 7.2.1.2 | MIT | 2024-10-23 - 22:34 | 8 months | |
| 7.2.1.1 | MIT | 2024-10-15 - 20:46 | 9 months | |
| 7.2.1 | MIT | 2024-08-22 - 19:46 | 10 months | |
| 7.2.0 | MIT | 2024-08-09 - 23:27 | 11 months | |
| 7.2.0.rc1 | MIT | 2024-08-06 - 17:01 | 11 months | |
| 7.2.0.beta3 | MIT | 2024-07-11 - 15:20 | 12 months | |
| 7.2.0.beta2 | MIT | 2024-06-04 - 18:14 | about 1 year | |
| 7.2.0.beta1 | MIT | 2024-05-29 - 23:38 | about 1 year | |
| 7.1.5.1 | MIT | 2024-12-10 - 21:27 | 7 months | |
| 7.1.5 | MIT | 2024-10-31 - 01:34 | 8 months | |
| 7.1.4.2 | MIT | 2024-10-23 - 22:29 | 8 months | |
| 7.1.4.1 | MIT | 2024-10-15 - 20:40 | 9 months | |
| 7.1.4 | MIT | 2024-08-22 - 21:27 | 10 months | |
| 7.1.3.4 | MIT | 2024-06-04 - 18:00 | about 1 year | |
| 7.1.3.3 | MIT | 2024-05-16 - 19:22 | about 1 year | |
| 7.1.3.2 | MIT | 2024-02-21 - 21:46 | over 1 year | |
| 7.1.3.1 | MIT | 2024-02-21 - 18:46 | over 1 year | |
| 7.1.3 | MIT | 2024-01-16 - 22:55 | over 1 year | |
| 7.1.2 | MIT | 2023-11-10 - 21:51 | over 1 year | |
| 7.1.1 | MIT | 2023-10-11 - 22:18 | over 1 year | |
| 7.1.0 | MIT | 2023-10-05 - 08:07 | over 1 year | |
| 7.1.0.rc2 | MIT | 2023-10-01 - 22:00 | over 1 year | |
| 7.1.0.rc1 | MIT | 2023-09-27 - 04:02 | almost 2 years | |
| 7.1.0.beta1 | MIT | 2023-09-13 - 00:40 | almost 2 years | |
| 7.0.8.7 | MIT | 2024-12-10 - 21:22 | 7 months | |
| 7.0.8.6 | MIT | 2024-10-23 - 22:23 | 8 months | |
| 7.0.8.5 | MIT | 2024-10-15 - 20:28 | 9 months | |
| 7.0.8.4 | MIT | 2024-06-04 - 17:56 | about 1 year | |
| 7.0.8.3 | MIT | 2024-05-17 - 19:53 | about 1 year | |
| 7.0.8.2 | MIT | 2024-05-16 - 18:58 | about 1 year | |
| 7.0.8.1 | MIT | 2024-02-21 - 18:42 | over 1 year | |
| 7.0.8 | MIT | 2023-09-09 - 19:13 | almost 2 years | |
| 7.0.7.2 | MIT | 2023-08-22 - 20:10 | almost 2 years | |
| 7.0.7.1 | MIT | 2023-08-22 - 17:20 | almost 2 years | |
| 7.0.7 | MIT | 2023-08-09 - 23:57 | almost 2 years | |
| 7.0.6 | MIT | 2023-06-29 - 20:56 | about 2 years | |
| 7.0.5.1 | MIT | 2023-06-26 - 21:42 | about 2 years | |
| 7.0.5 | MIT | 2023-05-24 - 19:12 | about 2 years | |
| 7.0.4.3 | MIT | 2023-03-13 - 18:53 | over 2 years | |
| 7.0.4.2 | MIT | 2023-01-25 - 03:14 | over 2 years | |
| 7.0.4.1 | MIT | 2023-01-17 - 18:55 | over 2 years |