| Max CVSS | 5.0 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2018-16477 | 4.3 |
A bypass vulnerability in Active Storage >= 5.2.0 for Google Cloud Storage and Disk services allow an attacker to modify the `content-disposition` and `content-type` parameters which can be used in with HTML files and have them executed inline. Addit
|
09-10-2019 - 23:36 | 30-11-2018 - 19:29 | |
| CVE-2018-16476 | 5.0 |
A Broken Access Control vulnerability in Active Job versions >= 4.2.0 allows an attacker to craft user input which can cause Active Job to deserialize it using GlobalId and give them access to information that they should not have. This vulnerability
|
09-10-2019 - 23:36 | 30-11-2018 - 19:29 |