CVEDB API - Fast Vulnerability Dashboard

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-21831

A code injection vulnerability exists in the Active Storage >= v5.2.0 that could allow an attacker to execute code via image_processing arguments.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.009

EPSS Ranking 74.2%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 6.8

References

Products affected by CVE-2022-21831

Rubyonrails » Active Storage » Version: Any

cpe:2.3:a:rubyonrails:active_storage:*
Debian » Debian Linux » Version: 10.0

cpe:2.3:o:debian:debian_linux:10.0

Products

Pricing

Contact Us

support@shodan.io

Shodan ® - All rights reserved