Kugadziriswa kwekugadzirisa kuRuby paRails 7.0.4.1, 6.1.7.1 uye 6.0.6.1 framework yakabudiswa, kugadzirisa 6 kushaya simba. Kusagadzikana kwakanyanya kwengozi (CVE-2023-22794) kunogona kutungamira mukuitwa kwemirairo yeSQL inotsanangurwa neanorwisa kana uchishandisa data rekunze mumashoko akagadziriswa muActiveRecord. Dambudziko rinokonzerwa nekushaikwa kwekutiza kwakakosha kwemavara akakosha mumashoko asati achengetwa muDBMS.
Kusagadzikana kwechipiri (CVE-2023-22797) kunogona kushandiswa kukuendesa kune mamwe mapeji (kuvhura redirect) kana uchishandisa isina kuvimbiswa data rekunze mune redirect_to handler. Izvo zvakasara zve 4 zvisizvo zvinotungamirira mukuramba kushanda nekuda kwekugadzirwa kwemutoro wakakwirira pahurongwa (kunyanya nekuda kwekugadziriswa kwe data yekunze mukusashanda uye kwenguva refu yekutaura nguva dzose).
Source: opennet.ru