Debian: Rails Severe Command Manipulation DSA-6090-2 CVE-2025-24294
Dec21
Multiple security issues were discovered in the Rails web framework which could result in command injection or logging of unescaped ANSI sequences. For the oldstable distribution (bookworm), these problems have been fixed in version 2:6.1.7.10+dfsg-1~deb12u2.