Vulnerabilidades en carrierwaveuploader

5 resultados

CVE-2021-21305HIGHCode Injection vulnerability in CarrierWaveEPSS 12.7%CVE-2021-21288MEDIUMServer-side request forgery in CarrierWaveEPSS 1.2%CVE-2023-49090MEDIUMCarrierWave has a content-type allowlist bypass vulnerability, possibly leading to XSSEPSS 0.6%CVE-2024-29034MEDIUMCarrierWave's Content-Type allowlist bypass vulnerability which possibly leads to XSS remainedEPSS 0.4%CVE-2026-44587MEDIUMCarrierWave has a denylisted_content_type bypass via Unescaped Regex MetacharactersEPSS 0.2%