Nixpkgs security tracker

Login with GitHub

⚠️ You are using a production deployment that is still only suitable for demo purposes. Any work done in this might be wiped later without notice.

Suggestion detail

Untriaged

Permalink CVE-2011-1497

created 1 month, 3 weeks ago

A cross-site scripting vulnerability flaw was found in the auto_link …

A cross-site scripting vulnerability flaw was found in the auto_link function in Rails before version 3.0.6.

References

https://www.openwall.com/lists/oss-security/2011/04/06/13 x_refsource_MISC
https://github.com/rails/rails/blob/38df020c95beca7e12f0188cb7e18f3c37789e20/ac… x_refsource_MISC
https://www.openwall.com/lists/oss-security/2011/04/06/13 x_transferredx_refsource_MISC
https://github.com/rails/rails/blob/38df020c95beca7e12f0188cb7e18f3c37789e20/ac… x_transferredx_refsource_MISC
https://www.openwall.com/lists/oss-security/2011/04/06/13 x_refsource_MISC
https://github.com/rails/rails/blob/38df020c95beca7e12f0188cb7e18f3c37789e20/ac… x_refsource_MISC
https://www.openwall.com/lists/oss-security/2011/04/06/13 x_transferredx_refsource_MISC
https://github.com/rails/rails/blob/38df020c95beca7e12f0188cb7e18f3c37789e20/ac… x_transferredx_refsource_MISC
https://www.openwall.com/lists/oss-security/2011/04/06/13 x_refsource_MISC
https://github.com/rails/rails/blob/38df020c95beca7e12f0188cb7e18f3c37789e20/ac… x_refsource_MISC
https://www.openwall.com/lists/oss-security/2011/04/06/13 x_transferredx_refsource_MISC
https://github.com/rails/rails/blob/38df020c95beca7e12f0188cb7e18f3c37789e20/ac… x_transferredx_refsource_MISC

Affected products

rails

==rails 3.0.6

Matching in nixpkgs

pkgs.grails

Full stack, web application framework for the JVM

nixos-unstable 7.0.0-M3
- nixpkgs-unstable 7.0.0-M3
- nixos-unstable-small 7.0.0-M3
nixos-25.11 7.0.0-M3
- nixos-25.11-small 7.0.0-M3
- nixpkgs-25.11-darwin 7.0.0-M3

pkgs.rails-new

Generate new Rails applications without having to install Ruby

nixos-unstable 0.5.0
- nixpkgs-unstable 0.5.0
- nixos-unstable-small 0.5.0
nixos-25.11 0.5.0
- nixos-25.11-small 0.5.0
- nixpkgs-25.11-darwin 0.5.0

pkgs.rubyPackages.rails

None

nixos-unstable 7.2.3
- nixpkgs-unstable 7.2.3
- nixos-unstable-small 7.2.3
nixos-25.11 7.2.3
- nixos-25.11-small 7.2.3
- nixpkgs-25.11-darwin 7.2.3

pkgs.rubyPackages_3_1.rails

None

pkgs.rubyPackages_3_2.rails

None

pkgs.rubyPackages_3_3.rails

None

nixos-unstable 7.2.3
- nixpkgs-unstable 7.2.3
- nixos-unstable-small 7.2.3
nixos-25.11 7.2.3
- nixos-25.11-small 7.2.3
- nixpkgs-25.11-darwin 7.2.3

pkgs.rubyPackages_3_4.rails

None

nixos-unstable 7.2.3
- nixpkgs-unstable 7.2.3
- nixos-unstable-small 7.2.3
nixos-25.11 7.2.3
- nixos-25.11-small 7.2.3
- nixpkgs-25.11-darwin 7.2.3

pkgs.rubyPackages_4_0.rails

None

nixos-unstable 7.2.3
- nixpkgs-unstable 7.2.3
- nixos-unstable-small 7.2.3
nixos-25.11 7.2.3
- nixos-25.11-small 7.2.3
- nixpkgs-25.11-darwin 7.2.3

pkgs.hyprlandPlugins.hyprtrails

Hyprland smooth trails behind moving windows plugin

nixos-unstable 0.53.0
- nixpkgs-unstable 0.53.0
- nixos-unstable-small 0.53.0
nixos-25.11 0.52.0
- nixos-25.11-small 0.52.0
- nixpkgs-25.11-darwin 0.52.0

pkgs.rubyPackages.rails-dom-testing

None

nixos-unstable 2.3.0
- nixpkgs-unstable 2.3.0
- nixos-unstable-small 2.3.0
nixos-25.11 2.3.0
- nixos-25.11-small 2.3.0
- nixpkgs-25.11-darwin 2.3.0

pkgs.rubyPackages.rails-html-sanitizer

None

nixos-unstable 1.6.2
- nixpkgs-unstable 1.6.2
- nixos-unstable-small 1.6.2
nixos-25.11 1.6.2
- nixos-25.11-small 1.6.2
- nixpkgs-25.11-darwin 1.6.2

pkgs.rubyPackages_3_1.rails-dom-testing

None

pkgs.rubyPackages_3_2.rails-dom-testing

None

pkgs.rubyPackages_3_3.rails-dom-testing

None

nixos-unstable 2.3.0
- nixpkgs-unstable 2.3.0
- nixos-unstable-small 2.3.0
nixos-25.11 2.3.0
- nixos-25.11-small 2.3.0
- nixpkgs-25.11-darwin 2.3.0

pkgs.rubyPackages_3_4.rails-dom-testing

None

nixos-unstable 2.3.0
- nixpkgs-unstable 2.3.0
- nixos-unstable-small 2.3.0
nixos-25.11 2.3.0
- nixos-25.11-small 2.3.0
- nixpkgs-25.11-darwin 2.3.0

pkgs.rubyPackages_4_0.rails-dom-testing

None

nixos-unstable 2.3.0
- nixpkgs-unstable 2.3.0
- nixos-unstable-small 2.3.0
nixos-25.11 2.3.0
- nixos-25.11-small 2.3.0
- nixpkgs-25.11-darwin 2.3.0

pkgs.rubyPackages_3_1.rails-html-sanitizer

None

pkgs.rubyPackages_3_2.rails-html-sanitizer

None

pkgs.rubyPackages_3_3.rails-html-sanitizer

None

nixos-unstable 1.6.2
- nixpkgs-unstable 1.6.2
- nixos-unstable-small 1.6.2
nixos-25.11 1.6.2
- nixos-25.11-small 1.6.2
- nixpkgs-25.11-darwin 1.6.2

pkgs.rubyPackages_3_4.rails-html-sanitizer

None

nixos-unstable 1.6.2
- nixpkgs-unstable 1.6.2
- nixos-unstable-small 1.6.2
nixos-25.11 1.6.2
- nixos-25.11-small 1.6.2
- nixpkgs-25.11-darwin 1.6.2

pkgs.rubyPackages_4_0.rails-html-sanitizer

None

nixos-unstable 1.6.2
- nixpkgs-unstable 1.6.2
- nixos-unstable-small 1.6.2
nixos-25.11 1.6.2
- nixos-25.11-small 1.6.2
- nixpkgs-25.11-darwin 1.6.2

Package maintainers

@bjornfor Bjørn Forsman <bjorn.forsman@gmail.com>
@johnrtitor Masum Reza <masumrezarock100@gmail.com>
@donovanglover Donovan Glover
@NotAShelf NotAShelf <raf@notashelf.dev>
@khaneliman Austin Horstman <khaneliman12@gmail.com>
@fufexan Fufezan Mihai <fufexan@protonmail.com>
@coat Kent Smith <kentsmith@gmail.com>