UpgradeRuby.com

The go-to resource for upgrading Ruby, Rails, and your dependencies.

Posts Tagged: crlf-injection

CVE-2008-5189: Ruby on Rails CRLF Injection

A detailed look at CVE-2008-5189, a CRLF injection vulnerability in early versions of Ruby on Rails that enabled HTTP Response Splitting via the redirect_to method.

Mar 16, 2026

ruby-on-railssecuritycvecrlf-injection