Posts Tagged: legacy
-
Automating Security Audits for Legacy Ruby on Rails Codebases
Learn how to automate security audit reports for legacy Rails applications using static analysis tools like Brakeman and Bundler-Audit in your CI/CD pipeline.
-
Understanding CVE-2006-4111: Ruby on Rails LOAD_PATH Remote Code Execution
An analysis of CVE-2006-4111, a high-severity vulnerability in early Ruby on Rails versions that allowed remote code execution via LOAD_PATH manipulation.
-
Understanding and Fixing CVE-2007-3227: The ActiveRecord to_json XSS Vulnerability
A look back at CVE-2007-3227, examining how ActiveRecord's to_json method in early Rails versions could lead to XSS vulnerabilities.
-
Understanding CVE-2007-6183: Format String Vulnerability in Ruby-GNOME2
An analysis of CVE-2007-6183, a format string vulnerability in the GTK2 module of Ruby-GNOME2, and its implications for Ruby native extensions.
-
CVE-2008-2662: Integer Overflows in Ruby's rb_str_buf_append
An analysis of CVE-2008-2662, an integer overflow vulnerability in Ruby's string concatenation.
-
CVE-2008-2663: Ruby Integer Overflows
An analysis of CVE-2008-2663, an integer overflow vulnerability in Ruby 1.8.x's rb_ary_store function that causes buffer overflows during array assignment.
-
CVE-2008-4094: SQL Injection via limit and offset in Ruby on Rails
An in-depth look at CVE-2008-4094, a high-severity SQL injection vulnerability in early Ruby on Rails versions, and the importance of upgrading legacy systems.
-
The Faster vs. Safer Approach to Dual-Booting Legacy Rails Apps
A guide to the trade-offs between speed and safety when implementing a dual-booting strategy for a legacy Ruby on Rails application upgrade.