The go-to resource for upgrading Ruby, Rails, and your dependencies.
An analysis of CVE-2008-7310, a mass assignment vulnerability in early versions of the Spree e-commerce framework for Ruby on Rails that allowed attackers to bypass the payment process.
Mar 16, 2026