The go-to resource for upgrading Ruby, Rails, and your dependencies.
An analysis of CVE-2007-5379, a moderate-severity vulnerability discovered in Ruby on Rails versions prior to 1.2.4, which allowed remote attackers to determine the existence of arbitrary files and read contents of XML files on the server.
Mar 15, 2026