

Potential Denial of Service Vulnerability in Rack - teeray
https://groups.google.com/forum/#!topic/rubyonrails-security/gcUbICUmKMc

======
teeray
There were also a few other Rails CVEs announced today as well:

CSRF Vulnerability in jquery-ujs / jquery-rails:
[https://groups.google.com/forum/#!topic/rubyonrails-
security...](https://groups.google.com/forum/#!topic/rubyonrails-
security/XIZPbobuwaY)

XSS in ActiveSupport::JSON.encode:
[https://groups.google.com/forum/#!topic/rubyonrails-
security...](https://groups.google.com/forum/#!topic/rubyonrails-
security/7VlB_pck3hU)

IP Whitelist Bypass in Web Console:
[https://groups.google.com/forum/#!topic/rubyonrails-
security...](https://groups.google.com/forum/#!topic/rubyonrails-
security/lzmz9_ijUFw)

