FAIL › dossier
Dossier not yet built — the RAG curator builds one for players with ≥2 failure events (factory/dossier.py). The failure history and sentiment below are live.
| Date | Event | Sev | Flags | Shame | Summary |
|---|---|---|---|---|---|
| 2025-07-07 | CVE-2019-5418 | high | ⌖KEV | 50 | Rails Ruby on Rails contains a path traversal vulnerability in Action View. Specially crafted accept headers in combination with calls to `render file:` can cause arbitrary files on the target server to be rendered, disclosing the file contents. |
| 2022-03-25 | CVE-2016-0752 | high | ⌖KEV | 50 | Directory traversal vulnerability in Action View in Ruby on Rails allows remote attackers to read arbitrary files. |
| 2022-03-25 | CVE-2014-0130 | high | ⌖KEV | 50 | Directory traversal vulnerability in actionpack/lib/abstract_controller/base.rb in the implicit-render implementation in Ruby on Rails allows remote attackers to read arbitrary files via a crafted request. |