What the vulnerability does

01Description

A denial of service vulnerability exists in Rails <6.0.3.2 that allowed an untrusted user to run any pending migrations on a Rails app running in production.

Key dates

02Disclosure timeline

July 2, 2020 CVE published
August 4, 2024 Record updated