CVE-2025-24293
Publication date 16 September 2025
Last updated 19 September 2025
Ubuntu priority
Status
| Package | Ubuntu Release | Status |
|---|---|---|
| rails | 25.10 questing |
Needs evaluation
|
| 24.04 LTS noble |
Needs evaluation
|
|
| 22.04 LTS jammy |
Needs evaluation
|
|
| 20.04 LTS focal |
Needs evaluation
|
|
| 18.04 LTS bionic |
Needs evaluation
|
|
| 16.04 LTS xenial |
Needs evaluation
|
Notes
seth-arnold
In Oneiric-Saucy, rails package is just for transition; The rails package contains actual code from vivid onward
References
Other references
- https://www.cve.org/CVERecord?id=CVE-2025-24293
- https://github.com/rails/rails/security/advisories/GHSA-r4mg-4433-c7g3
- https://github.com/rails/rails/commit/2d612735ac0d9712fdfffaf80afa627e7295f6ce (v8.0.2.1)
- https://github.com/rails/rails/commit/568c0bc2f1e74c65d150a84b89a080949bf9eb9b (v8.0.2.1)
- https://github.com/rails/rails/commit/fb8f3a18c3d97524c0efc29150d1e5f3162fbb13 (v7.2.2.2)
- https://github.com/rails/rails/commit/6a944ca4805e72050a0fbb1a461534eb760d3202 (v7.2.2.2)
- https://github.com/rails/rails/commit/1b1adf6ee6ca0f3104fcfce79360b2ec1e06a354 (v7.1.5.2)
- https://github.com/rails/rails/commit/3beef20013736fd52c5dcfdf061f7999ba318290 (v7.1.5.2)