Browse all 4 CVE security advisories affecting carrierwaveuploader. AI-powered Chinese analysis, POCs, and references for each vulnerability.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-29034 | CarrierWave's Content-Type allowlist bypass vulnerability which possibly leads to XSS remained — carrierwaveCWE-436 | 6.8 | Medium | 2024-03-24 |
| CVE-2023-49090 | CarrierWave has a content-type allowlist bypass vulnerability, possibly leading to XSS — carrierwaveCWE-79 | 6.8 | Medium | 2023-11-29 |
| CVE-2021-21305 | Code Injection vulnerability in CarrierWave — carrierwaveCWE-74 | 7.4 | High | 2021-02-08 |
| CVE-2021-21288 | Server-side request forgery in CarrierWave — carrierwaveCWE-918 | 4.3 | Medium | 2021-02-08 |
This page lists every published CVE security advisory associated with carrierwaveuploader. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.