Esparta Mar 23

Impressive work by the Rails team slaying a decent amount of security issues:

CVE-2026-33202
CVE-2026-33195
CVE-2026-33658
CVE-2026-33176
CVE-2026-33174
CVE-2026-33173
CVE-2026-33170
CVE-2026-33169
CVE-2026-33168
CVE-2026-33167

https://discuss.rubyonrails.org/c/security-announcements/9

All of them fixed on the supported branches: Rails 7.2.3.1, Rails 8.0.4.1 and 8.1.2.1

Edit: fix correct 7.x branch
Update : a day later two minor versions were released: rails 8.0.5 and 8.1.3.

https://rubygems.org/gems/rails
~
#Ruby

Security Announcements

In the category we will post all the security advisories for the Rails framework.

Ruby on Rails Discussions
Show threadAdam
@esparta '7.2.3.1'
Mar 24 at 7:38amWeb
Show threadEsparta Mar 27
@adzap ooppps!!
Thanks, I'll fix it.