John Backus

**Name of the Vulnerable Software and Affected Versions** Ruby on Rails versions 4.1.x through 4.1.14, Ruby on Rails versions 4.2.x through 4.2.5, Ruby on Rails versions 5.x through 5.0.0.beta1 **Description** The issue is related to the Active Model component in Ruby on Rails, which supports the use of instance-level writers for class accessors. This allows remote attackers to bypass intended validation steps via crafted parameters. **Recommendations** For Ruby on Rails versions 4.1.x through 4.1.14, update to version 4.1.14.1 or later. For Ruby on Rails versions 4.2.x through 4.2.5, update to version 4.2.5.1 or later. For Ruby on Rails versions 5.x through 5.0.0.beta1, update to version 5.0.0.beta1.1 or later.