PT-2025-33109 · Ruby On Rails+1 · Active Storage+1
Published
2025-01-01
·
Updated
2026-01-30
·
CVE-2025-24293
CVSS v4.0
9.2
Critical
| Vector | AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
Name of the Vulnerable Software and Affected Versions:
Active Storage versions 5.2.0 through 8.0.2.1
Description:
Active Storage allows the use of potentially unsafe image transformation methods and parameters by default. This can lead to command injection vulnerabilities when arbitrary user-supplied input is accepted as valid transformation methods or parameters. Vulnerable code may resemble the following:
<%= image tag blob.variant(params[:t] => params[:v]) %>, where the transformation method or its arguments are untrusted arbitrary input.Recommendations:
Active Storage versions 5.2.0 through 7.1.5.1 should be upgraded.
Active Storage versions 5.2.0 through 7.2.2.1 should be upgraded.
Active Storage versions 5.2.0 through 8.0.2.0 should be upgraded.
Strict validation of user-supplied methods and parameters should be performed.
A strong ImageMagick security policy should be deployed.
Exploit
Fix
RCE
Command Injection
Code Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Active Storage
Debian