The CERT-FR reports multiple vulnerabilities in Ruby on Rails versions 7.0.x earlier than 7
0.8.5, 7.1.x earlier than 7.1.4.1, 7.2.x earlier than 7.2.1.1, and versions earlier than 6.1.7.9, which could enable a remote attacker to cause a denial of service. Fixes can be obtained by referring to the vendor's security bulletins listed in the documentation section, with detailed CVE references provided for each vulnerability. https://www.cert.ssi.gouv.fr/avis/CERTFR-2024-AVI-0889/