CVE-2022-47951 is a vulnerability that was identified on August 1, 2022. This vulnerability affects the popular open-source web application framework Ruby on Rails, versions 4.2.0 and above. The vulnerability allows an attacker to remotely execute arbitrary code on a targeted server by sending a specially crafted request.
When exploited, this vulnerability could allow attackers to completely take over a targeted server and steal sensitive data or disrupt services. The vulnerability was rated as "critical" with a CVSS score of 9.8 out of 10, indicating that it poses a high risk to organizations using the affected software.
The Ruby on Rails development team released a patch for the vulnerability on August 2, 2022, urging users to update their systems immediately. The vulnerability was also assigned the CVE identifier CVE-2022-47951 to help track and reference it in security advisories and patches. Organizations using Ruby on Rails are advised to update their systems as soon as possible to mitigate the risk of exploitation.