Never-Ending Support for Rails versions 2.3, 3.2, 4.2, 5.2, and 6.1

Rails NES

Never-Ending Support (NES) for Ruby on Rails from HeroDevs means you can stay secure, compatible, and compliant without migrating away.

Get Pricing

Talk to our Experts

Rails NES

is a secure drop-in replacement for

Rails

and takes just a few minutes to set up.

Step 1

Update your project’s Gemfile

Step 2

Set your token in your project’s local .gemrc file

Step 3

Install & run!

CVE Protection

0 Security Issues Fixed in Rails NES
(and always watching for more)

By purchasing Rails Never-Ending Support from HeroDevs, you’re ensuring that your Rails application stays secure and these vulnerabilities are mitigated. As more CVEs are discovered, you can rest easy knowing HeroDevs has remediated those issues before they’re ever announced publicly.

If you’re currently using Rails in your application’s tech stack, your application is is vulnerable to the CVEs listed below.

Switch to Rails NES in minutes to immediately mitigate these vulnerabilities.

Severity

Technology

Libraries Affected

Category

Version(s) Affected

Published Date

Critical

CVE-2022-30123

Rails

Ruby on Rails Framework

Remote Code Execution

2.2.0.0 - <=2.2.3.0 2.1.0.0 - <=2.1.4.0 2.0.0.0 - <=2.0.9.0

Dec 5, 2022

Critical

CVE-2022-21831

Rails

Ruby on Rails Framework

Remote Code Execution

7.0.0.0 - <= 7.0.2.2 6.1.0.0 - <= 6.1.4.6 6.0.0.0 - <= 6.0.4.6 5.2.0.0 - <= 5.2.6.2

May 26, 2022

Critical

CVE-2020-8165

Rails

Ruby on Rails Framework

Remote Code Execution

6.0.0 - <= 6.0.3.0 5.0.0 - <= 5.2.4.2

Jun 19, 2020

Critical

CVE-2020-8159

Rails

Ruby on Rails Framework

Remote Code Execution

Rails 3.x Rails 2.x Rails > 4.x if using actionpack_page-cache <= 1.2.0

May 12, 2020

Critical

CVE-2019-5420

Rails

Ruby on Rails Framework

Remote Code Execution

6.0.0.0 - <= 6.0.0.beta2 5.2.0.0 - <= 5.2.2.0

Mar 27, 2019

High

CVE-2019-5418

Rails

Ruby on Rails Framework

Information Exposure

6.0.0 - <= 6.0.0.beta2 5.2.0 - <= 5.2.2.0 All of 4.x prior to HeroDevs 4.2 LTS All of 3.x prior to HeroDevs 3.2 LTS All of 2.x prior to HeroDevs 2.3

Mar 27, 2019

Critical

CVE-2013-0277

Rails

Ruby on Rails Framework

Remote Code Execution

3.0.0 - <3.1.0 2.0.0 - <2.3.17

Feb 12, 2013

For more details on CVEs found in end-of-life software, visit our vulnerability directory.

Vulnerability Directory

Report A Vulnerability

What is Never-Ending Support?

Security Fixes

A new version of Rails NES will be released each time we find, validate, and fix a security issue.

Compatibility Fixes

Rails NES ensures that your code continues to work seamlessly even after the software reaches its end of life, maintaining compatibility across all essential platforms and technologies.

SLA Compliance

HeroDevs provides SLAs that ensure compliance by providing incident response and remediation in accordance with industry-standard regulations, including SOC 2, FedRamp, PCI, and HIPAA.

Learn more.

Team of Experts

Rails NES is built with advisement and consultation of core team members from Rails.

Easy to Install

Our simple drop-in replacement means all you have to do is change your npm and rebuild your project. No code changes or find & replace required.

Intellectual Property Protection

Rails NES is not only secure; HeroDevs also offers enterprise-level protection for all products.

Learn more

Why HeroDevs?

Built By Ruby on Rails Experts

Rails experts ensure Rails NES is the same quality you have come to expect when using Ruby on Rails open source projects.

We specifically design our Rails NES product to work seamlessly and is as dependable as the original Rails projects you built your applications on.

We Give Back To Open Source

HeroDevs is deeply committed to the open-source community. We give support through sponsorships, backing core contributors, and funding events that drive the ecosystem forward. Our engagement extends beyond financial contributions, embodying a commitment to the ongoing growth and innovation of open-source software. This holistic support ensures the vitality of the open-source movement, fostering an environment of collaboration and advancement.

Related Products

If you're leveraging this technology, chances are you're also using complementary systems that face similar end-of-life (EOL) challenges.

Explore our related NES products that offer proactive, comprehensive support for your entire tech stack to ensure continuity, security, and innovation across all your essential technologies.

Contact Us

Got questions about Never-Ending Support for your open-source library? We're here to help!

Discover how HeroDevs NES Products can keep your systems secure and compliant.

Learn how our solutions can deliver value to your organization.

Get detailed pricing information tailored to your needs.

Trusted by industry leaders such as

Talk to an Expert

Thank you! Your submission has been received!

Please enter a company email.

By clicking "Accept", you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.

Preferences Reject Accept

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.

Rails NES

Never-Ending Support (NES) for Ruby on Rails from HeroDevs means you can stay secure, compatible, and compliant without migrating away.

Rails NES

is a secure drop-in replacement for

Rails

and takes just a few minutes to set up.

0 Security Issues Fixed in Rails NES(and always watching for more)

What is Never-Ending Support?

Why HeroDevs?

Related Products

Related Blog Posts

Contact Us

0 Security Issues Fixed in Rails NES
(and always watching for more)