Ruby on Rails has released version 8.0.2.1 to address two critical security vulnerabilities. The updates include a fix for the RecordNotFound error, which was triggered by calling inspect on IDs, and the removal of dangerous transformations within Active Storage.

Summary of Changes:

- Active Support: No modifications made.
- Active Model: No modifications made.
- Active Record:
- Fixed the RecordNotFound error related to ID inspection (CVE-2025-55193)
- Contributors: Gannon McGibbon, John Hawthorn.
- Action View: No modifications made.
- Action Pack: No modifications made.
- Active Job: No modifications made.
- Action Mailer: No modifications made.
- Action Cable: No modifications made.
- Active Storage:
- Dangerous transformations removed (CVE-2025-24293)
- Contributor: Zack Deveau.
- Action Mailbox: No modifications made.
- Action Text: No modifications made.
- Railties: No modifications made.
- Guides: No modifications made.

Extension:

In addition to addressing the security vulnerabilities, this release emphasizes the ongoing commitment of the Rails community to maintain a secure and robust framework. Given the increasing importance of security in web applications, developers are encouraged to update to this latest version to ensure their applications remain protected against potential threats. The Rails team continues to monitor and respond to security concerns, highlighting the framework's proactive stance on safeguarding user data and application integrity. Future releases may also focus on additional improvements and features to enhance developer experience and application performance

Ruby on Rails 8.0.2.1 released

Ruby on Rails 8.0.2.1 has been released to address two security issues: the RecordNotFound error by calling inspect on IDs and removing dangerous transformations in Active Storage.

Ruby on Rails 8.0.2.1 released @ Linux Compatible