[CVE-2015-3225] Potential Denial of Service Vulnerability in Rack https://groups.google.com/d/msg/rubyonrails-security/gcUbICUmKMc/qiCotVZwXrMJ
[CVE-2015-1840] CSRF Vulnerability in jquery-ujs and jquery-rails https://groups.google.com/d/msg/rubyonrails-security/XIZPbobuwaY/fqnzzpuOlA4J
[CVE-2015-3226] XSS Vulnerability in ActiveSupport::JSON.encode https://groups.google.com/d/msg/rubyonrails-security/7VlB_pck3hU/3QZrGIaQW6cJ
[CVE-2015-3224] IP whitelist bypass in Web Console