Page 6 of 43 results (0.009 seconds)

CVSS: 5.0EPSS: 0%CPEs: 58EXPL: 0

ActiveRecord in Ruby on Rails before 2.3.17, 3.1.x before 3.1.11, and 3.2.x before 3.2.12 allows remote attackers to bypass the attr_protected protection mechanism and modify protected model attributes via a crafted request. ActiveRecord en Ruby on Rails v3.2.x anteriores a v3.2.12, v3.1.x anteriores a v3.1.11, y v2.3.x anteriores a v2.3.17 permite a atacantes remotos evitar el mecanismo de protección "attr_protected" y modificar el modelo de atributos protegidos a través de una petición hecha a mano. • http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html http://lists.opensuse.org/opensuse-updates/2013-03/msg00048.html http://rhn.redhat.com/errata/RHSA-2013-0686.html http://secunia.com/advisories/52112 http://secunia.com/advisories/52774 http://support.apple.com/kb/HT5784 http://weblog.rubyonrails.org/2013/2/11/SEC-ANN-Rails-3-2-12-3-1-11-and-2-3-17-have-been-released http://www.debian.org/security/2013/dsa-2620 http://www.openwall.com/l • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 10.0EPSS: 11%CPEs: 59EXPL: 0

ActiveRecord in Ruby on Rails before 2.3.17 and 3.x before 3.1.0 allows remote attackers to cause a denial of service or execute arbitrary code via crafted serialized attributes that cause the +serialize+ helper to deserialize arbitrary YAML. Active Record en Ruby on Rails v3.x anteriores a v3.1.0 y v2.3.x anteriores a v2.3.17 permite a atacantes remotos causar una denegación de servicio o ejecución de código arbitrario a través de atributos serializados manipulados que causan al asistente +serialize+ la des-serialización arbitraria del YAML. • http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html http://lists.opensuse.org/opensuse-updates/2013-03/msg00048.html http://secunia.com/advisories/52112 http://securitytracker.com/id?1028109 http://support.apple.com/kb/HT5784 http://weblog.rubyonrails.org/2013/2/11/SEC-ANN-Rails-3-2-12-3-1-11-and-2-3-17-have-been-released http://www.debian.org/security/2013/dsa-2620 http://www.openwall.com/lists/oss-security/2013/02/11/6 http://www.osv •

CVSS: 7.5EPSS: 97%CPEs: 57EXPL: 2

lib/active_support/json/backends/yaml.rb in Ruby on Rails 2.3.x before 2.3.16 and 3.0.x before 3.0.20 does not properly convert JSON data to YAML data for processing by a YAML parser, which allows remote attackers to execute arbitrary code, conduct SQL injection attacks, or bypass authentication via crafted data that triggers unsafe decoding, a different vulnerability than CVE-2013-0156. lib/active_support/json/backends/yaml.rb en Ruby on Rails v2.3.x anterior a v2.3.16 y v3.0.x anterior a v3.0.20 no convierte correctamente los datos de tipo JSON a datos YAML para el procesamiento por el analizador YAML, lo cual permite a atacantes remotos ejecutar código arbitrario, conducir ataques de inyección SQL, o saltare la autentificación a través de la modificación de datos que disparan una descodificación insegura, esta vulnerabilidad es diferente a CVE-2013-0156. • https://www.exploit-db.com/exploits/24434 https://github.com/heroku/heroku-CVE-2013-0333 http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html http://lists.apple.com/archives/security-announce/2013/Mar/msg00002.html http://rhn.redhat.com/errata/RHSA-2013-0201.html http://rhn.redhat.com/errata/RHSA-2013-0202.html http://rhn.redhat.com/errata/RHSA-2013-0203.html http://support.apple.com/kb/HT5784 http://weblog.rubyonrails.org/2013/1/28/Rails-3-0&# • CWE-502: Deserialization of Untrusted Data •

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 2

The Authlogic gem for Ruby on Rails, when used with certain versions before 3.2.10, makes potentially unsafe find_by_id method calls, which might allow remote attackers to conduct CVE-2012-6496 SQL injection attacks via a crafted parameter in environments that have a known secret_token value, as demonstrated by a value contained in secret_token.rb in an open-source product. La gema Authlogic para Ruby on Rails, cuando se utiliza con algunas versiones antes de v3.2.10, hace llamadas al método find_by_id potencialmente inseguras que podría permitir a atacantes remotos realizar ataques de inyección SQL CVE-2012-6496 a través de un parámetro modificado en ambientes que han conocido un valor secret_token, como lo demuestra un valor contenido en secret_token.rb en un producto de código abierto. • http://blog.phusion.nl/2013/01/03/rails-sql-injection-vulnerability-hold-your-horses-here-are-the-facts http://openwall.com/lists/oss-security/2013/01/03/12 http://phenoelit.org/blog/archives/2012/12/21/let_me_github_that_for_you/index.html http://www.securityfocus.com/bid/57084 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 4.3EPSS: 0%CPEs: 142EXPL: 0

Cross-site scripting (XSS) vulnerability in actionpack/lib/action_view/helpers/sanitize_helper.rb in the strip_tags helper in Ruby on Rails before 3.0.17, 3.1.x before 3.1.8, and 3.2.x before 3.2.8 allows remote attackers to inject arbitrary web script or HTML via malformed HTML markup. Cross-site scripting (XSS) en actionpack/lib/action_view/helpers/sanitize_helper.rb en el (helper) strip_tags en Ruby on Rails anterior a v3.0.17, v3.1.x anterior a v3.1.8, y v3.2.x anterio a v3.2.8 permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de código HTML con formato incorrecto. • http://rhn.redhat.com/errata/RHSA-2013-0154.html http://secunia.com/advisories/50694 http://weblog.rubyonrails.org/2012/8/9/ann-rails-3-2-8-has-been-released https://groups.google.com/group/rubyonrails-security/msg/7fbb5392d4d282b5?dmode=source&output=gplain https://access.redhat.com/security/cve/CVE-2012-3465 https://bugzilla.redhat.com/show_bug.cgi?id=847200 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •