CVSS: 5.8EPSS: 1%CPEs: 47EXPL: 0CVE-2013-1856 – Gentoo Linux Security Advisory 201412-28
https://notcve.org/view.php?id=CVE-2013-1856
19 Mar 2013 — The ActiveSupport::XmlMini_JDOM backend in lib/active_support/xml_mini/jdom.rb in the Active Support component in Ruby on Rails 3.0.x and 3.1.x before 3.1.12 and 3.2.x before 3.2.13, when JRuby is used, does not properly restrict the capabilities of the XML parser, which allows remote attackers to read arbitrary files or cause a denial of service (resource consumption) via vectors involving (1) an external DTD or (2) an external entity declaration in conjunction with an entity reference. El backend ActiveSu... • http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html • CWE-20: Improper Input Validation •
CVSS: 6.1EPSS: 0%CPEs: 163EXPL: 0CVE-2013-1855 – rubygem-actionpack: css_sanitization: XSS vulnerability in sanitize_css
https://notcve.org/view.php?id=CVE-2013-1855
19 Mar 2013 — The sanitize_css method in lib/action_controller/vendor/html-scanner/html/sanitizer.rb in the Action Pack component in Ruby on Rails before 2.3.18, 3.0.x and 3.1.x before 3.1.12, and 3.2.x before 3.2.13 does not properly handle \n (newline) characters, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via crafted Cascading Style Sheets (CSS) token sequences. El método sanitize_css en lib/action_controller/vendor/html-scanner/html/sanitizer.rb en el componente Action Pa... • http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 163EXPL: 0CVE-2013-1857 – rubygem-actionpack: sanitize_protocol: XSS Vulnerability in the helper of Ruby on Rails
https://notcve.org/view.php?id=CVE-2013-1857
19 Mar 2013 — The sanitize helper in lib/action_controller/vendor/html-scanner/html/sanitizer.rb in the Action Pack component in Ruby on Rails before 2.3.18, 3.0.x and 3.1.x before 3.1.12, and 3.2.x before 3.2.13 does not properly handle encoded : (colon) characters in URLs, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted scheme name, as demonstrated by including a : sequence. El sanitize helper en lib/action_controller/vendor/html-scanner/html/sanitizer.rb en e... • http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 8%CPEs: 62EXPL: 0CVE-2013-1854 – rubygem-activerecord: attribute_dos Symbol DoS vulnerability
https://notcve.org/view.php?id=CVE-2013-1854
19 Mar 2013 — The Active Record component in Ruby on Rails 2.3.x before 2.3.18, 3.1.x before 3.1.12, and 3.2.x before 3.2.13 processes certain queries by converting hash keys to symbols, which allows remote attackers to cause a denial of service via crafted input to a where method. El componente Active Record en Ruby on Rails v2.3.x anterior a v2.3.18, v3.1.x anterior a v3.1.12, y v3.2.x anterior a v3.2.13, procesa determinadas consultas mediante la conversión de los hash de las claves a símbolos, lo que permite a atacan... • http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html • CWE-20: Improper Input Validation CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.5EPSS: 1%CPEs: 58EXPL: 0CVE-2013-0276 – rubygem-activerecord/rubygem-activemodel: circumvention of attr_protected
https://notcve.org/view.php?id=CVE-2013-0276
13 Feb 2013 — ActiveRecord in Ruby on Rails before 2.3.17, 3.1.x before 3.1.11, and 3.2.x before 3.2.12 allows remote attackers to bypass the attr_protected protection mechanism and modify protected model attributes via a crafted request. ActiveRecord en Ruby on Rails v3.2.x anteriores a v3.2.12, v3.1.x anteriores a v3.1.11, y v2.3.x anteriores a v2.3.17 permite a atacantes remotos evitar el mecanismo de protección "attr_protected" y modificar el modelo de atributos protegidos a través de una petición hecha a mano. Multi... • http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 10.0EPSS: 12%CPEs: 59EXPL: 0CVE-2013-0277 – Gentoo Linux Security Advisory 201412-28
https://notcve.org/view.php?id=CVE-2013-0277
13 Feb 2013 — ActiveRecord in Ruby on Rails before 2.3.17 and 3.x before 3.1.0 allows remote attackers to cause a denial of service or execute arbitrary code via crafted serialized attributes that cause the +serialize+ helper to deserialize arbitrary YAML. Active Record en Ruby on Rails v3.x anteriores a v3.1.0 y v2.3.x anteriores a v2.3.17 permite a atacantes remotos causar una denegación de servicio o ejecución de código arbitrario a través de atributos serializados manipulados que causan al asistente +serialize+ la de... • http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html •
CVSS: 9.8EPSS: 97%CPEs: 57EXPL: 3CVE-2013-0333 – Ruby on Rails - JSON Processor YAML Deserialization Code Execution
https://notcve.org/view.php?id=CVE-2013-0333
30 Jan 2013 — lib/active_support/json/backends/yaml.rb in Ruby on Rails 2.3.x before 2.3.16 and 3.0.x before 3.0.20 does not properly convert JSON data to YAML data for processing by a YAML parser, which allows remote attackers to execute arbitrary code, conduct SQL injection attacks, or bypass authentication via crafted data that triggers unsafe decoding, a different vulnerability than CVE-2013-0156. lib/active_support/json/backends/yaml.rb en Ruby on Rails v2.3.x anterior a v2.3.16 y v3.0.x anterior a v3.0.20 no convie... • https://packetstorm.news/files/id/181172 • CWE-502: Deserialization of Untrusted Data •
CVSS: 6.4EPSS: 2%CPEs: 4EXPL: 0CVE-2013-0155 – rubygem-activerecord: Unsafe Query Generation Risk in Ruby on Rails
https://notcve.org/view.php?id=CVE-2013-0155
13 Jan 2013 — Ruby on Rails 3.0.x before 3.0.19, 3.1.x before 3.1.10, and 3.2.x before 3.2.11 does not properly consider differences in parameter handling between the Active Record component and the JSON implementation, which allows remote attackers to bypass intended database-query restrictions and perform NULL checks or trigger missing WHERE clauses via a crafted request, as demonstrated by certain "[nil]" values, a related issue to CVE-2012-2660 and CVE-2012-2694. Ruby on Rails v3.0.x anteior a v3.0.19, v3.1.x anteior... • http://ics-cert.us-cert.gov/advisories/ICSA-13-036-01A • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 96%CPEs: 6EXPL: 11CVE-2013-0156 – Ruby on Rails - Known Secret Session Cookie Remote Code Execution
https://notcve.org/view.php?id=CVE-2013-0156
13 Jan 2013 — active_support/core_ext/hash/conversions.rb in Ruby on Rails before 2.3.15, 3.0.x before 3.0.19, 3.1.x before 3.1.10, and 3.2.x before 3.2.11 does not properly restrict casts of string values, which allows remote attackers to conduct object-injection attacks and execute arbitrary code, or cause a denial of service (memory and CPU consumption) involving nested XML entity references, by leveraging Action Pack support for (1) YAML type conversion or (2) Symbol type conversion. active_support/core_ext/hash/conv... • https://packetstorm.news/files/id/181043 • CWE-20: Improper Input Validation CWE-502: Deserialization of Untrusted Data •
CVSS: 9.8EPSS: 0%CPEs: 84EXPL: 1CVE-2012-6496 – rubygem-activerecord: find_by_* SQL Injection
https://notcve.org/view.php?id=CVE-2012-6496
04 Jan 2013 — SQL injection vulnerability in the Active Record component in Ruby on Rails before 3.0.18, 3.1.x before 3.1.9, and 3.2.x before 3.2.10 allows remote attackers to execute arbitrary SQL commands via a crafted request that leverages incorrect behavior of dynamic finders in applications that can use unexpected data types in certain find_by_ method calls. Vulnerabilidad de inyección SQL en el componente Active Record en Ruby on Rails antes de v3.0.18, v3.1.x antes de v3.1.9, y v3.2.x antes de v3.2.10, permite a ... • http://blog.phusion.nl/2013/01/03/rails-sql-injection-vulnerability-hold-your-horses-here-are-the-facts • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •