CVSS: 5.3EPSS: 0%CPEs: 86EXPL: 0CVE-2015-7577 – rubygem-activerecord: Nested attributes rejection proc bypass in Active Record
https://notcve.org/view.php?id=CVE-2015-7577
activerecord/lib/active_record/nested_attributes.rb in Active Record in Ruby on Rails 3.1.x and 3.2.x before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 does not properly implement a certain destroy option, which allows remote attackers to bypass intended change restrictions by leveraging use of the nested attributes feature. activerecord/lib/active_record/nested_attributes.rb en Active Record en Ruby on Rails 3.1.x y 3.2.x en versiones anteriores a 3.2.22.1, 4.0.x y 4.1.x en versiones anteriores a 4.1.14.1, 4.2.x en versiones anteriores a 4.2.5.1 y 5.x en versiones anteriores a 5.0.0.beta1.1 no implementa adecuadamente una cierta opción de destruir, lo que permite a atacantes remotos eludir restricciones destinadas al cambio mediante el aprovechamiento del uso de la funcionalidad de atributos anidados. A flaw was found in the Active Record component's handling of nested attributes in combination with the destroy flag. An attacker could possibly use this flaw to set attributes to invalid values or clear all attributes. • http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178041.html http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178065.html http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00053.html http://lists.opensuse.org/opensuse-updates/2016-02/msg00034.html http://lists.opensuse.org/opensuse-updates/2016-02/msg00043.html http://rhn.redhat.com/errata/RHSA-2016-0296.html http://www.debian.org/security/2016/dsa-3464 http://www.openwall.com/lists/ • CWE-284: Improper Access Control •
CVSS: 7.5EPSS: 2%CPEs: 41EXPL: 0CVE-2015-7581 – rubygem-actionpack: Object leak vulnerability for wildcard controller routes in Action Pack
https://notcve.org/view.php?id=CVE-2015-7581
actionpack/lib/action_dispatch/routing/route_set.rb in Action Pack in Ruby on Rails 4.x before 4.2.5.1 and 5.x before 5.0.0.beta1.1 allows remote attackers to cause a denial of service (superfluous caching and memory consumption) by leveraging an application's use of a wildcard controller route. actionpack/lib/action_dispatch/routing/route_set.rb en Action Pack en Ruby on Rails 4.x en versiones anteriores a 4.2.5.1 y 5.x en versiones anteriores a 5.0.0.beta1.1 permite a atacantes remotos causar una denegación de servicio (almacenamiento en caché superfluo y consumo de memoria) aprovechando el uso de una ruta de controlador comodín por una aplicación. A flaw was found in the Action Pack component's caching of controller references. An attacker could use this flaw to cause unbounded memory growth, potentially resulting in a denial of service. • http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178043.html http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178067.html http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00053.html http://lists.opensuse.org/opensuse-updates/2016-02/msg00043.html http://rhn.redhat.com/errata/RHSA-2016-0296.html http://www.debian.org/security/2016/dsa-3464 http://www.openwall.com/lists/oss-security/2016/01/25/16 http://www.securityfocus.com/bid&#x • CWE-399: Resource Management Errors CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.5EPSS: 1%CPEs: 68EXPL: 0CVE-2016-0751 – rubygem-actionpack: possible object leak and denial of service attack in Action Pack
https://notcve.org/view.php?id=CVE-2016-0751
actionpack/lib/action_dispatch/http/mime_type.rb in Action Pack in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 does not properly restrict use of the MIME type cache, which allows remote attackers to cause a denial of service (memory consumption) via a crafted HTTP Accept header. actionpack/lib/action_dispatch/http/mime_type.rb en Action Pack en Ruby on Rails en versiones anteriores a 3.2.22.1, 4.0.x y 4.1.x en versiones anteriores a 4.1.14.1, 4.2.x en versiones anteriores a 4.2.5.1 y 5.x en versiones anteriores a 5.0.0.beta1.1 no restringe adecuadamente el uso de la caché de tipo MIME, lo que permite a atacantes remotos causar una denegación de servicio (consumo de memoria) a través de una cabecera HTTP Accept manipulada. A flaw was found in the way the Action Pack component performed MIME type lookups. Since queries were cached in a global cache of MIME types, an attacker could use this flaw to grow the cache indefinitely, potentially resulting in a denial of service. • http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178043.html http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178067.html http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00053.html http://lists.opensuse.org/opensuse-updates/2016-02/msg00034.html http://lists.opensuse.org/opensuse-updates/2016-02/msg00043.html http://rhn.redhat.com/errata/RHSA-2016-0296.html http://www.debian.org/security/2016/dsa-3464 http://www.openwall.com/lists/ • CWE-399: Resource Management Errors CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.5EPSS: 97%CPEs: 52EXPL: 2CVE-2016-0752 – Ruby on Rails Directory Traversal Vulnerability
https://notcve.org/view.php?id=CVE-2016-0752
Directory traversal vulnerability in Action View in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 allows remote attackers to read arbitrary files by leveraging an application's unrestricted use of the render method and providing a .. (dot dot) in a pathname. Vulnerabilidad de salto de directorio en Action View en Ruby on Rails en versiones anteriores a 3.2.22.1, 4.0.x y 4.1.x en versiones anteriores a 4.1.14.1, 4.2.x en versiones anteriores a 4.2.5.1 y 5.x en versiones anteriores a 5.0.0.beta1.1 permite a atacantes remotos leer archivos arbitrarios aprovechando el uso no restringido del método render en una aplicación y proporcionando un .. (punto punto) en un nombre de ruta. A directory traversal flaw was found in the way the Action View component searched for templates for rendering. • https://www.exploit-db.com/exploits/40561 https://github.com/dachidahu/CVE-2016-0752 http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178044.html http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178069.html http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00053.html http://lists.opensuse.org/opensuse-updates/2016-02/msg00034.html http://lists.opensuse.org/opensuse-updates/2016-02/msg00043.html http://rhn.redhat.com/errata/RHSA-2016-0296 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 5.3EPSS: 0%CPEs: 7EXPL: 0CVE-2016-0753 – rubygem-activerecord: possible input validation circumvention in Active Model
https://notcve.org/view.php?id=CVE-2016-0753
Active Model in Ruby on Rails 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 supports the use of instance-level writers for class accessors, which allows remote attackers to bypass intended validation steps via crafted parameters. Active Model en Ruby on Rails 4.1.x en versiones anteriores a 4.1.14.1, 4.2.x en versiones anteriores a 4.2.5.1 y 5.x en versiones anteriores a 5.0.0.beta1.1 soporta el uso de los escritores a nivel de instancia para descriptores de acceso de clase, lo que permite a atacantes remotos eludir los pasos destinados a la validación a través de parámetros manipulados. A flaw was found in the way the Active Model based models processed attributes. An attacker with the ability to pass arbitrary attributes to models could possibly use this flaw to bypass input validation. • http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178041.html http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178043.html http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178047.html http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178065.html http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178066.html http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00053.html http://lists.opensuse.org/opens • CWE-20: Improper Input Validation •