Lucene search

CVE-2012-2055

🗓️ 05 Apr 2012 14:06:55Reported by mitreType

GitHub Enterprise before 20120304 allows remote attackers to set public_key[user_id] value via modified URL, due to improper hash use for model's attributes, in "mass assignment" vulnerability

Reporter	Title	Published	Views	Family All 3
Prion	Security feature bypass	5 Apr 201214:55	–	prion
Cvelist	CVE-2012-2055	4 Apr 201210:00	–	cvelist
NVD	CVE-2012-2055	5 Apr 201214:55	–	nvd

Nvd

Node

github githubRange<20120304enterprise

Source	Link
lwn	www.lwn.net/Articles/488702/
homakov	www.homakov.blogspot.com/2012/03/how-to.html
exchange	www.exchange.xforce.ibmcloud.com/vulnerabilities/74812
github	www.github.com/blog/1068-public-key-security-vulnerability-and-mitigation

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

05 Apr 2012 14:55Current

7.5High risk

Vulners AI Score7.5

CVSS25

CVSS37.5

EPSS0.00241

CWE-913