logo
DATABASE RESOURCES PRICING ABOUT US

CVE-2020-8163

Description

The is a code injection vulnerability in versions of Rails prior to 5.0.1 that wouldallow an attacker who controlled the `locals` argument of a `render` call to perform a RCE.


Affected Package


OS OS Version Package Name Package Version
Debian 12 rails 2:6.1.4.7+dfsg-2
Debian 11 rails 2:6.0.3.7+dfsg-2
Debian 10 rails 2:5.2.2.1+dfsg-1+deb10u3
Debian 999 rails 2:6.1.4.7+dfsg-2
Debian 9 rails 2:4.2.7.1-1+deb9u2

Related