A deserialization vulnerability in Rails < 5.2.4.3, < 6.0.3.1 allows unmarshalling user objects in MemCacheStore and RedisCacheStore, leading to potential RCE
Reporter | Title | Published | Views | Family All 57 |
---|---|---|---|---|
GithubExploit | Exploit for Deserialization of Untrusted Data in Rubyonrails Rails | 15 Jan 202107:31 | – | githubexploit |
GithubExploit | Exploit for Deserialization of Untrusted Data in Rubyonrails Rails | 20 May 202004:27 | – | githubexploit |
GithubExploit | Exploit for Deserialization of Untrusted Data in Rubyonrails Rails | 15 Jan 202104:40 | – | githubexploit |
GithubExploit | Exploit for Deserialization of Untrusted Data in Rubyonrails Rails | 3 Jan 202121:59 | – | githubexploit |
GithubExploit | Exploit for Deserialization of Untrusted Data in Rubyonrails Rails | 25 Dec 202020:07 | – | githubexploit |
GithubExploit | Exploit for Deserialization of Untrusted Data in Rubyonrails Rails | 14 Feb 202106:57 | – | githubexploit |
UbuntuCve | CVE-2020-8165 | 19 Jun 202000:00 | – | ubuntucve |
Prion | Deserialization of untrusted data | 19 Jun 202018:15 | – | prion |
Veracode | Arbitrary Code Execution | 27 May 202004:08 | – | veracode |
SUSE Linux | Security update for rubygem-activesupport-5_1 (critical) | 17 Oct 202000:00 | – | suse |
OS | OS Version | Architecture | Package | Package Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | rails | 2:5.2.4.3+dfsg-1 | rails_2:5.2.4.3+dfsg-1_all.deb |
Debian | 11 | all | rails | 2:5.2.4.3+dfsg-1 | rails_2:5.2.4.3+dfsg-1_all.deb |
Debian | 999 | all | rails | 2:5.2.4.3+dfsg-1 | rails_2:5.2.4.3+dfsg-1_all.deb |
Debian | 13 | all | rails | 2:5.2.4.3+dfsg-1 | rails_2:5.2.4.3+dfsg-1_all.deb |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo