Lucene search
CVE-2013-0156
active_support/core_ext/hash/conversions.rb in Ruby on Rails before 2.3.15, 3.0.x before 3.0.19, 3.1.x before 3.1.10, and 3.2.x before 3.2.11 does not properly restrict casts of string values, allowing remote attackers to conduct object-injection attacks and execute arbitrary code or cause a denial of service
Show more
| Reporter | Title | Published | Views | Family All 175 |
|---|---|---|---|---|
 | Ruby on Rails XML Processor YAML Deserialization | 15 Feb 201300:00 | – | saint |
| Ruby on Rails XML Processor YAML Deserialization | 15 Feb 201300:00 | – | saint |
| Ruby on Rails XML Processor YAML Deserialization | 15 Feb 201300:00 | – | saint |
| Ruby on Rails XML Processor YAML Deserialization | 15 Feb 201300:00 | – | saint |
 | actionpack Improper Input Validation vulnerability | 24 Oct 201718:33 | – | osv |
| rails - insufficient input validation | 9 Jan 201300:00 | – | osv |
| OPENSUSE-SU-2024:10188-1 ruby2.2-rubygem-extlib-0.9.16-7.4 on GA media | 15 Jun 202400:00 | – | osv |
| RHSA-2013:0153 Red Hat Security Advisory: Ruby on Rails security update | 15 Sep 202420:31 | – | osv |
| Improper Input Validation in multi_xml | 24 Oct 201718:33 | – | osv |
| HTTParty does not restrict casts of string values | 24 Oct 201718:33 | – | osv |
10
Node
OROROR
Node
10
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo13 Jan 2013 22:55Current
7.1High risk
Vulners AI Score7.1
CVSS27.5
EPSS0.96223