Lucene search

CVE-2013-0333

🗓️ 30 Jan 2013 12:08:00Reported by [email protected]Type

Ruby on Rails JSON to YAML conversion vulnerability in versions 2.3.x and 3.0.x allows remote code execution and SQL injectio

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 195
Metasploit	Ruby on Rails JSON Processor YAML Deserialization Scanner	11 Feb 201322:48	–	metasploit
Metasploit	Ruby on Rails JSON Processor YAML Deserialization Code Execution	29 Jan 201303:05	–	metasploit
Metasploit	Ruby on Rails XML Processor YAML Deserialization Code Execution	10 Jan 201305:10	–	metasploit
Metasploit	Ruby on Rails XML Processor YAML Deserialization Scanner	9 Jan 201318:50	–	metasploit
Metasploit	Ruby on Rails Known Secret Session Cookie Remote Code Execution	26 Jul 201318:23	–	metasploit
OSV	activesupport in Rails vulnerable to incorrect data conversion	24 Oct 201718:33	–	osv
OSV	RHSA-2013:0202 Red Hat Security Advisory: rubygem-activesupport security update	15 Sep 202420:33	–	osv
OSV	actionpack Improper Input Validation vulnerability	24 Oct 201718:33	–	osv
OSV	rails - insufficient input validation	9 Jan 201300:00	–	osv
OSV	OPENSUSE-SU-2024:10188-1 ruby2.2-rubygem-extlib-0.9.16-7.4 on GA media	15 Jun 202400:00	–	osv

Nvd

Node

rubyonrails railsMatch2.3.0

rubyonrails railsMatch2.3.1

rubyonrails railsMatch2.3.2

rubyonrails railsMatch2.3.3

rubyonrails railsMatch2.3.4

rubyonrails railsMatch2.3.9

rubyonrails railsMatch2.3.10

rubyonrails railsMatch2.3.11

rubyonrails railsMatch2.3.12

rubyonrails railsMatch2.3.13

rubyonrails railsMatch2.3.14

rubyonrails railsMatch2.3.15

Node

rubyonrails railsMatch3.0.0

rubyonrails railsMatch3.0.0beta

rubyonrails railsMatch3.0.0beta2

rubyonrails railsMatch3.0.0beta3

rubyonrails railsMatch3.0.0beta4

rubyonrails railsMatch3.0.0rc

rubyonrails railsMatch3.0.0rc2

rubyonrails railsMatch3.0.1

rubyonrails railsMatch3.0.1pre

rubyonrails railsMatch3.0.2

rubyonrails railsMatch3.0.2pre

rubyonrails railsMatch3.0.3

rubyonrails railsMatch3.0.4rc1

rubyonrails railsMatch3.0.5

rubyonrails railsMatch3.0.5rc1

rubyonrails railsMatch3.0.6

rubyonrails railsMatch3.0.6rc1

rubyonrails railsMatch3.0.6rc2

rubyonrails railsMatch3.0.7

rubyonrails railsMatch3.0.7rc1

rubyonrails railsMatch3.0.7rc2

rubyonrails railsMatch3.0.8

rubyonrails railsMatch3.0.8rc1

rubyonrails railsMatch3.0.8rc2

rubyonrails railsMatch3.0.8rc3

rubyonrails railsMatch3.0.8rc4

rubyonrails railsMatch3.0.9

rubyonrails railsMatch3.0.9rc1

rubyonrails railsMatch3.0.9rc2

rubyonrails railsMatch3.0.9rc3

rubyonrails railsMatch3.0.9rc4

rubyonrails railsMatch3.0.9rc5

rubyonrails railsMatch3.0.10

rubyonrails railsMatch3.0.10rc1

rubyonrails railsMatch3.0.11

rubyonrails railsMatch3.0.12

rubyonrails railsMatch3.0.12rc1

rubyonrails railsMatch3.0.13

rubyonrails railsMatch3.0.13rc1

rubyonrails railsMatch3.0.14

rubyonrails railsMatch3.0.16

rubyonrails railsMatch3.0.17

rubyonrails railsMatch3.0.18

rubyonrails railsMatch3.0.19

rubyonrails ruby_on_railsMatch3.0.4

Source	Link
lists	www.lists.apple.com/archives/security-announce/2013/Jun/msg00000.html
weblog	www.weblog.rubyonrails.org/2013/1/28/Rails-3-0-20-and-2-3-16-have-been-released/
lists	www.lists.apple.com/archives/security-announce/2013/Mar/msg00002.html
kb	www.kb.cert.org/vuls/id/628463
groups	www.groups.google.com/group/rubyonrails-security/msg/52179af76915e518
rhn	www.rhn.redhat.com/errata/RHSA-2013-0201.html
rhn	www.rhn.redhat.com/errata/RHSA-2013-0203.html
rhn	www.rhn.redhat.com/errata/RHSA-2013-0202.html
puppet	www.puppet.com/security/cve/cve-2013-0333
support	www.support.apple.com/kb/HT5784

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

30 Jan 2013 12:00Current

7.5High risk

Vulners AI Score7.5

CVSS27.5

EPSS0.93121