CVE-2013-1800

🗓️ 09 Apr 2013 20:01:55Reported by [email protected]Type

The crack gem for Ruby 0.3.1 and earlier allows remote code execution and denial of service via YAML and Symbol type conversio

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 178
Prion	Type confusion	9 Apr 201320:55	–	prion
Prion	Type confusion	13 Jan 201322:55	–	prion
Prion	Type confusion	9 Apr 201320:55	–	prion
Prion	Sql injection	30 Jan 201312:00	–	prion
Prion	Type confusion	9 Apr 201320:55	–	prion
Prion	Design/Logic Flaw	9 Apr 201320:55	–	prion
Prion	Type confusion	25 Apr 201323:55	–	prion
OSV	crack does not properly restrict casts of string values	24 Oct 201718:33	–	osv
OSV	actionpack Improper Input Validation vulnerability	24 Oct 201718:33	–	osv
OSV	OPENSUSE-SU-2024:10188-1 ruby2.2-rubygem-extlib-0.9.16-7.4 on GA media	15 Jun 202400:00	–	osv

Nvd

Node

john_nunemaker crackRange≤0.3.1

john_nunemaker crackMatch0.1.8

john_nunemaker crackMatch0.2.0

john_nunemaker crackMatch0.3.0

Source	Link
bugzilla	www.bugzilla.novell.com/show_bug.cgi
github	www.github.com/jnunemaker/crack/commit/e3da1212a1f84a898ee3601336d1dbbf118fb5f6
secunia	www.secunia.com/advisories/52897
lists	www.lists.opensuse.org/opensuse-security-announce/2013-04/msg00003.html
support	www.support.cloud.engineyard.com/entries/22915701-january-14-2013-security-vulnerabilities-httparty-extlib-crack-nori-update-these-gems-immediately
bugzilla	www.bugzilla.redhat.com/show_bug.cgi

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

09 Apr 2013 20:55Current

7.1High risk

Vulners AI Score7.1

CVSS27.5

EPSS0.93121

CWE-264