CVE-2020-8165

creationtimestamp| type| source ---|---|--- 2026-02-21 05:21:02+00:00| seen| https://gist.github.com/tu-trinh-scale/43724f4565a68c378a712b69b412cbe1 2026-04-14 10:27:03+00:00| seen| https://gist.github.com/zhaog100/f7442a42e06d52a6f0350990fe3b28f1...

SUSE: Security Advisory (SUSE-SU-2020:3147-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Exploit for Deserialization of Untrusted Data in Rubyonrails Rails

CVE-2020-8165 Demo Yet another demo of CVE-2020-8165, though...

Exploit for Deserialization of Untrusted Data in Rubyonrails Rails

CVE-2020-8165.py A shell for CVE-2020-8...

Exploit for Deserialization of Untrusted Data in Rubyonrails Rails

CVE-2020-8165 Python Exploit This is code to exploit CVE-2020...

Ruby On Rails Remote Code Execution (CVE-2020-8165)

A remote code execution vulnerability exists in Ruby On Rails. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

openSUSE Security Update : rubygem-activesupport-5_1 (openSUSE-2020-1677)

This update for rubygem-activesupport-51 fixes the following issues : - CVE-2020-8165: Fixed deserialization of untrusted data in MemCacheStore potentially resulting in remote code execution bsc1172186 This update was imported from the SUSE:SLE-15:Update update project. C Tenable Network Security...

openSUSE: Security Advisory for rubygem-activesupport-5_1 (openSUSE-SU-2020:1677-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Security update for rubygem-activesupport-5_1 (critical)

openSUSE Security Update: Security update for rubygem-activesupport-51 Announcement ID: openSUSE-SU-2020:1677-1 Rating: critical References: 1172186 Cross-References: CVE-2020-8165 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This...

SUSE-SU-2020:2899-1 Security update for rubygem-activesupport-5_1

This update for rubygem-activesupport-51 fixes the following issues: - CVE-2020-8165: Fixed deserialization of untrusted data in MemCacheStore potentially resulting in remote code execution bsc1172186...

Debian DSA-4766-1 : rails - security update

Multiple security issues were discovered in the Rails web framework which could result in cross-site scripting, information leaks, code execution, cross-site request forgery or bypass of upload limits. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...

[SECURITY] [DSA 4766-1] rails security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4766-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff September 24, 2020 https://www.debian.org/security/faq -...

Debian: Security Advisory (DLA-2282-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ruby on Raily < 5.2.4.3, 6.x < 6.0.3.1 Multiple Vulnerabilities - Linux

Ruby on Rails is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:rubyonrails:rails";...

Debian DLA-2251-1 : rails security update

Two vulnerabilities were found in Ruby on Rails, a MVC ruby-based framework geared for web application development, which could lead to remote code execution and untrusted user input usage, depending on the application. CVE-2020-8164 Strong parameters bypass vector in ActionPack. In some cases us...

CVE-2020-8165

A deserialization of untrusted data vulnernerability exists in rails 5.2.4.3, rails 6.0.3.1 that can allow an attacker to unmarshal user-provided objects in MemCacheStore and RedisCacheStore potentially resulting in an RCE...

[SECURITY] [DLA 2251-1] rails security update

Package : rails Version : 2:4.1.8-1+deb8u7 CVE ID : CVE-2020-8164 CVE-2020-8165 Two vulnerabilities were found in Ruby on Rails, a MVC ruby-based framework geared for web application development, which could lead to remote code execution and untrusted user input usage, depending on the applicatio...

CVE-2020-8165

CVE-2020-8165 is a deserialization of untrusted data vulnerability in Ruby on Rails, affecting Rails versions prior to 5.2.4.3 and 6.0.3.1. It can allow an attacker to unmarshal user-provided objects in MemCacheStore and RedisCacheStore, potentially leading to remote code execution. The issue is ...

CVE-2020-8165

A deserialization of untrusted data vulnernerability exists in rails 5.2.4.3, rails 6.0.3.1 that can allow an attacker to unmarshal user-provided objects in MemCacheStore and RedisCacheStore potentially resulting in an RCE...

FreeBSD : Rails -- multiple vulnerabilities (85fca718-99f6-11ea-bf1d-08002728f74c)

Ruby on Rails blog : Hi everyone! Rails 5.2.4.3 and 6.0.3.1 have been released! These releases contain important security fixes, so please upgrade when you can. Both releases contain the following fixes : CVE-2020-8162: Circumvention of file size limits in ActiveStorage CVE-2020-8164: Possible...