27 matches found
EUVD-2026-2920
Active Job - Object injection security vulnerability...
GHSA-MPWP-4H2M-765C Active Job - Object injection security vulnerability
Active Job vulnerability: An Active Job bug allowed String arguments to be deserialized as if they were Global IDs, an object injection security vulnerability...
Active Job - Object injection security vulnerability
Active Job vulnerability: An Active Job bug allowed String arguments to be deserialized as if they were Global IDs, an object injection security vulnerability...
PT-2026-3335
🟠 Active Job, Deserialization Vulnerability, CVE-2025-45342 Moderate https://t.co/yOvYZevb9c...
Active Job - Object injection security vulnerability
Active Job vulnerability: An Active Job bug allowed String arguments to be deserialized as if they were Global IDs, an object injection security vulnerability...
EUVD-2018-0818
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2018-16476
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A Broken Access Control vulnerability in Active Job versions = 4.2.0 allows an attacker to craft user input which can cause Active Job to deserialize it using...
CVE-2023-46326
ZStack Cloud version 3.10.38 and before allows unauthenticated API access to the list of active job UUIDs and the session ID for each of these. This leads to privilege escalation...
ZStack Security Vulnerabilities
ZStack is an open source IaaS Infrastructure as a Service software designed to automate data centers and manage compute, storage, and network resources through APIs. A security vulnerability exists in ZStack Cloud 3.10.38 and earlier versions that stems from allowing unauthenticated API access to...
CVE-2023-46326
ZStack Cloud version 3.10.38 and before allows unauthenticated API access to the list of active job UUIDs and the session ID for each of these. This leads to privilege escalation...
SUSE CVE-2018-16476
A Broken Access Control vulnerability in Active Job versions = 4.2.0 allows an attacker to craft user input which can cause Active Job to deserialize it using GlobalId and give them access to information that they should not have. This vulnerability has been fixed in versions 4.2.11, 5.0.7.1,...
Improper Access Control in activejob
A Broken Access Control vulnerability in Active Job versions = 4.2.0 allows an attacker to craft user input which can cause Active Job to deserialize it using GlobalId and give them access to information that they should not have...
GHSA-Q2QW-RMRH-VV42 Improper Access Control in activejob
A Broken Access Control vulnerability in Active Job versions = 4.2.0 allows an attacker to craft user input which can cause Active Job to deserialize it using GlobalId and give them access to information that they should not have...
FreeBSD : Rails -- Active Job vulnerability (f96044a2-7df9-414b-9f6b-6e5b85d06c86)
Ruby on Rails blog : Rails 4.2.11, 5.0.7.1, 5.1.6.1 and 5.2.1.1 have been released! These contain the following important security fixes, and it is recommended that users upgrade as soon as possible CVE-2018-16476 Broken Access Control vulnerability in Active Job : Carefully crafted user input ca...
Improper access control
A Broken Access Control vulnerability in Active Job versions = 4.2.0 allows an attacker to craft user input which can cause Active Job to deserialize it using GlobalId and give them access to information that they should not have. This vulnerability has been fixed in versions 4.2.11, 5.0.7.1,...
CVE-2018-16476
A Broken Access Control vulnerability in Active Job versions = 4.2.0 allows an attacker to craft user input which can cause Active Job to deserialize it using GlobalId and give them access to information that they should not have. This vulnerability has been fixed in versions 4.2.11, 5.0.7.1,...
DEBIAN-CVE-2018-16476
A Broken Access Control vulnerability in Active Job versions = 4.2.0 allows an attacker to craft user input which can cause Active Job to deserialize it using GlobalId and give them access to information that they should not have. This vulnerability has been fixed in versions 4.2.11, 5.0.7.1,...
CVE-2018-16476
A Broken Access Control vulnerability in Active Job versions = 4.2.0 allows an attacker to craft user input which can cause Active Job to deserialize it using GlobalId and give them access to information that they should not have. This vulnerability has been fixed in versions 4.2.11, 5.0.7.1,...
CVE-2018-16476
A Broken Access Control vulnerability in Active Job versions = 4.2.0 allows an attacker to craft user input which can cause Active Job to deserialize it using GlobalId and give them access to information that they should not have. This vulnerability has been fixed in versions 4.2.11, 5.0.7.1,...
UBUNTU-CVE-2018-16476
A Broken Access Control vulnerability in Active Job versions = 4.2.0 allows an attacker to craft user input which can cause Active Job to deserialize it using GlobalId and give them access to information that they should not have. This vulnerability has been fixed in versions 4.2.11, 5.0.7.1,...