6 matches found
EUVD-2019-0660
Malware in sbrugna...
Consul gem insufficient authentication check - Multiple powers in one controller are not always checked correctly
With the consul ruby gem before 1.0.3, if a controller checks multiple powers using :if or :except conditions, these conditions are erroneously applied to all power checks in that controller. This can lead to skipped power checks and hence unauthenticated access to certain controller actions...
CVE-2019-16377
The makandra consul gem through 1.0.2 for Ruby has Incorrect Access Control...
CVE-2019-16377
The makandra consul gem through 1.0.2 for Ruby has Incorrect Access Control...
Improper access control
The makandra consul gem through 1.0.2 for Ruby has Incorrect Access Control...
Consul gem insufficient authentication check - Multiple powers in one controller are not always checked correctly
With the consul ruby gem before 1.0.3, if a controller checks multiple powers using :if or :except conditions, these conditions are erroneously applied to all power checks in that controller. This can lead to skipped power checks and hence unauthenticated access to certain controller actions...