Lucene search
K

8 matches found

CVE
CVE
added 2013/04/25 11:0 p.m.103 views

CVE-2013-0175

CVE-2013-0175 affects the multi_xml gem (v0.5.2) used by Grape prior to v0.2.6. The vulnerability stems from improper restriction of string casts, allowing remote object-injection and potential code execution, or DoS via nested XML entity refs, leveraging YAML type conversion or Symbol type conve...

7.5CVSS9.7AI score0.03655EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2013/04/25 11:0 p.m.48 views

CVE-2013-0175

multixml gem 0.5.2 for Ruby, as used in Grape before 0.2.6 and possibly other products, does not properly restrict casts of string values, which allows remote attackers to conduct object-injection attacks and execute arbitrary code, or cause a denial of service memory and CPU consumption involvin...

7.2AI score0.03655EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2013/04/25 11:0 p.m.42 views

CVE-2013-0175

multixml gem 0.5.2 for Ruby, as used in Grape before 0.2.6 and possibly other products, does not properly restrict casts of string values, which allows remote attackers to conduct object-injection attacks and execute arbitrary code, or cause a denial of service memory and CPU consumption involvin...

7.5CVSS6.2AI score0.03655EPSS
Exploits0
OpenVAS
OpenVAS
added 2013/01/28 12:0 a.m.26 views

Fedora Update for rubygem-multi_xml FEDORA-2013-0839

Check for the Version of rubygem-multixml OpenVAS Vulnerability Test Fedora Update for rubygem-multixml FEDORA-2013-0839 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modi...

7.5CVSS0.03655EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2013/01/28 12:0 a.m.28 views

Fedora Update for rubygem-multi_xml FEDORA-2013-0808

Check for the Version of rubygem-multixml OpenVAS Vulnerability Test Fedora Update for rubygem-multixml FEDORA-2013-0808 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modi...

7.5CVSS0.03655EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2013/01/28 12:0 a.m.29 views

Fedora 17 : rubygem-multi_xml-0.4.1-4.fc17 (2013-0839)

Fix for CVE-2013-0175. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenable...

7.5CVSS5.4AI score0.03655EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2013/01/28 12:0 a.m.23 views

Fedora Update for rubygem-multi_xml FEDORA-2013-0808

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

7.5CVSS6.6AI score0.03655EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2013/01/28 12:0 a.m.29 views

Fedora Update for rubygem-multi_xml FEDORA-2013-0839

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

7.5CVSS6.6AI score0.03655EPSS
Exploits0References2
Rows per page
Query Builder