Lucene search
K

6 matches found

Tenable Nessus
Tenable Nessus
added 2014/09/29 12:0 a.m.25 views

Fedora 20 : rubygem-activerecord-4.0.0-5.fc20 (2014-9706)

Fix CVE-2014-3514: vulnerability in the createwith Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

7.5CVSS5.4AI score0.02797EPSS
Exploits0References3
NVD
NVD
added 2014/08/20 11:17 a.m.29 views

CVE-2014-3514

activerecord/lib/activerecord/relation/querymethods.rb in Active Record in Ruby on Rails 4.0.x before 4.0.9 and 4.1.x before 4.1.5 allows remote attackers to bypass the strong parameters protection mechanism via crafted input to an application that makes createwith calls...

7.5CVSS6.5AI score0.02797EPSS
Exploits0References4
OSV
OSV
added 2014/08/20 11:17 a.m.5 views

CVE-2014-3514

activerecord/lib/activerecord/relation/querymethods.rb in Active Record in Ruby on Rails 4.0.x before 4.0.9 and 4.1.x before 4.1.5 allows remote attackers to bypass the strong parameters protection mechanism via crafted input to an application that makes createwith calls...

6.4AI score
Exploits0References4
Debian CVE
Debian CVE
added 2014/08/20 10:0 a.m.31 views

CVE-2014-3514

activerecord/lib/activerecord/relation/querymethods.rb in Active Record in Ruby on Rails 4.0.x before 4.0.9 and 4.1.x before 4.1.5 allows remote attackers to bypass the strong parameters protection mechanism via crafted input to an application that makes createwith calls...

7.5CVSS6.4AI score0.02797EPSS
Exploits0
CVE
CVE
added 2014/08/20 10:0 a.m.101 views

CVE-2014-3514

The CVE-2014-3514 entry concerns ActiveRecord in Ruby on Rails (Rails 4.0.x prior to 4.0.9 and 4.1.x prior to 4.1.5). The underlying issue is a bypass of strong parameters protection via crafted input to create_with calls, enabling remote attackers to bypass parameter filtering. Documented refere...

7.5CVSS6.5AI score0.02797EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2014/08/20 10:0 a.m.24 views

CVE-2014-3514

activerecord/lib/activerecord/relation/querymethods.rb in Active Record in Ruby on Rails 4.0.x before 4.0.9 and 4.1.x before 4.1.5 allows remote attackers to bypass the strong parameters protection mechanism via crafted input to an application that makes createwith calls...

6.4AI score0.02797EPSS
Exploits0References4
Rows per page
Query Builder