3 matches found
PT-2013-2146
Name of the Vulnerable Software and Affected Versions multi xml gem version 0.5.2 Grape versions prior to 0.2.6 Description The issue allows remote attackers to conduct object-injection attacks and execute arbitrary code, or cause a denial of service involving nested XML entity references. This c...
DEBIAN-CVE-2013-1802
The extlib gem 0.9.15 and earlier for Ruby does not properly restrict casts of string values, which might allow remote attackers to conduct object-injection attacks and execute arbitrary code, or cause a denial of service memory and CPU consumption by leveraging Action Pack support for 1 YAML typ...
CVE-2013-1802
The extlib gem 0.9.15 and earlier for Ruby does not properly restrict casts of string values, which might allow remote attackers to conduct object-injection attacks and execute arbitrary code, or cause a denial of service memory and CPU consumption by leveraging Action Pack support for 1 YAML typ...