2 matches found
rubygem-actionpack: possible strong parameters bypass
A flaw was found in rubygem-actionpack. Untrusted hashes of data is possible for values of each, eachvalue, and eachpair which can lead to cases of user supplied information being leaked from Strong Parameters. Applications that use these hashes may inadvertently use untrusted user input. The...
CVE-2020-8164
A flaw was found in rubygem-actionpack. Untrusted hashes of data is possible for values of each, eachvalue, and eachpair which can lead to cases of user supplied information being leaked from Strong Parameters. Applications that use these hashes may inadvertently use untrusted user input. The...