Lucene search
K
GitlabRecent

1518 matches found

GitLab Advisory Database
GitLab Advisory Database
•added 2013/03/19 12:0 a.m.•35 views

Symbol DoS vulnerability in Active Record

When a hash is provided as the find value for a query, the keys of the hash may be converted to symbols. Carefully crafted requests can coerce params:name to return a hash, and the keys to that hash may be converted to symbols. All users running an affected release should either upgrade or use on...

5CVSS2.1AI score0.03438EPSS
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2013/02/25 12:0 a.m.•18 views

SQL Injection

ActiveRecord-JDBC-Adapter AR-JDBC contains a flaw that may allow carrying out an SQL injection attack. The issue is due to the sql.gsub function in lib/arjdbc/jdbc/adapter.rb not properly sanitizing user-supplied input before using it in SQL queries. This may allow a remote attacker to inject or...

3.6AI score
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2013/02/12 12:0 a.m.•33 views

Serialized Attributes YAML Vulnerability with Rails 2.3 and 3.0

There is a vulnerability in the serialized attribute handling code in Ruby on Rails, applications which allow users to directly assign to the serialized fields in their models are at risk of Denial of Service or Remote Code Execution vulnerabilities...

10CVSS5.8AI score0.07497EPSS
Exploits1References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2013/02/12 12:0 a.m.•40 views

Circumvention of attr_protected

The attrprotected method allows developers to specify a denylist of model attributes which users should not be allowed to assign to. By using a specially crafted request, attackers could circumvent this protection and alter values that were meant to be protected...

4.3CVSS5.9AI score0.0246EPSS
Exploits1References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2013/02/12 12:0 a.m.•44 views

Circumvention of attr_protected

The attrprotected method allows developers to exclude model attributes which users should not be allowed to assign to. By using a specially crafted request, attackers could circumvent this protection and alter values that were meant to be protected...

4.3CVSS5.9AI score0.0246EPSS
Exploits1References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2013/01/30 12:0 a.m.•44 views

Vulnerability in JSON Parser in Ruby on Rails 3.0 and 2.3

There is a vulnerability in the JSON code for Ruby on Rails which allows attackers to bypass authentication systems, inject arbitrary SQL, inject and execute arbitrary code, or perform a DoS attack on a Rails application...

7.5CVSS6AI score0.98582EPSS
Exploits7References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2013/01/13 12:0 a.m.•64 views

Unsafe Query Generation Risk in Ruby on Rails

Due to the way Active Record interprets parameters in combination with the way that JSON parameters are parsed, it is possible for an attacker to issue unexpected database queries with "IS NULL" or empty where clauses. This issue does not let an attacker insert arbitrary values into an SQL query,...

6.4CVSS2.5AI score0.08245EPSS
Exploits1References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2013/01/13 12:0 a.m.•46 views

Multiple vulnerabilities in parameter parsing in Action Pack

There are multiple weaknesses in the parameter parsing code for Ruby on Rails which allows attackers to bypass authentication systems, inject arbitrary SQL, inject and execute arbitrary code, or perform a DoS attack on a Rails application...

7.5CVSS6AI score0.99449EPSS
Exploits21References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2012/08/10 12:0 a.m.•40 views

Ruby on Rails Potential XSS Vulnerability in select_tag prompt

When a value for the prompt field is supplied to the selecttag helper, the value is not escaped. If untrusted data is not escaped, and is supplied as the prompt value, there is a potential for XSS attacks...

4.3CVSS1.6AI score0.01306EPSS
Exploits1References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2012/08/10 12:0 a.m.•48 views

Potential XSS Vulnerability in Ruby on Rails

The HTML escaping code in Ruby on Rails does not escape all potentially dangerous characters. In particular the code does not escape the single quote character. The helpers used in Rails itself never use single quotes, so most applications are unlikely to be vulnerable, however all users running ...

4.3CVSS1.6AI score0.02568EPSS
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2012/06/22 12:0 a.m.•49 views

SQL injection vulnerability in Active Record

Due to the way Active Record handles nested query parameters, an attacker can use a specially crafted request to inject some forms of SQL into your application's SQL queries...

5CVSS4AI score0.04174EPSS
Exploits2References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2012/06/22 12:0 a.m.•44 views

SQL Injection

Ruby on Rails contains a flaw related to the way ActiveRecord handles parameters in conjunction with the way Rack parses query parameters. This issue may allow an attacker to inject arbitrary IS NULL clauses in to application SQL queries. This may also allow an attacker to have the SQL query chec...

6.4CVSS4.5AI score0.046EPSS
Exploits1References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2012/03/13 12:0 a.m.•41 views

Direct Manipulation XSS

Ruby on Rails contains a flaw that allows a remote cross-site scripting XSS attack. This flaw exists because the application does not validate direct manipulations of SafeBuffer objects via '' and other methods. This may allow a user to create a specially crafted request that would execute...

4.3CVSS3.2AI score0.02137EPSS
Exploits0References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2012/03/13 12:0 a.m.•33 views

XSS via posted select tag options

Ruby on Rails is vulnerable to remote cross-site scripting because the application does not validate manually generated select tag options upon submission to actionpack/lib/actionview/helpers/formoptionshelper.rb. This may allow a user to create a specially crafted request that would execute...

4.3CVSS2.7AI score0.02504EPSS
Exploits0References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2011/11/28 12:0 a.m.•39 views

Translate helper method which may allow an attacker to insert arbitrary code into a page

The helper method for i18n translations has a convention whereby translations strings with a name ending in 'html' are considered HTML safe. There is also a mechanism for interpolation. It has been discovered that these 'html' strings allow arbitrary values to be contained in the interpolated...

4.3CVSS2.3AI score0.01578EPSS
Exploits0References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2011/08/29 12:0 a.m.•41 views

Response Splitting Vulnerability in Ruby on Rails

A response splitting flaw can allow a remote attacker to inject arbitrary HTTP headers into a response due to insufficient sanitization of the values provided for response content types...

4.3CVSS3.5AI score0.01748EPSS
Exploits0References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2008/10/10 12:0 a.m.•19 views

ActiveRecord Gem :limit / :offset SQL Injection

The issue is due to the program not properly sanitizing user-supplied input related to the :limit and :offset functions. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data...

3.4AI score
Exploits0References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2008/08/15 12:0 a.m.•14 views

Remote code execution and potential Denial of Service Vulnerability

Activeresource contains a format string flaw in the request function of lib/activeresource/connection.rb. The issue is triggered as format string specifiers e.g. %s and %x are not properly sanitized in user-supplied input when passed via the result.code and result.message variables. This may allo...

6.9AI score
Exploits0References2Affected Software1
Total number of security vulnerabilities1518