Ruby On Rails Vulnerabilidad

Cronología

Versión

3.0.016
3.0.114
3.0.214
3.0.314
3.2.713

Contramedidas

Official Fix91
Temporary Fix0
Workaround0
Unavailable1
Not Defined12

Explotabilidad

High10
Functional0
Proof-of-Concept19
Unproven9
Not Defined66

Vector de acceso

Not Defined0
Physical0
Local0
Adjacent0
Network104

Autenticación

Not Defined0
High0
Low5
None99

La interacción del usuario

Not Defined0
Required37
None67

C3BM Index

CVSSv3 Base

≤10
≤20
≤30
≤41
≤518
≤624
≤728
≤824
≤96
≤103

CVSSv3 Temp

≤10
≤20
≤30
≤42
≤521
≤634
≤732
≤89
≤93
≤103

VulDB

≤10
≤20
≤31
≤41
≤520
≤628
≤719
≤828
≤94
≤103

NVD

≤10
≤20
≤30
≤41
≤51
≤65
≤78
≤89
≤95
≤102

CNA

≤10
≤20
≤30
≤41
≤50
≤61
≤70
≤82
≤90
≤100

Proveedor

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Explotar día 0

<1k20
<2k38
<5k45
<10k1
<25k0
<50k0
<100k0
≥100k0

Explotar hoy

<1k104
<2k0
<5k0
<10k0
<25k0
<50k0
<100k0
≥100k0

Explotar el volumen del mercado

🔴 CTI Ocupaciones

Affected Versions (173): 0.6, 0.6.1, 0.6.2, 0.6.3, 0.6.4, 1.0, 1.1, 1.1.1, 1.1.2, 1.1.3, 1.1.4, 1.2, 1.2.1, 1.2.2, 1.2.3, 1.5, 1.5.1, 1.5.2, 1.5.3, 1.6, 1.6.1, 1.7, 1.7.1, 1.7.2, 1.7.3, 1.7.4, 1.7.5, 1.7.6, 2, 2.0.1, 2.3, 2.3.1, 2.3.2, 2.3.3, 2.3.4, 2.3.5, 2.3.6, 2.3.7, 2.3.8, 2.3.9, 2.3.11, 2.3.12, 2.3.13, 2.3.14, 3, 3.0, 3.0.1, 3.0.2, 3.0.3, 3.0.4, 3.0.5, 3.0.6, 3.0.7, 3.0.8, 3.0.9, 3.0.11, 3.0.12, 3.0.13, 3.0.14, 3.0.15, 3.0.16, 3.0.17, 3.0.18, 3.0.19, 3.1, 3.1.1, 3.1.2, 3.1.3, 3.1.4, 3.1.5, 3.1.6, 3.1.7, 3.1.8, 3.2, 3.2.1, 3.2.2, 3.2.3, 3.2.4, 3.2.5, 3.2.6, 3.2.7, 3.2.8, 3.2.9, 3.2.11, 3.2.12, 3.2.13, 3.2.14, 3.2.15, 3.2.16, 3.2.17, 3.2.18, 3.2.22, 3.2.22.1, 3.2.22.2, 4, 4.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.5, 4.0.6, 4.0.7, 4.0.8, 4.1, 4.1.1, 4.1.2, 4.1.3, 4.1.4, 4.1.5, 4.1.6, 4.1.7, 4.1.8, 4.1.9, 4.1.14, 4.1.14.1, 4.2, 4.2.1, 4.2.2, 4.2.3, 4.2.4, 4.2.5, 4.2.6, 4.2.7, 4.2.8, 4.2.9, 4.2.11, 5, 5.0, 5.0.7, 5.0.7.1, 5.1, 5.1.1, 5.1.2, 5.1.3, 5.1.4, 5.1.6, 5.1.6.1, 5.2, 5.2.1, 5.2.2, 5.2.3, 5.2.4, 5.2.4.1, 5.2.4.2, 5.2.4.3, 6, 6.0.0.beta2, 6.0.1, 6.0.2, 6.0.3, 6.0.3.1, 6.0.3.2, 6.1.7, 6.1.7.1, 6.1.7.2, 6.1.7.3, 6.1.7.4, 6.1.7.5, 6.1.7.6, 7, 7.0.1, 7.0.2, 7.0.3, 7.0.4, 7.0.5, 7.0.6, 7.0.7, 7.0.8, 7.1, 7.1.1, 7.1.2, 7.1.3

Tipo de software: Programming Language Software

Fecha de publicaciónBaseTempVulnerabilidad0dayHoyExpConCTICVE
2024-02-275.75.6Ruby on Rails cross site scripting$0-$5k$0-$5kNot DefinedOfficial Fix0.04CVE-2024-26143
2024-02-275.35.2Ruby on Rails Active Storage divulgación de información$0-$5k$0-$5kNot DefinedOfficial Fix0.03CVE-2024-26144
2024-02-276.46.3Ruby on Rails Accept Header denegación de servicio$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2024-26142
2022-10-263.83.8Ruby on Rails _table.html.erb cross site scripting [Disputa]$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2022-3704
2021-10-194.84.7Ruby on Rails auto_link cross site scripting$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2011-1497
2020-09-115.65.0Ruby on Rails Action View cross site scripting$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2020-15169
2020-07-025.45.1Ruby on Rails denegación de servicio$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2020-8185
2020-07-024.34.1Ruby on Rails cross site request forgery$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2020-8166
2020-07-028.07.7Ruby on Rails render escalada de privilegios$0-$5k$0-$5kNot DefinedOfficial Fix0.02CVE-2020-8163
2020-06-195.45.4Ruby on Rails rails-ujs Module cross site request forgery$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2020-8167
2020-06-198.58.2Ruby on Rails MemCacheStore/RedisCacheStore escalada de privilegios$0-$5k$0-$5kNot DefinedOfficial Fix0.02CVE-2020-8165
2020-06-196.46.1Ruby on Rails escalada de privilegios$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2020-8164
2020-06-197.47.1Ruby on Rails ActiveStorage S3 Adapter Remote Code Execution$0-$5k$0-$5kNot DefinedOfficial Fix0.02CVE-2020-8162
2019-11-126.46.4Ruby on Rails Padding cifrado débil$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2010-3299
2019-03-278.58.4Ruby on Rails Development Mode escalada de privilegios$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.04CVE-2019-5420
2019-03-276.46.3Ruby on Rails Action View denegación de servicio$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2019-5419
2019-03-276.45.5Ruby on Rails Action View divulgación de información$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.04CVE-2019-5418
2017-12-296.86.8Ruby on Rails reorder sql injection$0-$5k$0-$5kNot DefinedNot Defined0.04CVE-2017-17920
2017-12-296.86.8Ruby on Rails order sql injection$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2017-17919
2017-12-296.86.8Ruby on Rails where sql injection$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2017-17917
2017-12-296.86.8Ruby on Rails find_by sql injection$0-$5k$0-$5kNot DefinedNot Defined0.04CVE-2017-17916
2016-09-077.57.3Ruby on Rails Action Record Query escalada de privilegios$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2016-6317
2016-09-076.15.9Ruby on Rails Action View cross site scripting$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2016-6316
2016-04-077.37.1Ruby on Rails Action Pack escalada de privilegios$0-$5k$0-$5kHighOfficial Fix0.00CVE-2016-2098
2016-04-075.35.2Ruby on Rails Action View directory traversal$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2016-2097

79 no se muestran más entradas

🔒 Login Required

You need to signup and login to see more of the remaining 79 results.

AnteriorVisión De ConjuntoPróximo

Might our Artificial Intelligence support you?

Check our Alexa App!