CVE-2016-0753 in Ruby on Railsinformación

Resumen (Inglés)

Active Model in Ruby on Rails 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 supports the use of instance-level writers for class accessors, which allows remote attackers to bypass intended validation steps via crafted parameters.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Reservar

2015-12-16

Divulgación

2016-02-15

Estado

Confirmado

Voces

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerabilidad	CWE	Exp	Con	CVE
80683	Ruby on Rails Active Model escalada de privilegios	20	No probado	Arreglo oficial	CVE-2016-0753

Descripción

CPE

CWE

CVSS

Hazañas

Historia

Diferencia

Relacionar

Inteligencia de amenazas

API JSON

API XML

API CSV

Fuentes

MITRE
NVD
CVE Details

◂ AnteriorVisión De ConjuntoPróximo ▸

Interested in the pricing of exploits?

See the underground prices here!