Vulnerability & Exploit Database

Back to search

FreeBSD: rails -- multiple vulnerabilities (Multiple CVEs)

Severity CVSS Published Added Modified
5 (AV:N/AC:L/Au:N/C:N/I:P/A:N) January 24, 2016 February 03, 2016 October 29, 2017

Available Exploits 

Description

Active Model in Ruby on Rails 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 supports the use of instance-level writers for class accessors, which allows remote attackers to bypass intended validation steps via crafted parameters.

Free Nexpose Download

Discover, prioritize, and remediate security risks today!

 Download now

References

Solution

freebsd-upgrade-package-rubygem-actionpack

Related Vulnerabilities