vulnerability

SUSE: CVE-2016-0753: SUSE Linux Security Advisory

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:N/AC:L/Au:N/C:N/I:P/A:N)	Feb 11, 2016	Feb 11, 2016	Feb 4, 2022

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:P/A:N)

Published

Feb 11, 2016

Added

Feb 11, 2016

Modified

Feb 4, 2022

Description

Active Model in Ruby on Rails 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 supports the use of instance-level writers for class accessors, which allows remote attackers to bypass intended validation steps via crafted parameters.

Solution

suse-upgrade-portus

References

SUSE-SUSE-SU-2016:0432-1
SUSE-SUSE-SU-2016:0435-1
SUSE-SUSE-SU-2016:0458-1
SUSE-SUSE-SU-2016:0597-1
SUSE-SUSE-SU-2016:0598-1
SUSE-SUSE-SU-2016:0600-1
SUSE-SUSE-SU-2016:1146-1
DEBIAN-DLA-498-1
DEBIAN-DLA-641-1
DEBIAN-DLA-642-1
DEBIAN-DSA-3464
NVD-CVE-2016-0753

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today