High severity8.1NVD Advisory· Published May 20, 2016· Updated Jun 17, 2026
CVE-2016-3693
CVE-2016-3693
Description
The Safemode gem before 1.2.4 for Ruby, when initialized with a delegate object that is a Rails controller, allows context-dependent attackers to obtain sensitive information via the inspect method.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
safemodeRubyGems | < 1.2.4 | 1.2.4 |
Affected products
2Patches
Vulnerability mechanics
References
10- rubysec.com/advisories/CVE-2016-3693/nvdVendor Advisory
- github.com/advisories/GHSA-c92m-rrrc-q5wfghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2016-3693ghsaADVISORY
- projects.theforeman.org/issues/14635nvdWEB
- rubysec.com/advisories/CVE-2016-3693ghsaWEB
- theforeman.org/security.htmlnvdWEB
- www.openwall.com/lists/oss-security/2016/04/20/8nvdWEB
- access.redhat.com/errata/RHSA-2018:0336nvdWEB
- github.com/svenfuchs/safemode/commit/0f764a1720a3a68fd2842e21377c8bfad6d7126fnvdWEB
- github.com/theforeman/foreman/commit/82f9b93c54f72c5814df6bab7fad057eab65b2f2nvdWEB
News mentions
0No linked articles in our index yet.