RubyGems package
field_test
pkg:gem/field_test
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-16252 | — | >= 0.2.0, < 0.4.0 | 0.4.0 | Aug 5, 2020 | The Field Test gem 0.2.0 through 0.3.2 for Ruby allows CSRF. | ||
| CVE-2019-13146 | — | >= 0.3.0, < 0.3.1 | 0.3.1 | Jul 9, 2019 | The field_test gem 0.3.0 for Ruby has unvalidated input. A method call that is expected to return a value from a certain set of inputs can be made to return any input, which can be dangerous depending on how applications use it. If an application treats arbitrary variants as trus |
- CVE-2020-16252Aug 5, 2020affected >= 0.2.0, < 0.4.0fixed 0.4.0
The Field Test gem 0.2.0 through 0.3.2 for Ruby allows CSRF.
- CVE-2019-13146Jul 9, 2019affected >= 0.3.0, < 0.3.1fixed 0.3.1
The field_test gem 0.3.0 for Ruby has unvalidated input. A method call that is expected to return a value from a certain set of inputs can be made to return any input, which can be dangerous depending on how applications use it. If an application treats arbitrary variants as trus