rpm package
opensuse/rubygem-extlib&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/rubygem-extlib&distro=openSUSE%20Tumbleweed
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2013-0156 | — | < 0.9.16-7.4 | 0.9.16-7.4 | Jan 13, 2013 | active_support/core_ext/hash/conversions.rb in Ruby on Rails before 2.3.15, 3.0.x before 3.0.19, 3.1.x before 3.1.10, and 3.2.x before 3.2.11 does not properly restrict casts of string values, which allows remote attackers to conduct object-injection attacks and execute arbitrary |
- CVE-2013-0156Jan 13, 2013affected < 0.9.16-7.4fixed 0.9.16-7.4
active_support/core_ext/hash/conversions.rb in Ruby on Rails before 2.3.15, 3.0.x before 3.0.19, 3.1.x before 3.1.10, and 3.2.x before 3.2.11 does not properly restrict casts of string values, which allows remote attackers to conduct object-injection attacks and execute arbitrary