Max CVSS 7.5 Min CVSS 6.4 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2013-0156 7.5
active_support/core_ext/hash/conversions.rb in Ruby on Rails before 2.3.15, 3.0.x before 3.0.19, 3.1.x before 3.1.10, and 3.2.x before 3.2.11 does not properly restrict casts of string values, which allows remote attackers to conduct object-injection
13-02-2023 - 00:27 13-01-2013 - 22:55
CVE-2013-0155 6.4
Ruby on Rails 3.0.x before 3.0.19, 3.1.x before 3.1.10, and 3.2.x before 3.2.11 does not properly consider differences in parameter handling between the Active Record component and the JSON implementation, which allows remote attackers to bypass inte
08-08-2019 - 15:42 13-01-2013 - 22:55
Back to Top Mark selected
Back to Top