Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2013-0233

Опубликовано: 25 апр. 2013
Источник: debian
EPSS Средний

Описание

Devise gem 2.2.x before 2.2.3, 2.1.x before 2.1.3, 2.0.x before 2.0.5, and 1.5.x before 1.5.4 for Ruby, when using certain databases, does not properly perform type conversion when performing database queries, which might allow remote attackers to cause incorrect results to be returned and bypass security checks via unknown vectors, as demonstrated by resetting passwords of arbitrary accounts.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
ruby-devisefixed3.4.1-1package

EPSS

Процентиль: 99%
0.68821
Средний

Связанные уязвимости

ubuntu логотип

CVE-2013-0233

ubuntu
почти 13 лет назад

Devise gem 2.2.x before 2.2.3, 2.1.x before 2.1.3, 2.0.x before 2.0.5, and 1.5.x before 1.5.4 for Ruby, when using certain databases, does not properly perform type conversion when performing database queries, which might allow remote attackers to cause incorrect results to be returned and bypass security checks via unknown vectors, as demonstrated by resetting passwords of arbitrary accounts.

nvd логотип

CVE-2013-0233

nvd
почти 13 лет назад

Devise gem 2.2.x before 2.2.3, 2.1.x before 2.1.3, 2.0.x before 2.0.5, and 1.5.x before 1.5.4 for Ruby, when using certain databases, does not properly perform type conversion when performing database queries, which might allow remote attackers to cause incorrect results to be returned and bypass security checks via unknown vectors, as demonstrated by resetting passwords of arbitrary accounts.

github логотип

GHSA-jxhw-mg8m-2pj8

github
больше 8 лет назад

Devise does not properly perform type conversion when performing database queries

EPSS

Процентиль: 99%
0.68821
Средний