Описание
Unspecified vulnerability in the "dependency resolution mechanism" in Ruby on Rails 1.1.0 through 1.1.5 allows remote attackers to execute arbitrary Ruby code via a URL that is not properly handled in the routing code, which leads to a denial of service (application hang) or "data loss," a different vulnerability than CVE-2006-4111.
Ссылки
- PatchVendor Advisory
- Vendor Advisory
- Vendor Advisory
- Patch
- PatchVendor Advisory
- PatchUS Government Resource
- Patch
- PatchVendor Advisory
- Vendor Advisory
- Vendor Advisory
- Patch
- PatchVendor Advisory
- PatchUS Government Resource
Уязвимые конфигурации
Одно из
EPSS
7.5 High
CVSS2
Дефекты
Связанные уязвимости
Unspecified vulnerability in the "dependency resolution mechanism" in Ruby on Rails 1.1.0 through 1.1.5 allows remote attackers to execute arbitrary Ruby code via a URL that is not properly handled in the routing code, which leads to a denial of service (application hang) or "data loss," a different vulnerability than CVE-2006-4111.
Unspecified vulnerability in the "dependency resolution mechanism" in ...
EPSS
7.5 High
CVSS2